Deep Throat: The Outer Edges

Posted by Krypt3ia on

Jz etgstrj Wtmfvl! X lsg pmj lsgzlv fs!

SOURCES

The FBI surveillance of 2 months of the AP’s phone traffic reminded me much of the heady days when Nixon and Hoover cornered the market on domestic spying. Now this is not to say that I think the current White House administration is in fact as demented about surveillance as Hoover or Nixon but I do think that it has been feeling more insecure about it’s ability to govern the way it wants to because of leaking. Take from that statement what you may but let me further say that once you have the ability to do something you tend to rationalize about doing it if that thing is perceived at all to be wrong. In the case of grabbing two whole months of ALL of the traffic for AP to “investigate” leaks I think the FBI/DOJ/WH et al rationalized quite a bit to just go ahead and do it and the consequences as well as the law be damned.

In a world where Wikileaks has opened up the floodgates to all kinds of materials being leaked whether or not they are relevant to any wrongdoing, I am sure the governments of the world have shifted back to the cold war mentalities of protecting everything they can with classifications and more secrecy. The current environment has the government scared, the advocates rallying, and the leakers becoming more plentiful and the motives for leaking myriad. In many cases though the leak is more motivated by personal gains in esteem by others (perceived) and perhaps even financial at times for those who are getting paid for information. Once in a while though, you get the leak that would seem to be the right thing to do. This is the case where someone leaks the misdeeds of the government or a corporation for the good of the many. Unfortunately though, in the cases of the leaks of late, it has been more a prestige motive or a political motive than outrage at some wrong doing.

Either way however, the leaking seems to have prompted a response on the part of the government that would have been a justified “leak” had someone given it to the media. The wholesale surveillance and fishing expedition on reporters, news services, and in the end, leakers who may or may not have relationships with those reporters. Sources have always been a core to the news business and the constitutional protections on freedom of the press have been an integral part to our democracy. This move by the Obama administration and the DOJ/FBI not only seems to be quite the overreach but also a not so subtle warning to both leakers and the press that they are playing hard ball. It seems that journalism has become just another casualty of the surveillance culture that the government now has it’s finger on and control over.

It is thusly that I bring this topic to the blog in hopes to enlighten the reporters as well as the leakers out there on some OPSEC and Tradecraft that could make their leaking more secure even if the government decides that they should cull all of the media’s access for months if not years. All “sources” out there are now subject to having their anonymity blown by such action as the surveillance of the AP phone logs whether or not they are in fact leaking information that they shouldn’t be according to their employers or governments. If I were a source I would now certainly think twice about giving any information to anyone unless I had taken great pains to insure the transactions are secure if not in person and unseen like in the clip at the top of the page from “All The Presidents Men” Such interactions though all require a certain care that must be learned as they may not come as second nature to many unless you are just a paranoid to begin with. However, there are many technical countermeasures and tricks that one can learn if you look in the right places for the information.

SURVEILLANCE

Surveillance is as old as the hills but now it is augmented by so much digital methodology that it seems rather quaint at times to consider that someone may in fact be following you. Today one can carry out an effective surveillance on an unknowing target by merely booting up a program and connecting to a system that shows you the GPS coordinates of where you are. This is of course so readily available now because we all have taken to having our own personal GPS unit on us at all times in the form of a cell phone. Since we have made it so easy not only with GPS but also tweeting, Facebooking, Tumblr-ing, and generally streaming every second of our lives online (exceedingly poor opsec kids) it is surprising to me at least that we don’t see many more cases in the courts where freely given personal details online were the source of the probable cause to arrest someone if not the actual proof in a case of committing a crime. Basically  we have given up much of our privacy already to little brother and sooner or later BIG BROTHER will re-legislate to allow themselves more access to the same streams. When this happens we need to all worry, but for now they will be happy to just secretly wiretap or to secretly subpoena your records and use them that way.

Still though, there are times when surveillance still means a guy with a camera or a team of people following you around. For those times I suggest that you start to learn countermeasures for surveillance. The book linked is a good start to understand not only surveillance techniques but also the direct actions you can take to defeat it. Of course once again I have to remind you that you need to have good OPSEC (Operational Security) and Tradecraft in the first place (like presence of mind to not have your phone with you and on for a GPS location lock) to also obfuscate your position and prevent being watched. Remember, if you don’t want to be compromised you have to be mindful of the threatscape. This of course also goes for the digital landscape as well, you have to know how to prevent data leakage in order to keep things secret.

TRADECRAFT

So you want to keep things a secret? Well then you have to learn how to take due care in everything you do. If you are looking to compartmentalize your life it can be done but you have to be mindful all the time of making slips that could unravel all your best laid plans. You need to study “Tradecraft” which is an espionage term and is not something that is just picked up, you have to practice it in order for it to work. If you want to leak information or you want to keep a a portion of your life secret then you need to learn from the links below to secure yourself. Online this means doing such simple things as using encryption on emails that you do not want Google or the DOJ to read or by using an encryption product on your phone or your chat sessions. What it comes down to is your security is what you make of it. If you do not do the work then you aren’t secure. Remember that all of your lives now are broadcast through internet, phones, cameras and the like and none of those things do you actually own, you pay for a service and the data you send is not really yours once you hit send in many cases.

What was once thought to be true, primarily that you have privacy in your effects and papers is no longer really the case where digital media is concerned. The courts have taken different approaches and interpretations on “papers and effects” where computers and the internet are concerned. One apt analogy is the old garbage on the sidewalk scenario. Once you put your garbage on the sidewalk for pickup it is no longer considered private. You are basically putting it out there for anyone to grab including the government or LEA’s. The same idea is being floated in the terms and agreements with digital media. If you send an email to someone is it really private? Does the carrier (Google say) have any mandate to consider your data private when it sits on their servers that they “rent” you? It’s their asset right? Unless you take pains to protect that email with encryption then you are just as much putting it on the sidewalk as the garbage according to some interpretations.

