Archive for the ‘EPIC FAIL’ Category
Newest U.S. Counterterrorism Strategy: “Trolling”… Say, Doesn’t Someone Already Have The Corner On This Market?
Trolling VS. Jihad
Well, once again I hear a story about CT efforts that I just have to facepalm and say WTF? The story was evidently posted while I was on vacation and not looking to enrage myself with the stupid (thus meaning I was reading Hunter and other classics whilst sitting on a beach) So, someone tipped me off the other day that this little gem was out there. The premise of the story/program is that the Dept. Of State has given the go ahead to this 20-something to put together a coalition of people across the globe to subtly (maybe) troll the jihobbyists and jihadi’s out there online to break them up as groups.
Really? Sooo, you are going to go on to say Shamikh and start to troll the players there in hopes that you will shame them into dropping the notions of radical jihad? Why am I surprised that a hair brained scheme like this would come out of State? My initial reaction was tempered when I read the piece again and the tempering was that this was going to be aborted before it got anywhere in the first place as the article describes scope creep already and a certain sense of other agenda’s on the parts of the players. In the end, I suspect there will be a failure to launch, but, what if they were to pull their act together? Would this in fact have any net effect on the jihadi’s and the forums they frequent?
I certainly think so… But… Not in the way that the creator of the idea has in mind….
The Psychology of Jihad and Trolling Them:
In reading the article the use of the word “Trolling” is somewhat a misnomer really I think. I would use “cajole” more than troll because the goal here is to subtly shame them and make them not only uncomfortable with wit and sarcasm, but also to lead them to drop jihad. Now, will this actually work? I suppose a dialog with certain folks as peers might actually work if you don’t alienate them with your “wit and sarcasm” but really, take a look at the mind set and the social norms of the people being targeted here. You are going to troll people who, though maybe misguided by doctrine or imam, or their personal histories, are rather devout about their beliefs, to the point that some actually take on jihad literally and go fight.
… And you seriously think mocking them will make them say; “oh, wow, I was being silly”
Good luck with that. Its my feeling that given the nature of the people I have seen/dealt with on the boards, that this will just not work. In fact, in certain spaces (and those spaces are now consolidating rapidly online creating a clearer channel) you will get yourselves banned rather quickly from the board. This too will also cause them to close ranks further and to become very selective about who they let in and who gets to talk, not to mention maybe force their hand to go to other places like the darknet to host their content. So, overall, I just don’t think that this line of action will be productive in any way.
Now, if you are going to go after more “moderate” sources of dialog like muslim.net or some of the other sites out there, you may have more luck and might be the right territory to hunt in and dissuade people from acting on jihad. It’s all a matter of how hard core these people are and how new they are to the whole thing. Sure, AQ/AQAP/Global Jihad is seeking new recruits all the time online but, they are also not really gaining a huge amount of traction there either. I do appreciate the idea of trying to debate these nascent jihadi’s with smart dialog, but, in the end, “trolling” will likely only make them angry, ban you, and then make vague and useless threats. Remember, these are giant crazy echo chambers and it’s not that easy to default them to sanity just by saying they are being stupid.
I would also say that using the moniker of “Troll” for this article on Wired was disingenuous if not just wrong for the circumstances. In the article, further down in graph 2 or three, the creator of the program clarifies that it’s not really trolling per se by the netspeak definition of it. Usually today’s troll is someone who is just maladjusted and looking for an outlet for odious behavior while usually enabled by anonymity. If one were to go troll (trollhard… haha..just had an image of another Bruce Willis movie there) hard at the jihadi’s it would be quite counterproductive. Unfortunately, this kind of thing already has been happening a little bit. It seems that some people have been not only inserting themselves into boards, hacking them, ddos’ing them etc. This has served only to cause them to be much more suspicious and clamp down on security.
This is not what we need.
YOU TROLL ME! I KILL YOU!
In the end, I just see this program having the net effect of creating a bunch of Ahmed the Dead Terrorist skits online…
… And that may be hilarious to some… It just won’t help us in the GWOT.
ZOMG LinkedIN was HACKED!
A tweet conversation yesterday finally snapped my brain into focus on the whole LinkdIN hack password debacle. Someone had tweeted about the non complex nature of the majority of the passwords from the hash dump and my snarky response was basically “Who cares? After all, LinkedIN certainly didn’t, why bother when places don’t carry out due diligence?” After all, it was only LinkedIN right? I mean, who’s not already “in the know” that this is the Mos Eisley of business networking right? Between all the cutout accounts and stupid headhunters, one really has to know that it’s just a business version of Faceyspace right?
