Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Russian Meddling: Indictments and Troll Farms

leave a comment »

The indictment by the Mueller special counsel investigation into the meddling by Russia into the election cycle last year is just another nail in the coffin on the conclusion that there was no action by the Russians to affect the election cycle in favor of Trump. Though many still have their cognitive dissonance helmets on full, the reality even struck into the White House with Trump tweeting out that there was actually meddling, no collusion, but meddling. So this indictment has shown it’s potential power on the whole case but I wanted to dig a bit deeper into the Troll farm and it’s KGB ties before we ever heard about it as a general populace post 2016.

Point of fact is that in 2015 Adrian Chen wrote about the Troll farm as it was still carrying out attacks on Russia’s other pressing enemy, Ukraine. People seem to have forgotten with all of the talk about the farm in 2016, that the Russian propaganda and PSYOPS machine was actively working for Putin in support of his agenda against Ukraine and it is this fact and how they operated then that should be addressed and shown how they evolved to today’s hybrid warfare tip of the spear.

Back in 2015 the nascent troll farm was active in trying to spin stories about Ukrainian ologarchs and their activities as counter to Russia. One particular story line took place after the assassination of Boris Nemtsov, an opposition candidate to Putin and a progressive in Russia. A reporter for a Russian news service did a story on the Troll Farm and actually managed to gather their documentation including opposition research (internet research) which later would be the name they would take up as IRA right? Anyway, within that cache of documents you have papers with links on things like the Middle East and other areas with ideas on how you could attack them politically with posts like the above on Nemtsov’s being killed not by Putin, but instead by those nasty Ukrainians.

It is informative to look at the postings and the nick names that were being used by the early IRA as opposed to what they have used in 2016 and still use today. In early days they did not really try to insert themselves so well into the public space as being citizens of the areas they were talking about, in fact, most of the names have English connotations  and not Russian at all. So by looking at the users and their posts (livejournal for instance) show’s you what it was like in 2015 spinning up and learning. There may have been just as many Twitter accounts but for the most part they were using Livejournal, which makes sense because at the point this was going on, Russia had bought Livejournal…(I left LJ when they did)

No. П / П

THE CHANGE OF KAZAKABBAEV TATYANA

CHANGE OF LEBEDYANTSEVA OLGA

1

2

mazurov_89

braille_teeth

vehofunzi

qitsen

3 koka-kola23 raphahunthig
4 lipyf837 panebcaj
5 vince-crane tergparriotio
6th ya_karnavalova lihohor
7th nannik-dr sojaan884
8 Rezites cypetcompbis
9 konorlaoo04 destforkowoo
10 qkempek nouglysv
eleven caradoxee5 petraffilya
12 ynuka Backlashealthma
13 natalex84 amenem
14 anna_02051990 paintbellu
15 mrokiralex iugegeizh
16 annetjohnson pexirgarnez
17th rghkride chicocali
18 gkohio pexirub
19 karber861 kmfemovmpxxx
20 innyla92 lojtautome
21 cotedo inkiptiruc
22 Smurfetka-24 palecefaz
23 raikbowee1 hhlayz
24 ohvis134 ningcotedin
25 demouu1 olginarkew
26th nofk452 renfidebun
27th alexander7171 portlandam
28 vadro olga_lebedyan
29 makgxiewua andriudruz
thirty mofan926 unmolarlay
31 smspudilj repaw968
32 varkhotel stepalexos
33 shtots prasingyy55
34 rijbc steltertheeness
35 wylwurwolv spinrarata
36 workroman ddesesexla
37 pheyeroo57 antaauu4
38 tritonst wihhie917
39 milka_e20 pagkagezmeat
40 codirips814 werhellvolkfu
41 lorislaley tiopretytcur
42 eekim81 aladorzam
43 oftibar nyntynuriu
44 elegmhehov begtotenlu
45 aple_at_the_tab abezhiu
46 Nikolaabil oxyitt
47 hey_son1c rabrukywiz
48 firyupa snowdidsmomuds
49 asus paradana
50 Symatvei durenhuntpi
51 xamit251 sixfeevae
52 farpodmuu07 nebozuanrou
53 oloviit procomdn
54 diuu085 kovikotuss
55 alenkujl urigcon211
56 rcrims peosaytranos
57 snoop83 borgperwensgod
58 vynal rhealaltrades
59 sportto nishihatu
60 danybody asafasngut
61 alexmosyan cophetycoo
62 poragpalkhe merzasarsgepf
63 sergalyev839 promvogtsigold
64 vadim_spx pesina20k
65 rus-policy vuhyzowi
66 wafyy248 skewerilgraph
67 katerina2703 wladmancornnes
68 dragon_uz feedpecosleft
69 Winter-kinder prosorouqu
70 Pjobynrutri frantirigesch
71 green_margo cirgadisla
72 ptirenw precalacov
73 pastogross zlavaq037
74 igerenbart hrilepswia
75 mskilys szehdes
76 pantyyy08 bestthecalpa
77 thepicard lasorpprogso
78 igtego classatopos
79 paqurni zipkingfilci
80 emory6townsend preaphoubowo
81 aspera76 geoversive
82 zymecs gingsenpirem
83 001usa tes40uvir
84 ca119idia judj747
85 fadaqpm throwenelan
86 pybden sfouninmire
87 Protsyon diotradconpe
88 phidiwp507 llanpaclaive
89 makabu neytilmigers
90 osobroim glyzitneko
91 yuliya_korshyn metcentlighrou
92 Parabellum50 bentakiffo
93 policyrus pqalongese
94 tuyqer898 chaicoffskaya
95 aljin cenhoufimou
96 rammathets siohuntired
97 overtimorouq feascoacoca
98 overtimorouq prozaet
99 ntnwoc inga
100 stranamasterov glycmamortga
101 ktoroj14 imclasfulte
102 Yohohoguy izorylie646
103 pbijipsfem lighwinsbrachig
104 wyazfunovv mafomeri
105 ariol921 oryanhuazo
106 mariya-789 kfuu0
107 roavrumper daytrolchildcha
108 kyxapka odassaflot
109 ryypaulinm tamred1
110 jang033 paca979
111 wwwevgemie vollatasklu
112 p01t11 legahedddis
113 pohezvitie othoee111
114 zhakim755 trugleyscorun
115 Asswalker ybdocegesch
116 vvp2014 rpmuntar
117 to12scorta nahezuu91
118 Spicemachine socompdanfi
119 nastia642 beadeadsdentfi
120 nungsorivat pia986
121 homyr657e pzsg
122 orlenrenosr pdachee
123 kalininkhu paschig
124 parydaq070 plimtintaza
125 enot_kot ptimenalhook
126 abfyr890 Ladushki2014
127 vamiqyy63 photographereye
128 evgenyashm balyk2014
129 palfemine polza1985
130 tay-zakulisnay1 polina_i_liza
131 radbec gymbreaker
132 revivaldude strelach
133 cykularj tolstunovich
134 ageev013 demosfen-en
135 porkimes Ikehujaik
136 owwaxde082 nersis
137 andrei-kovrin IvanichKem
138 pasioda BVDfan
139 fooqbal951 bookworm-war
140 nugotvapi nina_zlova
141 swull786
142 nina_istomina
143 gig180
144 raokabea
145 synbmulty
146 beloham848
147 lissa-marioko
148 kater971
149 peflirz
150 hikonozauu00
151 hikonozauu00
152 michael_jd
153 uglycoyotespb
154 urajr
155 bobzan
156 peulgieness
157 scavamerzl
158 levyshkinr
159 pavetbrer
160 ddanii33
161 goodrus
162 supersonicwall
163 mannaliobrit
164 pierii01
165 panbiran
166 georgi-grusha
167 pashka208
168 vmoffee179
169 etopiterdetka99
170 jenyamelika
171 anya_rocket
172 snowy_trail
173 malkovich_i
174 samiyymniy
175 chadimi
176 kvazarion
177 Nestero85
178 nika_anisina
179 savoiyar
180 oksadoxa
181 mercymt