Overall, you need not be a leaker to take up these precautions and protect your privacy. This incident with the AP records though only shows you just how far a reach the DOJ is willing to take on records like these. Of course if you have been paying attention over the years since 9/11 you would know that many NSL’s (National Security Letters) were sent to the likes of Google and other places demanding end users records and forbidding the company any redress to tell the end user or to fight the demand because the request was considered “CLASSIFIED” by the government and law enforcement. So, if the government can just do that, classify it, and make it disappear what else are they likely to do when they want to have a looksee at your chat logs huh? The electronic spook genie is out of the bottle and running amok. It’s up to you to prevent it from running rough shod over you.

K.

Reading resources:

TRADECRAFT

OPSEC

CRYPTO

DROPBOXES & DEAD DROPS

COUNTER SURVEILLANCE TECHNIQUES

ENCRYPTED CHAT

BURN PHONES

THE DARK NET

FACE TO FACE MEETING OPERATIONAL SECURITY

TSCM

TOR (THE ONION ROUTER)

I2P (ANONYMOUS PROXY)

IPREDATOR (PROXY)

BURN COMPUTERS/TABLETS

ALTERNATE IDENTITIES AND LEGENDS

BIOMETRIC DEFEATING CLOTHING

CELL BLOCKING BAGS/CONTAINERS

OFF THE RECORD MESSAGING (OTR)

SILENT CIRCLE CELL AND MESSAGING CLIENT

 

The Emperor Is NAKED

Posted by Krypt3ia on

emperornaked

gedh gedh gedh gedh gedh gedh

OMG THE DAM DATA!

Last week a report came out on Wired about how the ACE (Army Corps of Engineers) database was hacked by China and “sensitive” dam data was taken.. By China, let that sink in for a bit as there was no real attribution data in the story. Anyway, aside from the BOOGA BOOGA BOOGA headlines I had to wonder just how hard it was for these “Chinese” hackers to get in and steal the all important super secret DAM data. Given the nature of this type of site and the groups involved in generating, managing, and *cough* protecting it, I had a feeling that it would be rather easy to get the information without having to be uberleet. Sure enough a quick Google Fu session showed me how easy it was to just bypass the login and password scheme as a proof of concept. You can see from the picture at the top of the page that you can just download what you like there (16 meg on dams alone) just by clicking a link on Google and then the link on the page that is not supposed to be served out without authentication.

*I feel so secure now*

So yeah, there you have it and I still cannot understand how the media types paid no attention to my attempts to make them aware of this little factoid. See, here’s the thing kids, I didn’t go any further. Nor did I download the 16 meg file because, well, no one else wants to be Aaron Swartz right? I am sure they could even try to squash my nuts over this post alone but hey, I am sick of the bullshit stories of China hacking our shit when in reality all one need do is GOOGLE the information. This is not to say that this information here is the SAME information that was allegedly stolen by China, but it is a PROOF OF CONCEPT that the site, EVEN TODAY is still insecure and leaking information without authentication!! (yes above pic was taken today via a tor node) So, when I stopped there one has to continue to wonder if you looked further and enumerated more of the site by directory walk could you in fact get even more access?

Feel the derp burn…

OMG CHINA!

Meanwhile back in the hallowed halls of Congress and the Pentagon we have reports coming out in pdf that China is hacking our shit to gain a better “war footing” by taking such data as what this story is all about. DAMS COULD BE BLOWN! WATER COULD LEAK! LIVES LOST! yadda yadda yadda. If you were to take it seriously then one would think that SECOPS demands that this data would be classified and protected per classification. Obviously it wasn’t given the access that you see above as well as the alleged password issue that the hack was allegedly predicated on in the Wired article. But I digress.. I am meaning to talk about China… Yes, so the DOD puts out a report that is subtly saying that no longer are the Chinese only looking to steal IP but now they are looking for ways to stalemate us in war.

*blink*

NO WAY! Like we aren’t doing the same thing everywhere else as well? Derp! Look, it’s only natural that they would be doing so and their doctrine says as much. Just go take a read of their doctrine on all things cybery and you will see that the domination of the infoscape is really important to them. We have only been paying attention for a little while now and we have catching up to do! Alas though, not all roads lead to China so really, I would love to see some attribution on this alleged hack on the dam data when one, once again, could just GOOGLE that shit up. As they say on the internets.. “Pictures or it didn’t happen!”

OMG FAIL!

So here we are again. Our cybers are FAIL and the news media perpetuates more FAIL with their non depth articles on the problem. Maybe China stole some dam data. BIG WHOOP. The real story is that the site that it came from and the people watching it are not paying attention to the cyberz. Their clue phone is broken! They do not know how to “Internet” and it is just another derpy hype cycle in the media that allows China to be blamed for our own stupidity. I swear somewhere there is a Chinese guy laughing like Chumley rolling on the ground over this.

Smell our own fail kids… And weep.

K.

The Stand Alone Complex and Jihad

Posted by Krypt3ia on

SACjihad

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Stand Alone Complexes

I have written in the past about the “Stand Alone Complex” and I have to say that recent events still have me fascinated with the premise. I would say that perhaps the Boston bombing in and of itself shows how the “SAC” applies to jihad and lone wolves once you begin to look at it in that light as well. The Tsarnaev’s (Tamerlan mostly in my assessment) latched on to jihad (literally) only after his personal goals were not attained in boxing and other areas. He then molded his ideals and his aegis for the actions he would take in the bombing to the idea of Islamic Jihad though he had been raised primarily without a strong Muslim background (look at their photos while in Russia, mom is not wearing a hijab as she is now for example) and his profiles online all talked of Westernized goals of money and women. Yet, the global idea of “Jihad” became a lure for Tamerlan and Dzokhar that in the end was the justification for their actions on April 15th 2013. Note that I say it was a justification and not their sole goal here in my opinion. I do not believe that either were that devout just as I do not believe that Dzokhar will continue to be in his 6×6 cell from now on.