Well, I guess there are some out there who are using it like it’s a super secure and wonderful tool to make “spook” contacts for intelligence gathering huh? *SNORT* If anything we have seen that it has just turned into a festival of stupid commentary, casual hooking up, and one of the BEST tools for someone like Tommy Ryan to nab all kinds of .MIL and .GOV folks with their digital pants down more than anything else. So they were hacked, any of us in the business with half a brain “should” have been using throw away passwords or phrases with the apropriate complexity anyway, this includes the government and certainly the military people….
Well, it seems that this is not really the case….
ZOMG LinkedIN WASN’T PROTECTING MY PASSWORD!
So, once again we find that a company, that people do in fact pay for, was NOT performing the due diligence that they should be on behalf of their clients and protecting their passwords with salted hashes at the very least. Nope, no crypto of worth was at work within the rarefied digital confines of LinkedIN and WHO’DA THUNK IT? Even after they found out they were hacked they did not really have a grasp on if they “really” had been and failed to issue an alert until later the same day (much later, like late afternoon) when word of the hack and proof of the dump was out on the Russian hacker board at 6am EST.
Now, given the past history of security gaff’s and certain unsavory people/accounts on LinkedIN over the recent few years, and LinkedIN’s lackadaisical attitude towards security, is it any surprise that this all happened? That LI was not encrypting the password database to BASIC security standards? After all, they just take your money so you can hit up the pretty recruiters right? No security needed there… Nah. Hell, they don’t even have a CIO/CSO/CISO do they? Who needs them huh? C’mon “We no need your stinkin CISO”
So what has the “INFOSEC Community” have to gripe about here? I mean, gee, we already kinda knew their posture right? You should have collectively had your throw away password anyway, so no biggie. Yet, look at all the hue and cry here!
ZOMG The 6 MILLION Passwords Were On The Whole SIMPLE AND INSECURE!!!
Yup, that headline says it all really. You see, people on average don’t really care about their passwords nor do they really have the security awareness to even attempt to create complex ones. I mean, hey, it’s as simple as downloading a password manager/vault that creates them for you with good complexity as well as saves them for you to look upon when you forget right?
*Evidently, THAT is too hard for the majority of end users… Hangs head…*
Nope, all too many people had simple passwords like 1234 for their access to a site where they lay bare much of their business and social data it seems. Oh, and did I also mention that in the same day there was a vuln released on their iOS app that was thieving YOUR calendar data? Oh yeah, nice! I guess it’s all just human nature to be lazy and create passwords that are easy to remember but this is just getting silly people. One wonders just how many of those people replicate those silly passwords on to other sites like their email or maybe their bank huh?
Oh my…. That many? We’re DOOMED.
Look, I have said it before and I will say it again, our own natures provide the largest attack surface. In the case of LinkedIN and the six million passwords there are two:
- Laziness on the part of the company not encrypting the passwords to basic standards and laziness on the part of the EU’s not creating stronger passwords
- A STUNNING lack of situational and security awareness on the part of both parties
ZOMG The Security Industry FAILED To Teach Us All About Strong Passwords!!!
Meanwhile, there was a great hue and cry by the twits on my feed and in articles on Island and other places on how the industry (as well as LI) failed once again in the security space. We evidently do not have enough “evangelistas” out there teaching the wretched masses about the wonders of proper password choice. We are just not reaching them and when we see things like this we then go on ad nauseum chiding them or in most cases just pointing our collective fingers and laughing.
Yeah, that’ll teach em. I can feel their collective IQ’s rising now.
I guess my question is can we even really inculcate these things when the basic human nature is to not use our frontal lobes too much? We have too many passwords now and it’s hard! C’mon, just lemme do 1234 it’s gonna be fine because the company is protecting my data! How do I know? Oh, cuz they have this pretty graphic here with a lock on it!!
If you believe that, I have this bridge I’d like to sell you.
Look, all you INFOSEC people out there lamenting, stop. Breathe. The simple truth is that you cannot win this battle unless YOU are in direct control of the systems that would FORCE password complexity on the end users. The sad fact is too many of us aren’t actually in control, its the C levels who are in the end, we just tell them what would be best for the security of the business. It just so happens that much of the time these measures cost money, or, more likely, inconvenience the workers and the perception is that work and PROFIT would suffer from your new fangled security measures.
No, you cannot do that.. The workers will revolt and we will lose productivity Sonny Jim! That would affect the bottom line..
ZOMG You INFOSEC Weenies Are MISSING THE POINT!
Ok, so, it happened. LinkedIN handled it exceedingly poorly, and there is a great cry upon the internets over it all. People were tweeting and blogging, exhorting users to CHANGE THEIR PASSWORDS on LinkedIN but were failing to give a more nuanced warning.
“Uhhh, but, LI wasn’t sure they were hacked, how they were hacked, or IF they were still hacked!”