Global Jihad

I believe that the specter of global Islamic jihad has become the core of a larger SAC for all of these lone wolves out there. People with mental disorders or needs to believe in something that gravitate to the jihad to fulfill those needs. Remember that this brand of thought is one created or augmented by those who interpret the Koran just as others interpret the Bible as verbatim or an absolute truth. Some of these people who are interpreting these books and beliefs are doing so in a way to put forth their own goals and that is exactly what is happening on the macro and micro levels within the jihad. It is this echo effect that we are now seeing in the franchising of personal jihad as well as institutionalized jihad within the groups out there today such as the Chechen jihad that may or may not have played a part in the Boston incident.

Each jihad has a different bent and each jihadi has a personal bent for what they are doing. A majority may just cite the treatment of Palestinians or some other rubric around the lands of the ummah but for the most part I personally believe that each and every jihad and jihadi have their own reasons and interpretations of the movement that make them wish to join in. It is this personal jihad (which is talked about in and of jihad itself as a personal struggle in some interpretations) that I am focusing in on where it concerns the new wave of the fight.. The Lone Wolf jihad which has been the pivot for Al Qaeda as it has been marginalized by the war on terror. Jihad it seems has been packaged and sold in slick form by AQAP to appeal to those who have not been a part of the struggle in country and who are now being cajoled into taking up the sword by use of propaganda on the weaker minded of us all.

Lone Wolf Jihad

These “Lone Wolves” as they have been dubbed need not be Muslims to start and may as well not have any experience in the Middle East. The Tsarnaev’s had some experience (Tamerlan really) in the old country where the Jihad really came in the form of fighting against the Russians much like the Afghanistani fight that created the Mujahideen. Neither of the boys though really had enough time in country to see much of this fighting and thus were drawn into this web of thinking by imagery and propaganda online that they seemed to be seeking themselves. To date there is no evidence that the boys were supported by or egged on by any jihadi group (Imarat Kavkaz) actively. All of their content was passively passed vis a vis websites and YouTube pages where they had posted their nasheeds, fatwa’s and teachings online.

The same can be seen for the likes of Emerson Begolly who radicalized online and never got to act out his ambitions other than biting a couple of FBI agents when they arrested him. However both of these cases are good examples of “Lone Wolf Jihad” as well as SAC behavior. This is the basis of the idea of an Stand Alone Complex. These people are all unrelated, unaffiliated, and not likely to be acting out of a defined “same” motivations or goals other than some notion of “jihad” but the jihad becomes the appearance of “concerted effort” We are seeing by proxy of Inspire Magazine and other propaganda tools such as the YouTube videos online the movement of a stand alone complex by person(s) known and unknown to effect a goal. This then also plays into the extension of the SAC within the plot line of the series (Ghost In The Shell SAC) where a plotter (Goda) is seeking to make political change by using the idea of the SAC on all appearances while in reality he (in this case AQ directly) is manipulating the players to effect his political goals. In essence within the analogy here AQ is Goda and their enticement and propaganda campaign is not at all dissimilar. They are attempting to incite jihad using disparate players unknown to them with their propaganda tools to ensnare and motivate those willing or unstable enough to act out in furtherance of the global caliphate (ostensibly) or, more to the point, to wreak havoc and fulfill their own bloody desires.

The Media Cycle and Stand Alone Complex Jihad

The media is also playing a large part in this cycle and it should not be overlooked. The global jihad needs a global audience. They already have the internet but now they too also have the media ravening to report on anything they can concerning it. Look at all the media hype that surrounded the events of the Boston bombings and you can see the dynamic at work. It even reached the height of being something that the  bombers themselves reveled in as they carjacked someone’s SUV telling the owner that they were the bombers with pride or seeking recognition. Just as in the SAC on G.I.T.S. the media played a huge roll in the perpetuation of the complex. The laughing man became a zeitgeist or a meme in today’s terminology that perpetuated the SAC and expanded it.

An analogy today for us is the “Free Jahar” movement ongoing online. The coverage also cuts another way where so much has been made to make these two appear to be so well trained and lethal without really attempting to pick apart their ersatz plot for mistakes that it appears to others of a like mind that they were lions instead of inept would be terrorists. They got lucky in reality and the media made them out to be larger than life. Something that is playing right into the hands of the AQAP types who put this notion out there to begin with and what the boys latched on to and used to sow their brand of terror. In short, the media attention and the cycle that is still taking up vast swaths of online news pages copy will only insure that the SAC will only continue on and that those manipulating it (AQ) will re-double their efforts.

Future States

We have seen Anonymous as a form of SAC and now I think we can make a substantial case for the (lone wolf) jihad being one too. If this idea becomes more memetic and resonates with those of a like mind then we will see more of these types of attacks as well as those out there (not only AQ) trying to entice others to action as well. Both online and off I fear that as the media cycle churns on and AQAP comes out with their next triumphal issue of Inspire the reverberations will only geometrically increase. Time will tell as always but as we become more tightly connected through instant media while being closed off and alone at the same time we will allow for festering to begin in those psyches willing to act out. The repercussions of knee jerk reactions as well within the government will also create more fodder for those like minded to find reasons to radicalize too.

One re-enforces the other like ripples in a pond…

K.

The Tsarnaev’s Jihad

Posted by Krypt3ia on

VDAbu

eqldgsclajmkcin

The Tsarnaev History

As you all probably have seen ad-nauseum on the news the history of the Boston Marathon perpetrators has been re-constructed by people who know them and subjected to almost a minute by minute accounting it seems. Yet only now are dribs and drabs coming out through interviews on the news of how devout Tamerlan had become and perhaps how radical he really was. It seems that the boys had hidden well their growing radical beliefs from everyone around them formally but if you paid attention you could see the signs. For all intents and purposes though, the boys seemed to be assimilating (Djokhar more than Tamerlan) to life in the states but once you start prying back the veil you can see much more was going on.

In articles and blog posts throughout the internet a picture is emerging on the boys, their family dynamic which lends to the idea that this family had its share of issues and perhaps a history of unbalanced behavior as well. The mother for example was caught shop lifting $1,600.00 worth of clothing from a Lord & Taylor as well as has been described by others as being a 9/11 “Truther” while the father has been painted as a thug or a tough who also has been called crazy by some. So, you can see that as we go along, like any family they have their foibles. All of this though does not make for a radical jihadi unless you add to this a longing for a history, a kinship to their titular home (Dagestan/Kyrgyzstan/Chechnya) and an increasing feeling of disenfranchisement with their adoptive home.