GO NOW! CHANGE YOUR PASSWORDS!
But, what about the whole password re-use thing? Any mention of that? Or that if you change your password, it may yet again be leaked because they may still be hacked?
Yup, bang up job people.
The real point for me is this salient fact: LinkedIN and other companies like Sony have shown time and again, they DON’T CARE about YOUR data. Always remember this people. So, you want an account on these places, then you best make a throw away pass and limit your data on the sites that host it. Otherwise, there will be a compromise like this one and not only your data there, but elsewhere (if you re-use or iterate) will be up for the taking.
What this also means is that business in general doesn’t get it nor care to and this is the most important point.
Either we demand they all do better or we just let them carry on leaking our data.
I followed a link today off of esecurityintelligence.net and after reading the first graph of the piece I pretty much had a bad case of Tourrettes syndrome. This is some of the WORST reporting I have seen where it concerns the state of internet jihad. Now, I know why these places all do this, they just want a lead story and headline that will draw people in and make them click into the site. I get it… But.. It’s just wrong. The internet jihad is more a propaganda campaign than anything else and as you can see from the piece below from of all places, “The Sun” did a bit of a better job on the facts than dnaindia did!
Now that is surprising.
So, as I was saying, a ‘bit’ of a better job.. Then they too go off the rails. Look, the cyber jihad or Internet jihad is comprised mostly of jihobbyists, guys who want to get in on the action but are too clueless to actually go to the battlefield in some cases. In others, they are deluded individuals with mental health issues that need to be medicated and taken care of. In either case, the needed skills to really cause greater issues other than setting up php bulletin boards to throw propaganda on are lacking on the part of the general jihobbyist populace. Just how many of the attacks by LulzSec were attributed to the likes of Al Qaeda?
Yet the media persists in perpetuating this idea the there are some 31337 jihadi’s out there who are going to pwn the grid. Really guys, get your shit straight when reporting on things ok? I have seen some strives in the Jihadi hacking scene these last few years, but NOTHING like what you are talking about. Hell, their real hacker went to jail years ago (Irhabi007) What is worse it seems, is that likes of Home Secretary May, may in fact be spinning half truths about Internet jihad for whatever political expediency she needs. I have reported in the past about the Facebook Jihad (notice 2010) and pretty much sum it up to propaganda and thats it. Sure, there may be some illicit comms channels here, but, its Facebook for God’s sake! They are on top of this shit, TRUST ME! The jihadi’s have been complaining that as soon as they set up a Facebook page it gets taken down by Zucky and company! So really, there is no threat there.
So, lets take another look at it from the post LulzSec perspective.
Lulz have been wreaking digital havoc with some pretty low level hacks. They carried out DD0S, they hacked low hanging fruit and stole data which they then published. LULZ did it, NOT Al Qaeda. Now, don’t you think that if AQ was adroit at hacking and wanted to cause pandemonium they would have beaten LulzSec to it all? Don’t you further think that perhaps when and if they hacked the servers with the low hanging fruit hacks (SQLi) that instead of just publishing the data, they would have say RM’d the whole databases?
Think about it;
- Economic targets like the stock market
- Military targets like the recent Anon attacks on Booz Allen
- Attacks on grid and other key infrastructure targets
ALL of these things likely already harbor vulnerabilities that the likes of Anonymous could already have access to! The difference? The LULZ don’t want to be thrown in a hole forever and know their limits I suspect. Now, if you were AQ though, what’s to lose?
AQ, if they had the capabilities would already have used it! They haven’t, which means to me they lack the critical skills in their jihobbyist base to be a threat in this arena. It is as simple as that. So please Media, fucking buy a clue and stop just trying to use the “If it bleeds it leads” mentality to get clicks. Do your JOB’s and get subject matter experts with credentials to talk about this stuff instead of just trying to scare the straights with false reports.
I have often written on this topic in the past and from what I have seen here is the overall picture of the state of Jihadi hacking tech.
- They are using OLD malware packages to infect machines to steal data/money (mostly money)
- They are using OLD hacking exploits for the most part just as they are with the malware packages
- SOME jihadi hackers (TNT_ON) are clued in and know what they are doing technically, but yet are inept enough to leave their real IP addresses in their tutorial videos (I see you!)
- They are learning.. Slowly.. but their sites still keep getting popped and their super sekret rooms online have been penetrated
- Their crypto program (Mujahid Secrets) has been cracked/Reverse Engineered
Finally, let me leave you with this little bit of wisdom post the demise of OBL:
- They got him because his lackeys were tracked by their electronic comms
- Even though they were using sneakernet and email Dead Drops we managed to catch on (these techniques are not hacking)
Were OBL and his crew using high tech hacking techniques or crypto (aka steg) as their main means of communications, judiciously, it would have been even harder to get a line on what they were up to, where they were, and moving forward, determine future plans from OBL’s hard drives etc. Instead, they were using old spy tactics with minor digital twists to evade the US and other countries. This says a lot about their abilities and ours to detect them. They decided it was better to go old school because we cornered the digital market.