Suffice to say that the Tsarnaev’s are and were a complex lot and out of all of them given what we know now, the only one who really assimilated seemed to be Djokhar. Sadly though he decided I think, to follow his elder brother into Jihad because of the influence over him that Tamerlan had. However, I could be wrong, perhaps Djokhar always had the seed of jihad within and it only evolved naturally.. Only time will tell once he is no longer sedated and able to answer questions I guess. On the whole though I will say that they hid their tendencies and plans for a long time without anyone being the wiser. Even their online behavior has been hard to prize out and get a clear picture of their plans as well as their involvement in jihad.

Radicalization

As it is coming out in the news these last couple of days it seems that the key to the events that lead up to the bombing was a trip to Russia by Tamerlan in 2011. This trip also kicked off the FSB’s query to the FBI here to look into Tamerlan for what would later be seen as radical beliefs that he indeed did have. The FBI looked into Tamerlan and found nothing at the time but it seems that perhaps even this event in and of itself would lead Tamerlan to carry out the final Boston plan as it held up his petition to become a citizen here. Was that the last straw on the camels back? One really has to wonder about that. Obviously Tamerlan at the very least was becoming radicalized, enough for the FSB to make that call because he had said things in Russia or had been seen colluding with people known to be radical.

Interestingly it wasn’t until after his trip to Moscow that Tamerlan set up the YouTube site and linked to the Dagestani jihad videos and those of the radical Imam. Thus I expect that he came into contact with someone there who had the key to his radical jihadi lock so to speak and opened him up to it all. Just as well he was there for six months and could in fact have had training while he was there in bomb making as evidenced by the pressure cooker bombs they used at the marathon. The question then becomes was he inducted and trained as well as perhaps supported by a jihadist group in Chechnya or Dagestan? This is as yet unclear and the case can be made on both sides that either they did it on their own without training as well as Tamerlan got the training and support by an as yet un-named jihadist faction. My gut is telling me that Tamerlan had at the very least some training while he was in Moscow on bomb prep and tactics before he came back to the US.

Inspired?

An alternate theory is that they were “Inspired” to be lone wolves by Inspire Magazine and other materials out on the internet. While nothing has been said yet of the contents of any hard drives that may have been found at their house, I am going to guess that they may indeed have some Inspire issues there. Djokhar’s laptop took a hit in December of last year so I am not sure if he got a new one after that (assuming yes) so there is likely to be some good data forthcoming from the computer forensics guys at the FBI. Until we get confirmation though that they had these materials it is anyone’s guess as to how they learned their tradecraft other than to say the internet.

The bombings though and the chase that followed has been a real shot in the arm to the AQ jihobbyists online who have been posting congratulations as well as composing nasheeds for the Tsarnaevs. If anything, this incident has inspired the jihobbyists out there and certainly has the AQ/AQAP types looking to capitalize on the actions taken by these two to try and create more like them. This whole thing including the closing down of Boston, the media circus, and now the fallout with congress critters ravening to create new “tough” laws as well as circumvent the ones on the books and treat the survivor as an “enemy combatant” are a win for jihad propaganda. Simply put, all of our reactions have only played to their twisted ideas of winning. So, inspired? Yes, this has been inspiring to them even if we do not know just how the boys were inspired to do this in the first place.

Chechen Jihad

Meanwhile there is the angle of the “homeland” and Chechen Jihad to contend with. It seems that Tamerlan primarily was feeling more kinship with Chechen jihad than being an American ..Or more to the point to aspire to be one and compete in the Olympics. Both boys seem to have been drawn to their original place of origin and in fact linked online to a group that comes from Dagestan in particular. At what level they were affiliated with them, or had contact with them is still unknown but from postings online by an acct that seems to belong to Djokhar he is looking to rationalize jihad with citations from the Koran. Tamerlan meanwhile had links to a radical Imam’s videos from the region as well but also had links to the Syrian conflict as well. So you can see that there is a direction (jihad) in general but an affinity for their homeland and it’s troubles as well. Even their nicknames that were used (in Tamerlan’s case Timur Mucuraev and muazseyfullah) are references to regional presences in jihad. So once can deduce their proclivities toward what was once their home as well as the jihad overall. What really remains to be seen is whether or not they were officially affiliated with the jihad there and group(s) thereof or not. I am sure that with time and some interviews we will be hearing just how much contact the boys may have had with anyone over there if at all. At the very least from what has been seen online one of them did reach out and connect with them but there is no telling just how they responded if at all.

Truther’s?

Another interesting twist to all of this has been the remarks by the boys mother on TV about how this is all a conspiracy. It seems that the Tsarnaev’s may have grown up with a conspiracist pablum fed to them by their mom. Did this have something to do with their ultimate decision to bomb the marathon and turn to jihad? One can make the argument that this could be the case because of the similarity in the narrative on 9/11 and other globalist conspiracies put out by the likes of Alex Jones. Frankly it’s an insidious brew that ensnares the weak minded and places their already delicate psyche’s into an even more paranoid and delusional place than they already were before.

More will come of this I suspect both in the investigation as well as all around it as I have already watched the “Jones-ian” mindset barrage the FBI and others at the press conferences last week asking inane questions on how this was all just a “False Flag” event to remove our civil liberties. It is this mindset and the malleability of the weak minded that allows for not only jihadi induction but any other militant group that might use this as fodder to brain wash a candidate into action. I am interested though to see just how much the 9/11 truther movement had influence over the mindset of the Tsarnaev boys.

Interrogations Soon

Finally, as Djokhar comes out of the drugs and the intubation it will all come to light just why he did these things. In the end I understand they both had suicide vests but neither carried out the final measure and became shahid. Why is that exactly one wonders if they were so moved to jihad? Induction and grooming would have tried to lead them to blow themselves up especially when cornered so why didn’t they? Perhaps they were too “Western” after all and thought they could escape like Butch and Sundace?