This follows today to the hacking scene, where we have some muslim hacker groups out there defacing pages, but not doing much else in the way of Islamic Electronic Jihad. So, media, let me put it plainly again;
They don’t have the skills to be super scary like you want them to be in your exaggerated reports!
CUT IT OUT!
I will let you know when they have their shit together.. Trust me.
Past posts on this subject:
It seems that 2011 is turning into the year of the cracker. Between Anonymous, Lulzsec, and the ongoing wave of espionage being carried out by nation states, we have begun to see just how serious a threat cacking really is. Of course both of these groups of attacks have greatly differing motives as well as means. Lulzsec, well, is doing it for the Lulz and the others such as nation states or criminal gangs, are doing it for political, financial, or personal gains. In this post I will cover all three groups and their motives as well as means.
Lulzsec is a splinter group of Anonymous who for all intents and purposes, have decided to carry out raids on any and all sites that they feel need their attention. This could be simply a process of finding the lowest hanging fruit and exploiting it or, there may be some further agenda that they have yet to explain fully. So far though, we have the simple explanation of “They are doing it for the Lulz”
Lulzsec really began their efforts with focusing their full attention on Sony Corp. Sony pissed them off by attempting to prosecute a coder/hacker/reverse engineer named GeoHotz. Geohotz managed to tinker with some Sony code and they went out of their way to try and destroy him. It’d be one thing if he was being malicious, but Geohotz was not.. Instead Sony was. This caused a great backlash in the hacker community against Sony, and though they came to an agreement with Geohotz, Lulzsec decided they needed some attention.
After numerous attacks on Sony that netted Lulzsec much data and showed just how poor Sony was at protecting their client data, Lulzsec decided to take their show on the road so to speak. They began their new campaign with “The Lulz Boat” which set sail for #fail as they say. Soon the Lulz were epic and the target scope began to open up. Lulzsec attacks began to show up on Pirate Bay as well as on pastebin where they would dump the data from their attacks and laugh at the targets poor security.
What once seemed to be revenge has now morphed into a free for all of potential piratical actions for unknown reasons by Lulzsec. Of late, they also seem to be profiting from their actions by donations of bitcoins as well as perhaps other help from the masses who enjoy their antics. It is hard to tell exactly what the agenda seems to be for Lulzsec as it is still evolving…
Meanwhile, their actions have risen the ire of not only the likes of Sony, but now the governments of the world as well as their law enforcement communities. Who knows how long it will be before they are collared or if they will be at all.
Nation State Actors:
The ‘Nation State Actors’ may well be the most sophisticated group here. Many of you likely have heard the term APT, and this group would be the core of the APT. Those nations that have the means to use assets at their disposal to make long term and concerted attacks against their targets. This is the real meaning of APT (Advanced Persistent Threats)
What we have seen in these last few months is either an escalation on their part, or, we are just now catching on to their attacks by actually paying attention to information security. I am not sure which it is really, but, I lean toward there being more attacks as the programs developed by certain countries have solidified and spun up. As you have seen here, I have made much mention of China as being the culprit in many of the attacks recently. I stand by that assessment, but one must not forget other countries like Russia or Israel for APT attacks.
This all of course is just a natural progression from the old school espionage with physical assets in the field to a digital remote attack vector. As we have gotten wired, so has the espionage game. In the case of the wired world, unfortunately, much of the security that would usually surround assets in the old days, are not put into place in the digital. Why is this? It could be a lack of understanding, or, it could also be that the technology has outpaced the security values that they require to protect the data within.
Either way, hacking/cracking has now become a tool of war as well as intelligence gathering. It’s just a fact of life today and unfortunately the vendors and users have not caught up on means to protect the assets properly.
This is where the APT, Lone crackers, Companies, and Nation States meet. All of these groups use hacking/cracking as a means to an end. In the case of nation states, they are often looking to steal IP from companies. Often times that IP happens to be from defense contractors. This is a dual use type of technology both for war as well as any technology taken could further their own in many other ways.
In today’s world, you have all of these players using attacks to steal data for themselves, or their masters. The recent attacks on Lockheed are just this, APT attacks, likely by China engaged to steal IP on military hardware and technologies to augment their own and compete not only on the battlefield but also economically.