Once the interrogations happen, the evidence is collated, and charges filed perhaps we all will know more. Until then we need to focus on the why from a psychological issue. If they self radicalized what was it about them that made this happen? What is the psychological makeup of the jihadi? How do you detect it in someone? Is it something that one can stratify and place into some sort of DSM-V catalog? Certainly in this case no one around them really knew save maybe the uncle that Tamerlan talked to just after the bombings and he did not make a call to law enforcement either.

K.

Further Reading on the Chechen Jihad:

krypt3ia.wordpress.com/2011/04/14/kavkaz-jihad-aqs-little-brother/

http://krypt3ia.wordpress.com/2011/01/29/would-be-suicide-bomber-killed-by-unexpected-sms-muslima-jihad/

UPDATE:

Ok so a lot has been happening with this case since I posted this piece. Lately there have been congress critters going on morning shows spewing all kinds of useless innuendo about how the boys “must have had help” to make these bombs and to carry out the plot “so well” that I feel compelled to respond. First off let me start by saying that the congress critters need to shut the fuck up. Pure and simple. They need to step back from the lights and cameras and shut up. So far the information coming out of the investigation does not say that they had help at all. In fact, if you look at the whole affair you can see that at the most they may have sought help in the electronics for remote det devices “maybe” The reality is that you can get all of this information on the internet pretty easily and it does not take a mental genius to rig up a pressure cooker bomb and a cell phone.

Secondly lets look at the stupidity of the boys in their plot points.

1) Set off bombs at a large heavily camera covered event and get away: Sure it worked but they took no pains to cover their identities much did they? Had they been trained one of two operational tempo’s would have been employed (stealth and egress) or (stealth and shahid) The boys did not plan on being shahid and their stealth was lacking so how much training could there be?

2) They had no real prep for getaway and ended up carjacking someone to get a working car. Once again they were on camera AND they boasted about being the bombers to the carjacked person who they let go. Had they been trained and supported they would have had an egress plan to get out of the country. Instead they tentatively planned on going to Times Square to light off another pressure cooker… With their faces plastered over EVERYTHING.. Yeah, some elite training there…

3) Funding, there was none. They bought some fireworks and common materials to make the bombs just like they are shown in Inspire magazine and by all rights could have “made it in their mom’s kitchen” as the article title suggested.

In the end it appears to me that these guys did it on their own. They had inspiration from online jihadist videos from the likes of Kavkaz and Vilayat Dagestan but both have disavowed knowledge of them anyway. I think once we get all the facts we may see that they reached out but were not trusted by the jihadists. This is common in the jihadi circles to start but even more so in the Chechen area where the FSB and other military orgs have tried to put a stop to their activities. What this leaves us with and what the congress critters cannot fathom, is the fact that these two guys did this on their own, for their own reasons (Tamerlan primarily at his inability to box any more on Golden Gloves and not get his citizenship and Dzokhar following big brother’s example) and were not a plot by any jihadist organization. They were not geniuses and they certainly did not make mistakes in their attack, they just happened to catch us all off guard and carry out a heinous act just like any other mass murder scenario. Frankly I think that the Jihadi element to this was just a weak rationalization that they made as a panacea to quell all their woes in life and nothing more.  It should be noted that Tamerlan only really started becoming more devout to “Islamic Jihad” once his boxing career was at a stand still. This is an important fact that many are not paying attention to and should be. This is not just a story about jihad and terror but also about a guy who just felt alienated and alone in a place he thought was his home and when that home became less available to sustaining his desires he turned to jihad.

So.. Once again congress critters.. STFU until such time as the FSB/CIA/FBI and others have solid proof of communications between the boys and Islamic jihad (aka Imarat Kavkaz)

//END

It doesn’t really matter who bombed the Boston Marathon… It only matters that they did and it’s giving others ideas.

Posted by Krypt3ia on

asifeared

XXXXXXXXXXXXXXXXXXXXXXX

No Attribution

Since the bombs going off at the Boston Marathon people have been trying to assess who it is that did it more so than a why they did. Of course knowing the who you will know the why especially if the bombers make a statement. To date no statements have been made and thus great speculation has been given by the talking heads in the media anyone from Clint VanZandt (Former Quantico Profiler) to the odious Evan Kohlmann. None of these people though really are offering any information into the real problem we have post the explosions at the finish line on Monday and that problem is the precedent set by the act itself.

Of course bombings have happened here in the past throughout our history but today we have one more twist to the picture that we should be paying attention to. That twist is that we are in a global war on terror against various groups that all have a goal of terror. In the case of the Islamic terrorists their goal is a global caliphate at the heart of the hard core heart and mind. It would be folly to think that this is the topmost goal of all of these people though and at the end of the day it all just comes down to people acting out to sow terror and death. In the case of this incident we still have no idea why it was done and even the jihadi’s online and I am sure behind the scenes are asking the same question as to who did it. As of today all we know is the method of the bombings (sort of) and that we have one or two UNSUBS that may be on video or in photos just before the explosions and this is making people even more on edge.

However, attribution and the reasons for the attacks are only one dimension of the problem and it should be noted that this event has opened a door for the Jihad as well as possibly other actors who wish to sow terror. This is not new as I said before, but, it is new that we have a call from the likes of AQAP/Al-Malahem/AQ to carry out “Lone Wolf Jihad” that may in fact have been heeded by someone or a small group of jihadi’s. If this is in fact the case then consider pandora’s box being opened with this successful attack. Alternatively, if this was carried out by another form of extremist (such as the militia types or so called “domestic terrorists”) the same Pandora’s Box has been opened because in the end, the attack was carried out and succeeded in it’s goals of death, terror, and FUD. This event is a win/win for the like minded and that is what is being played out on the Jihadi boards as we speak.

Inspiration and Aspiration

For 3 years now AQAP/Al-Malahem has been putting out “Inspire Magazine” and entreating the Ummah of the West to jihad. More recently they began a campaign to spur the Westerners to so called “Lone Wolf” acts because it seemed that they lacked the ability to reach out here themselves. They began offering tutorials on how to make IED’s and offered tactics and targets for the eager Westerner to carry out. These magazines met with little success in getting a jihobbyist to make a bomb in their mothers kitchen until possibly now. The pressure cooker IED’s are not that hard to make and the plans were in fact in a recent issue of Inspire but in reality if you have an internet connection you can get them fairly easily. So could it be a Jihadi Lone Wolf? Sure, could it be some other extremist? Sure, but in the end on a macro scale it doesn’t matter.

What does matter is the reaction by other groups and individuals.. Copycats if you like, who look at the events of Monday and start to think “I can do this too if they can” What is being seen on the jihadist boards already is talk about how Inspire had it right and that they should be praised for their work. The poster above asks questions about the modus operandi and concerns over security but generally begs the question over strategy. Responses to this post are on the whole affirmative that Inspire was right and that smaller attacks are the way to go. Inciting fear and hitting soft targets is what they need to do to torment the “Crusaders” and in reality this is the scary bit.

AQ had a HUGE win with 9/11 and since then the tactic has been on average to attempt another one of as grand or on a grander scale. This has not worked on the whole so the notion of smaller attacks was pivoted to by AQAP. They have finally set a goal of not just hitting a plane with an underwear bomb or a cartridge bomb but now are looking to go to a mall and shoot it up or to blow up a car on a busy freeway. Small scale, low tek attacks I believe are going to become the norm for not only the jihad but also the domestic terrorist as well. This is what has to be taken from the events of Monday’s bombing as well as the efforts of trying to find out who did it and to prosecute them.

Whether or not this is a Jihadi lone wolf or some other attacker the tactics of the attack should be the worrisome bit. The bombs themselves are low tech (smokeless powder and ball bearings in  pressure cookers) which could be made by anyone. The components are easily obtained cheaply and the whole operation could be carried out with as little money spent as a couple hundred dollars. The choice of soft targets like the marathon show’s astute planning and there are hints that they may have in fact studied the marathon and thought this through a bit on detonation time to have mass casualties as well. All of this could be carried out by person(s) easily enough without oversight from AQ/Taliban just like Inspire attempts to evoke in their “lone wolves” At the end of the day we may in fact see that Inspire was in fact the inspiration for this attack.. If not, then from what I am seeing on the boards post the attack I for one believe, that they now have even more inspiration to carry these attacks out.

Cause and Effect

At the base of this whole post though I want to get across the idea that one attack can breed copycats. Copycats all can get the plans and tactics for such attacks online easily through a Google search and as such the ease of locating the data and using it has increased tenfold. It remains to be seen just how much of an impetus this attack has been on those nearly ready to carry out their own terror plots but given that we are now seeing concurrent letters laced with Ricin sent to the President and Congress (also shown in how to’s from the jihadi’s and others online) one has to wonder if they are part of the original plot or copycats. It’s my belief that a scale has been tipped and that we may be in for some more tough times ahead. I personally not seen things this polarized since the 60′s when we had the creation of the Weather Underground and the Black Panthers. Imagine now more groups with access to the reams of information on the internet and their capacities to carry out terror were they of a mind to do so.

Time will tell.

K.

Thoughts On Being Asked “How Do I Get Into INFOSEC?”

Posted by Krypt3ia on

So You Want To Get Into INFOSEC Huh?

I got a request through a friend for a friend of that friends kid to talk to him about how to get into INFOSEC the other day. Now usually I am a curmudgeon (as you all know and love) and am loathe to be some sort of big brother of INFOSEC to anyone but in this case I said ok cuz I am just that nice. After some email wrangling we finally got together today (scant minutes ago actually) and now feel an obligatory blog post on the subject of getting into the business coming on …And there it is …Feel the burn…

So after agreeing to a time to meet I began to wonder just what I would say to this kid as to how to get into the business. For that matter I really wondered if I should encourage him at all to get into INFOSEC in the first place. My mind started to ponder why I was in it still and just how if at all it was rewarding given all that I have seen and still deal with on a daily basis. Often times my daily job sends me in to apoplectic fits that you all see in my blog posts and on twitter screeds of 140 characters at a clip so I imagine all of you out there might not think that I enjoy my work on average. On the whole though I would say that I do enjoy my work but I would caution anyone looking to get into this business to take a deep look at their abilities and their coping mechanisms before they took the plunge.

My conversation with this guy (in his 30′s) covered a range of things but I mainly focused on just how technical he was if at all and what he thought he wanted out of pursuing a career in INFOSEC. It turned out that he was not that technical and had only just started taking a course at the local community college on Python. It was at that opening moment that I knew this kid would have a long road ahead of him and made that as abundantly clear as I could without being a complete and utter bastard. Basically, in your 30′s and without any technical background you will have quite the uphill battle to become proficient not only in the technologies but also the applications of security to those technologies. So I had to scale back a bit and impress upon him that he needed to learn quite a bit to start and that maybe he should just look for a gig in desktop support first after some time in with school.

At the end of the conversation I had laid out all of the issues for him up to the point of the level of frustration we all have in this business from end users to C levels that don’t listen. Soup to nuts I laid it bare and in the end did in fact say that one needed to take up drinking to cope on average. I told him that the allure of the movies is great but in reality there is a lot more drudgery and that he should expect to spend a lot of time studying, practicing, playing, and generally hacking even to get a gig as a vulnerability scanner or a Sox auditor. This at least would be my ideal for anyone looking to get involved in true security work but unfortunately we all see too many people out there running a Nessus scan and passing a canned report to a client as BAU.

Despite all of this I do not think I dissuaded to disabused him of his desires and will be sending him some tutorials and links to sites/books for him to begin the great RTFM of security. I guess time will tell if he can eventually land a gig and be a productive INFOSEC wonk. Until then, I guess I am a sort of tough love big INFOSEC brother..

I hope he can handle the tough love…

So here are my thoughts about all of this for those who also are asking the question of how to get into and staying in INFOSEC.

K.