Other attacks are likely un-noticed and carried out by single aggressors or small teams that hire themselves out for this purpose. These are the civilian equivalent of the nation state spies and often can be contracted by nation states or other companies to carry out the work. In fact, this has become a boutique niche for certain individuals and companies in the ‘private intelligence’ arena. For this type of actor, I suggest reading ‘Broker, Trader, Lawyer, Spy’
This brings me to the criminal gangs. These are most commonly from the Eastern Block (The former Soviet Union) and they too often work tacitly for the government. In the case of Russia, there is a large amount of governmental complicity with the gangs. This is because much of the Russian government is made up of Russian mob types or, are paid handsomely by them for complicity.
Much of the crimeware trojans out there are Russian (Ukraine) made and the money that they steal from their quick hits goes to the East. Just by looking at the news, you can see how many ATM skimming attacks have money mules hired by the Russians and how often the money makes its way there. An interesting convergence here is also the connection between the Chinese in some cases and the Russians working together. There was a spate of Russian run botnets that had Chinese involvement as well as Russian servers/sites showing up in China recently.
With the synergy of the Russian and the Chinese malware makers working together, we will have a level of attacks that will only escalate as they learn from each other and perfect their methods. Meanwhile, they are robbing places blind by stealing PII data to create identities with as well as just transferring large sums of money digitally from banks that lately seem to be getting off for not performing the due diligence of security on behalf of their clients.
When The Players All Meet:
It seems that in the end all of the players meet at the nexus of digital crime. Whether its stealing data for profit, or as an act of patriotism for a nation state, all of the players work within the same digital playground. As the technologies meet, so do the players and it is likely there will be bleeding together of means and opportunity.
In the case of Lulzsec, it has yet to be determined what they really are all about other than the laughs. As they were once a part of Anonymous, one might think they might have a political agenda, but they have said otherwise. However, some of their actions speak to a more political bent than anything else. The recent attack on the senate websites seems to belie at least some politics at play as they stated they didn’t like them very much.
More importantly though, it is the response by the nation states and their law enforcement groups that will be interesting. For groups like Lulzsec, they are now passing from the nuisance category into perceived enemies of the state. Once they start attacking government and military targets with their lulz, then they are likely to see a more hardened response from intelligence agencies as well as the likes of the FBI.
Once the laws and the enforcement agencies catch up with the technology, then we are going to see some interesting times…
Quote from Die Hard 4
A friend of mine, a more-or-less retired CIA paramilitary operative, sees the solution in characteristically simple terms. “We should go get him,” he said, speaking of Assange.
When my friend says “get him,” he isn’t thinking of lawsuits, but of suppressed pistols, car bombs and such. But as heart-warming as it is to envision Assange surveying his breakfast cereal with a Geiger counter, we shouldn’t deal with him and WikiLeaks that way.
At the risk of abusing the Bard, let’s “Cry havoc, and let slip the geeks of cyberwar.” We need to have a WikiLeaks fire sale.
A “fire sale” (as those who saw Die Hard 4 will remember) is a cyber attack aimed at disabling — even destroying — an adversary’s ability to function. Russia did this to Estonia in 2007 and Israel apparently did this to Syrian radar systems when it attacked the Syrian nuclear site later that year. The elegance of this is that if we can pull off a decisive cyber operation against WikiLeaks, it can and should be done entirely in secret.
Plausible deniability, anyone?
Full article HERE
So, with the revelations over the weekend of rape charges that mysteriously just vanished, one has to wonder if indeed there are forces at work trying to discredit Assange as step one in a much more ornate plan. After all, if one were to discredit him, then he could more easily be shipped out of his hidey hole to a more US friendly place with regard to legal standings right? Though, one wonders at the rape charge.. I mean we couldn’t get Polanski back here for child molestation, so what do you think is gonna happen with a regular rape charge?
Also this last week there was an article claiming to have a story being told by Lamo that there is a “velvet spy ring” Umm yeah, those days are not so over as this was the big deal with the Cambridge five no? I haven’t yet chased that story down due to laziness as well as.. Well, I can see that just as a poorly constructed propaganda attempt by someone.
Adrian, care to comment?
Anyway, this whole Fire Sale thing.. Uhh guys.. It ain’t gonna work. Sorry, but as the article alludes to, the Wikileaks pages are all over the place. They have some online ready to go and others are in their silos waiting to be prepped for launch. So, there is no real way to stop the data coming out if they want it out. I mean, I didn’t even mention the torrents… But this is who we are dealing with… A mindset that cannot grasp the intricacies of the intertubes sometimes. The damage has been done and short of taking down the whole of the Internet, the data will be set free by Wikileaks.
So what now?