First Principles 

  • You have to be fascinated with the subject matter.. This is not just a job, like any career you have to love what you do otherwise why bother?
  • You have to be technically capable of understanding a great deal of technologies if you aren’t and are not interested don’t bother
  • You have to have an innate offensive mindset to be a good INFOSEC professional (if you aren’t thinking like the adversary you will lose the battle and the war)
  • To be a good defensive INFOSEC professional you have to have the offensive mindset as well (once again, think like the adversary or lose the war)
  • You have to be able to study things and be readily able to take the initiative to look things up
  • You have to be a tinkerer always playing with things
  • Overall you need to have initiative because even if you take a course it will not prepare you for everything
  • Don’t be just another fool with a tool, you need to go outside the box and once again play with things and understand them.. Then abuse them
  • Don’t expect to be an uber l33t haxx0r just because you hit start on Metasploit
  • Be diligent and do a good job no matter the scale of the project.. Half assed is just that and will end in epic fail
  • Nowadays you can get a CISSP and get a job.. This does not make you a good INFOSEC practitioner though
  • It is easier today to locate actual classes on security and hacking so avail yourselves of them ON TOP OF playing at home

Expectations and Realities

  • Expect and be able to handle clients in a professional way
  • Expect and be able to handle small scopes and reticence on the part of clients to fix vulnerabilities you show them as they might break their businesses to do so
  • Expect that all end users are not usually cluefull in the ways of computing and will easily click on your malware/phish email (offense)
  • Expect that all end users are not usually cluefull and will click on malware/phishing emails and thus start an incident that YOU will have to clean up (defense)
  • Expect to be told “No” a lot
  • Expect fits of rage and bile because the executives will not want to follow the security measures that you tell them they need to as policy
  • Expect to have to socially engineer said C level executives to have a modicum of security by tricking them into secure behaviors
  • Expect that your employers will not fund your going to conferences
  • Expect your security budgets to be secondary in concern if not tertiary to the C level executives until they get pwnd hard and in the news
  • Expect human nature to be the primary cause of your security incidents and failures in the enterprise (problem between keyboard and chair)
  • Expect long hours
  • Expect to be travelling 100% of the time if you are in a pentest position
  • Expect that 3am call when your enterprise has been compromised and expect to get up, log in, and begin IR
  • Expect that your network is already compromised
  • Accept that you will never know everything and should always be willing to learn
  • Expect and accept the blank stares you will get from EU’s and C levels when you explain to them the security ramifications of things you discover
  • Expect and accept the blank stares you will get from EU’s and C Levels when you tell them that they have to comply with policy and process
  • Expect that you will have to at some point not only audit but also create policies and procedures for someone somewhere
  • Accept this previous fact as just that and get past being an elitist wanna be pentester and do a good job at the policy side of things too
  • Accept that there is more to life than pentesting
  • Every day you have to unplug and have a real life outside of INFOSEC with other interests than just pwnage
  • Expect to be well rounded and a human being able to converse with others outside of the hacking/INFOSEC world
  • Expect to be frustrated every god damned day and be able to handle that without going insane
  • Expect that you will fail no matter how hard you try and that failure is not the end of all things

Well.. I think I ran out of steam there but you catch the drift right? It takes a certain kind of person to be a good INFOSEC professional just as much as it takes work. Do it if you love it… Otherwise what’s the point?

 

Digital Natives, Digital Immigrants, Exo-Nationals and The Digital Lord of The Flies

Posted by Krypt3ia on

SAMSUNG DIGITAL CAMERA

XXXXXXXXXXXXXXXXXXXX

Digital Natives

Last week Josh Corman was at a conference and live tweeting commentary and thoughts online about INFOSEC and around the ideas of Cyberwar. At one point he mentioned the idea of “Digital Natives” against the backdrop of nation states and it struck me again as something I needed to expand upon. Though Josh had said he wanted a chance to explain further to me his ideas before I posted I don’t feel like I think that differently than he does about the topic. Though perhaps I do, I am not sure as I have yet to hear his ideas in full but I wanted to get this out of my head now so here it is.

Digital natives as a term has been around since 2001 when Marc Prensky coined the term in his work “Digital Natives, Digital Immigrants” was published. In this article he explains the basis of the idea that since kids from 2000 on (I would say earlier for some of us) have grown up with computers and the internet as a ubiquitous appliance/medium they tend to be greatly different in thinking, acting, and general attitudes than their parents and older generations. These people who did not grow up with the technology always around them and used by them are termed to be “Digital Migrants” and have emigrated to the use of the Internet and technologies. As such, these immigrants are often seen as foreigners in the digital world with antiquated ideas on how things should work and methods of doing things. The article (see below link) also goes into some detail on the cognitive differences as well as social differences that Presnky was seeing in the studies he was conducting.

Prensky; Digital Natives, Digital Immigrants

Prensky; The Emerging Online Life of Digital Natives

Another paper that Prensky wrote was on the emerging online lives of these “digital natives” in that you could see the emergent behaviors progressing as online life (Web2.0 and Social Media for example) expanded to allow for more connectivity and social malleability. In both though the idea is put forth that we now have a generation or a couple really, that are inherently living their lives in a completely different way than their parents and all of it predicated on rapidly changing technology. This idea lends itself to the problems we face today as INFOSEC ptactitioners, governments, law enforcement agencies, and as parents to children who on the face of it are cognitively different than we are. Add to this the problem that much of our lives are now greatly affected by these technologies (banks, power, credit, reputations etc) that this generation or two now can control at very young ages for good or for ill and we have a problem that we must understand in order to manage.

Digital Immigrants

Moving on we have the Digital Immigrants, those who have moved into the digital space with smart phones, PC’s, Laptops, Ipads, and the like. Many do not leverage these devices in the ways that the natives do and in fact do not understand them on the whole. Outside of the people in the business of creating these wonders and creating their infrastructure the bulk of the populace older than 30 on average have little cognition of how things really work. I know this is a gross generality but just go with me on this and let’s not quibble ok? So, we have all these people who still use paper books and write things on pads and the natives think on the whole that they are a foreign species according to Prensky.

What really shakes out for me is that on the whole the LEA’s, the Gov, The Generals, and corporate execs of the world are all pretty much on the whole not of the Z or iGeneration (Natives) This means that they are all immigrants and by the terms of the idea not really connected to the ideals, attitudes, and cognitive changes that the iGen’s have in place. Add to this that aforementioned inability to really understand the technology itself nor how it could be leveraged and we have a pretty big problem with the world don’t we? Look at all this talk over cyberwar today and the outmoded modalities that are being used to try and grapple with the problems. How many times have you had the experience gentle reader with your boss or some other person as you try to explain to them the security problems with technology just to get a blank look back? …You get my point…

So we have the digital natives on average running circles around the immigrants (kids vs. parents, iGen vs. those in power) and friction occurs. All you really need look to are the cases of Aaron Swartz and Weev to see it play out in the media and the courthouse. What we commonly see as nothing really wrong the immigrants see as abhorrent, illegal, and immoral. The fact that say Weev just wrote a script to enumerate pages to us is nothing while in the eyes of the corporate types and the law it is an offense worthy of going to jail for 3.5 years and a lot of money in recompense to the corporation that was enumerated. Until such time as the immigrants are all gone and only the natives inhabit the net and the meatspace we will not have substantive cognition of the new generations mores and means of living with the technologies and how the laws can be changed to make a little more sense about offenses online as well as problems like cyber-warfare. It will take a at least another generation until parity is reached.

Digital Exo Nationals

While I think that the ideas of Digital Natives and Immigrants was what Josh had in mind as the core to his statement I also think he was alluding to those natives as being their own state. This is an idea that has been brought about by Anonymous and I think could be termed as “Digital Exo-Nationals” Those out there who feel that the net is a stateless space where no one state rules them (nation) nor do the mores of meatspace apply within the electronic world they live in. A group like Anonymous can claim to be truly stateless and on the face of it they can be on one level, but I think that on  the whole anyone who is not persistently living just online (meaning they reside inside of a computer network) is in fact affected greatly by where they were raised, by whom, and are the product of their upbringing. This fact will always color people’s reactions and there will always be some form of nationalism to them as they interact online or take up arms in defense of some ideal.

With that said though I think it is nominally an idea that has merit. I believe in many ways the deizens of the net (i.e. the iGen/Natives) think of themselves as apart from the “real world’ that they physically inhabit when they are online, which today is pretty persistent at a connectivity level. This cognitive dissonance creates quite the dichotomy of perceptions for the natives. Once offline they must generally adhere to the structures of the “old world” as opposed to the pretty much wild west of the Internet and on average they manage to separate the two lives much like the quote from “The Matrix” by Agent Smith;

Agent Smith: It seems that you’ve been living two lives. One life, you’re Thomas A. Anderson, program writer for a respectable software company. You have a social security number, pay your taxes, and you… help your landlady carry out her garbage. The other life is lived in computers, where you go by the hacker alias “Neo” and are guilty of virtually every computer crime we have a law for. One of these lives has a future, and one of them does not. 

This is pretty much the perception for the immigrants right? While on the other side Neo would consider himself a freedom fighter or a seeker looking for a basic truth that the old system (i.e. The Matrix) is trying to prevent him from seeing. Think about this idea for a minute while reflecting on Anonymous today in the Wikileaks age. I think you will see the parable here and this is a core issue between Immigrant culture versus the new Native one. It is interesting to note though, that in the case of the Matrix, the natives are in fact both Neo and Smith in one sense but only Neo resides in a corporeal way… But I digress into philosophy here and before I break out my copy of “Simulacra and Simulation” on you I will stop.

Ok back to the issue at hand. We have digital natives now that perceive themselves as “Exo-Nationals” the net is their country and it is outside of the corporeal world. Their rules are not the rules of the real world and their mores are different. Their culture is one that is new and evolving and unfortunately the world they inhabit is not really theirs to control. Since the backbone of the infrastructure is owned by corporations and governments they’re really only renting if not actually squatting in their exo-national domain. This fact however does not stop them from trying to control the networks and in many ways they are able to through hacking and the use of good OPSEC. You see, in reality the natives who consider themselves Exo-Nationals are in fact guerrilla’s for the most part to my thinking.

 The Digital Lord of The Flies

No matter the dialectic, there are issues to the dichotomy between the natives and the immigrants that can beget darker things. Since on average the common kid today can bypass most protections a parent my try to purchase for their home computers, that is if they are even cognizant enough to try, we have a generation that pretty much can run amok online. Without oversight the digital natives pretty much run the show. This has been touched upon by sociologists studying 4chan and Anonymous in the past and is quite valid a point. The mores of the natives are greatly different within the online world than those that we would teach them in the offline one. All of this is really predicated on the idea that once online the native is “anonymous” by use of technological means in the extreme or just the perception thereof by those who do not cognitively understand it (younger natives still learning)

Generally though the natives learn quickly that they can do many more things online that parents and others would find frightful offline and in public. It is this “disinhibition effect” through percieved or technical anonymity that allows for this behavior to evolve and thus gives rise to what I call the “Digital Lord of The Flies” effect. In essence the children have been left to their own devices on a digital island and those more powerful take over and rule rather mercilessly. In the last few days I got a first hand view of this effect with regard to teens and twenty somethings in the gamer/Xbox verse. Where gaming had become banal some of these “crews” or “Teams” began upping the ante by hacking, carding, and what they call GT (gamer tag) “Jacking” All criminal activities that are perceived by these kids as ok because they are not doing these things to people in reality (and by reality I mean in person in front of them)

There seems to be a disconnect within the psyche for these kids where their actions are just not real because it happens online. Some of these kids that I tracked online due to recent events with the attacks on Brian Krebs that leads me to believe some of them may in fact be on the road to sociopathy. This though is not the case for all of them of course so one has to ask how is it that they feel so moved to carry out these deeds online and not feel the least bit of remorse about them? It is this disconnect that fascinates me really and I will be looking further at it in the future. As more and more generations move into the natives category being born into a world with prevalent technologies we will only see more of these problems until that parity I spoke of happens. When the parents of all these kids are just as savvy about the net as their kids are, then we will be able to teach them.. Of course in thinking about this it comes to me that perhaps that will only shift to natives teaching natives the same behaviors…

Sigh…

Time will tell I guess.

K.