Well, how about we make sure that the data does not get out of the compartmented systems in the first place huh? Manning evidently showed signs to others that he was a security risk and nothing was done. He had access to systems that if they were paying attention to infiltration and exfiltration methods, would have prevented the data from being burned to disc and taken out. It really reminds me of “The Falcon and the Snow Man” they were not paying attention to many of the rules in the secret areas and at the guard stations, thus the data was just taken out in quantity. I am sure that if the precautions were in place effectively and watched, Manning would have been caught sooner and perhaps this would not be as much a debacle.
Now, on the other side of the coin here… I am not against Wikileaks altogether. I agree with what Daniel Ellsberg did with the Pentagon Papers. The government was clearly lying about the war. In this case today, I am also sure that there were lies being told and likely still are… But the data I have seen thus far is no smoking gun and in no way shows any real malfeasance by the government. In fact, all the data thus far is about Afghanistan. Where I feel the big lies… well lie.. is in Iraq. Of course Assange is saying that data is coming soon.
We shall see.
So, to sum up..
1) You military and gov types… Get over it and tighten up your security!
2) Anything done to Assange will only make him a martyr
3) There is no stopping this data because it is already out of your control (pentagon, White House) So just buckle up cuz its likely to be a bumpy ride.
The top-secret world the government created in response to the terrorist attacks of Sept. 11, 2001, has become so large, so unwieldy and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it or exactly how many agencies do the same work.
These are some of the findings of a two-year investigation by The Washington Post that discovered what amounts to an alternative geography of the United States, a Top Secret America hidden from public view and lacking in thorough oversight. After nine years of unprecedented spending and growth, the result is that the system put in place to keep the United States safe is so massive that its effectiveness is impossible to determine.
The investigation’s other findings include:
* Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States.
* An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances.
* In Washington and the surrounding area, 33 building complexes for top-secret intelligence work are under construction or have been built since September 2001. Together they occupy the equivalent of almost three Pentagons or 22 U.S. Capitol buildings – about 17 million square feet of space.
PBS Frontline report coming this fall
When this article came out there seemed to be just a collective murmur as a response by the masses. I figured that either people just didn’t care, didn’t get it, or were just too stunned to comment about it. Upon reading up some more and seeing the Frontline piece, I have decided that most people just can’t grasp the sheer import of this report. What this all says to me is that the government has no idea of just who is doing what and how much money is being spent. What’s more, the people certainly have no idea (the people as in the voting public) whats really going on either.
Another factor here I think is that many people just have too much faith in the government and in the corporations. When you really look at it though, once you have worked in the sausage factory and have seen how its made, you really never want to eat sausage again. Its like that with working for the government and or corporations really. Having spent all these years in the information security business working for fortune 500 companies as well as the government, I can say I do not want to “Eat the sausage” Of course perhaps the better thing to say is that I do not trust the government nor corporations because they both are comprised of inept people and red tape.
By far though, the concerns that I have are something a bit more ominous in nature. I fear that these machinations will only lead to greater abuses of power by not only the government but also the corporate entities that they have tasked with performing all this secret work. It used to be that there was government oversight on the intelligence community, but you knew that there was some off books things happening. Now, we have post Iraq and still ongoing in Afghanistan, a contractor proxy war that now includes a civilian intelligence element. An element that now seems to be even more “civilian” because it is being operated by corporations and not wings of the government. It gives a new meaning to “black ops”
Another interesting turn in this “secretification” to steal a Bush-ism is the whole issue of just how far the pendulum has swung from the nations not caring so much about HUMINT and intelligence to suddenly being even more fervent about it it seems than they were during the cold war years. I might also hazard a statement to say that since 9/11 it has generally felt more and more like the 50′s again where paranoia is concerned about the “enemy threat to the homeland”
Are we in danger? Yes. Do we need to have to go back to the 50′s mentality of us and them with a McCarthy-esque twist? No.
Of course all or most of this is aimed at Jihadi terrorists and not a governmental body like the Soviet bloc and this is where the disconnect seems to be the largest for me. It’s rather ironic actually that all this effort is being predicated on fighting a group of people who are not generally known for being easily infiltrated nor as easy to get a grasp on as the Sov’s were. People just knee jerked after 9/11 and really, they have only created even more bureaucracy in which the real INTEL will get lost and another attack likely happen because of it.
Welcome to Washington’s dementia…
In something of a warning to all wannabe online mujahedeen, a 20-year-old student from northern Virginia was arrested today on charges of providing material support to al-Shabaab, the al-Qaida-aligned Somali extremist group.
Zachary Adam Chesser is the guy’s given name. But he went by several others: Abu Talhah, Abu Talhah Al-Amrikee. But Chesser’s highest profile appears to be online, where his sobriquets included TeachLearnFightDie and AlQuranWaAlaHadith. He posted on an apparently defunct blog called Themujahidblog.com and Revolutionmuslim.com, according to the affidavit of FBI Special Agent Mary Brandt Kinder, and he threatened the lives of the South Park creators for their portrayal of the prophet Mohammed. Searches for his uploaded videos led to the discovery of him getting pwned by one of the Jawa Report guys.
Apparently Chesser intended to put his internet skills to use for the extremist militia. According to the affidavit, Chesser told Menges that al-Shebaab members told him to bring laptops to Somalia, so he could join their media unit, the apparent posting of choice for foreign fighters — much like the rapping Alabaman Omar Hammammi. He wrote a post in June on an unspecified online forum, according to the affidavit, expressing his intent to leave for Somalia and announcing he was “actually leaving for jihad.”
The guy wrote a fair amount online. A different post from January encouraged fellow takfiris to stay fit: “We have to go for jogs, do push-ups, learn firearms, and all kinds of things…. And, perhaps above all, we have to actually go and fight against the disbelievers.” This kind of stuff is increasingly prevalent in the English-language internet. Just last week, a Pennsylvania-based internet hosting service shut down its blogetery.com platform after federal law enforcement officials showed that more than 70,000 bloggers used it to push al-Qaeda propaganda into the cyber-ether.
But he might be part of a recent trend in low-wattage/high-bandwidth self-radicalization. “This case exposes the disturbing reality that extreme radicalization can happen anywhere, including Northern Virginia,” U.S. Attorney Neil MacBride said in a statement. Especially with the aid of Wi-Fi.From Wired.com by By Spencer Ackerman
Ok, so there is so much wrong with this article that I just have to call it into question as to if the reporter actually did any kind of “reporting” here. I mean, sources and actual leg work looking into the terminology and technology perhaps? This just seems to me to be more of a poorly worded and thought out scareware piece than anything else there Spencer.
Lets pull it apart a bit…
“Tafkiris” the root of which is kufir or kafir, which means “impure” or those who are excommunicated from the Muslim faith. Uhh yeah, it would be helpful to show that this kid had even LESS of a clue what he was talking about here by pointing that one out Spencer.. IF that is, you had any clue what it meant. I am sure you thought perhaps it was another term for a jihadi or mujahideen.
No.. its not.
This kid had less of a clue than Spencer.. But that ain’t saying much. Lets show a little more of the subtlety here huh?
Just last week, a Pennsylvania-based internet hosting service shut down its blogetery.com platform after federal law enforcement officials showed that more than 70,000 bloggers used it to push al-Qaeda propaganda into the cyber-ether.
As I wrote about yesterday, the whole affair over the blogetery site was not so much the feds saying that there were 70K worth of users pushing jihadist data on there, but instead asked about a couple of their servers that had data on them. You see, as I had reported, the site was a file trading site primarily and it is likely that the jihadi’s just found it easy to put up the files there and leave links elsewhere as they do in many other cases.
I checked Google and only came up with one potential site that had connections to Iranian Muslim propaganda against the west so, I don’t think that this was another “mos eisley” on the internet here. Spencer, do a little research huh? Had this been so riddled with data and grave things indeed, then the Feds would have swooped down either with a warrant to seize the servers or, they would have quietly assumed control with the help of the burst folks to watch and collect data. It was in fact Burst that took the system down for fear of being nailed for copyright infringement as they had already been sniffed around on before.
But he might be part of a recent trend in low-wattage/high-bandwidth self-radicalization. “This case exposes the disturbing reality that extreme radicalization can happen anywhere, including Northern Virginia,” U.S. Attorney Neil MacBride said in a statement. Especially with the aid of Wi-Fi.
WTF? WI-FI is the cause of rapid and widespread jihadi conversion? Spencer what the fuck is this crap being quoted without the benefit of calling the reasoning into question here?
From the Sacramento Bee
On Thursday afternoon, Adrian Lamo sat quietly in the corner of a Starbucks inside the Carmichael Safeway, tapping on a laptop that requires his thumbprint to turn on and answering his cell phone.
The first call, he said, came from an FBI agent asking about a death threat Lamo had received.
The second was from a Domino’s pizza outlet. One of his many new enemies had left his name and number on a phony order.
The third was from Army counterintelligence, he said.
In other circumstances, it might be easy to dismiss his claims.
He is an unassuming 29-year-old who lives with his parents on a dead-end street in Carmichael and was recently released from a mental ward, where he was held briefly until doctors discovered his odd behavior stemmed from Asperger’s syndrome.
On Thursday, he was dressed in black. A rumpled sport coat covered his bone-thin frame, and a Phillips-head screw pierced his left earlobe – a real screw, not an ear stud made to look like one.
He spoke slowly and methodically, sounding almost drunk, a side effect of medication he takes to treat Asperger’s, anxiety and his rapid heartbeat.
But Lamo is the most famous computer hacker in the world at the moment, the subject of national security debates and international controversy – and a target of scorn in the hacker community that once celebrated him.
He first gained notoriety in 2003, when he was charged with hacking into the New York Times computer system, essentially just to prove he could.
“I just wanted to see what their network was like,” he said. “It was going to be the Washington Post, but I got distracted by a banner ad.”
He has re-emerged in the spotlight following his decision last month to tell federal agents he had reason to believe an Army private in Iraq was leaking classified information. He said the information was going to WikiLeaks.org, a website based in Sweden that publishes information about governments and corporations submitted by anonymous individuals.
The soldier, Pfc. Bradley Manning, a 22-year-old intelligence analyst who was stationed near Baghdad, is reportedly being held by the Army in Kuwait while the case is investigated.
Lamo said Manning contacted him online after reading a profile of him on wired.com, which first reported Manning’s arrest and Lamo’s involvement last Sunday. Manning, he said, bragged about leaking classified military information to WikiLeaks, including the so-called “Collateral Murder” video of a U.S. helicopter attack in Baghdad that killed several civilians in 2007. That video appeared on WikiLeaks in April.
Lamo said Manning also claimed to have leaked other materials to the website, including 260,000 U.S. classified diplomatic cables.
“I couldn’t just not do anything, knowing lives were in danger,” Lamo said. “It’s classified information, and when you play Russian roulette, how do you know there’s not a bullet in the next chamber?”
Full article HERE
Adrian Lamo, a name that in the hacker community for a while, was a zeitgeist for the altruism of hacking in the original sense. He popped into systems and networks with only a web browser and told the companies he had compromised in an effort to secure them. Frankly, the recent diagnosis of Aspergers makes a lot of sense to me and likely to others who have met him or know of him by watching him. He has an interesting personality that borders on the strange and Aspergers may well explain his focus on such minutiae as he has shown up with in his hacks.
With the events of late regarding his turning in the alleged source for Wikileaks, there has been a fair bit of loathing on the part of the hacker community against Lamo and I for one think that he did the right thing. Look, this guy Manning has yet to be shown to be a Daniel Ellsberg here. Daniel released data that unequivocally showed that our government was lying to us about Viet Nam. Perhaps some of what Manning was seeing was on par with that, but, he went to Wikileaks instead of say the New York Times with his allegations. In fact, I have not heard anything substantive out of Manning that would lead me to believe that he is anything more than a hacker wannabe or.. Just someone craving attention. The mere fact he went to Lamo on this show’s more about his motives than anything else.
If you look at the chat transcripts there is no real sense that this guy was looking to put an end to conspiracy as much as get Lamo to like him… Simple as that I think. So, what Lamo did was in my mind right. He reported the potential for large leaks of cables that could blow NOC agents all over the world potentially as well as place our diplomatic aspirations globally at risk. Who knows what else might have been given to Wikileaks and or may be out of pocket elsewhere thanks to Manning. The damage could be long in coming and severe really and Lamo could see that. Not to mention that he knew enough that now he was a party to treasonous acts and could by just knowing of it, be a co-conspirator had he not reported. If he thought he knew the dark side of the judicial system before with the Grey Lady incident, he certainly could fathom what would happen to him on treason charges.
So, all the hacker kiddiez out there.. Leave him alone. He actually did the right thing here. Cut out the death threats and all the BS that certainly is going to go on… Especially at DC18 I am sure he will get some negative attention because many of the hacker types are childish narcissists to start. Its time to grow up.
Now, with all that said, should there have been some epic malfeasance on the part of the government along the lines of the Pentagon Papers, then I would understand in passing such data to the Times or perhaps even to Wikileaks. However, without there being confirmed actions on the part of our government, I cannot agree with what has happened. Yes, the footage that came out and the subsequent recognition that civilians in a war zone were killed by US forces fire is bad and perhaps there was some attempt at covering up, it does not merit the continued and further exploitation of all data at the hands of this guy.
For an analyst he sure wasn’t analyzing the data. I guess that some of this all will come out eventually if there is a trial that can be reported on by the press. Though, likely it will not as everything is classified.
What may be more telling is that what Manning did was so easily done with SIPRNET systems and alleged compartmented data. Once again, the measures that the military had taken, even with the assumption of “trust but verify” were clearly not being carried out here. I have heard the stories before and seen the fall out from processes not being followed where security is involved not only in the military area, but in every day corporate life. If you fail to carry out your basics of OPSEC and INFOSEC, then you FAIL epically to retain your data security.
Bad on the military here.
In any case, Lamo did the right thing either for his own skin’s safety or a real sense of just how far reaching the damage could be to this country. As well, this incident may actually get him closer to being a truly functional member of the security community.