Most of these you have to look up with the Wayback Machine and you will notice that a lot of them were one off posts and that was it. Just sowing the ground for the infowar and then linking that post around. For Ukraine and anyone who has been paying attention, the PSYOPS and Hybrid War has been ongoing for many years so this is nothing new. For the US, well, the general populace that is, they hadn’t a clue I guess but I wanted to get across to you that what they pulled off in the US wasn’t new, it was just the next evolution of what they have been doing all along elsewhere. It was the magic of ubiquitous social media and a really polarized political landscape that made it work so well in 2016.

So with this indictment we can peek further under the hood of the hybrid information war against the US election process. It seems that this all kind of was being at least thought about in 2013 when Putin was pissed off with Clinton about his own elections and some of what later came out in the cables that were dumped by Wikileaks. By 2014 the notion of hybrid warfare had been put out by the Gerasimov and Russia was starting to plan. The creation of the Troll Farm I personally think was a part of the Gerasimov doctrine’s modus operandi that the SVR/GRU and Putin decided to create for this purpose and furthermore that the first fledgling attacks were the prelude to what would come in 2016. Certainly by 2015 they were spinning up and already had assets in place in the US gathering intel and creating the baselines for the attacks.

Truly this was a hybrid form of warfare using human assets and technical ones to carry off the plan. This wasn’t just some one off fly by night operation, they invested a lot of time and money getting assets in country (US) to collect data and to add to the planning stages. They then went as far to hire out servers in the US and create VPN’s to make it look as though their troll armies were actually here in the states. Add to this the fact that they also used carding sites to create users and bank accounts to fund the operations also speaks to the sophistication of the operation.

This wasn’t dedushka’s propaganda operation!

So what does all this mean other than it is an entertaining diversion for those who want to go down the rabbit hole OSINT wise? Well, it shows that the Russian plan was larger than one might have thought, more effective than some still think, and was but one component of a larger operation. That last bit is key for me to get across to you all. Of late I have been seeing reports online since the indictments came out that said the campaign really did not affect the election and this is poppycock. This was just a part of the larger whole and to take this module of the whole plan and separate it out to say nothing happened, is idiotic.

Though the President and the Russian operations still ongoing would like you to believe this is the case, it is a falsehood. In tandem with the hacking and the leaks, the Russians most definitely affected the voting by the populace. In fact, when information starts to come out about how Analytica data targeting very specific groups and regions comes to light you will see just how much the whole is the sum of the parts and the synergy was leveraged. This was no simple hack and dump of data, there were psychologists and social scientists involved as well as technicians and hackers.

This indictment just sets the stage for more to come my friends… And seeing Donny squirm and rage has been amusing.

More will come. For now though, do read the aricle and look at all the docs in the Google docs dump there.

Dos va donya

K.

UPDATE: I am going through the metadata of the files from the Google drive and I have found a document that comes from a .mil address (function.mil.ru) and this document (Nightly TK of 06.01) gives direction on post keywords and writing direction for content.

Ночное ТЗ от 06.01

It was created 1/26/2015 by “user”

You can now see a military connection to the Troll farm.

Written by Krypt3ia

2018/02/20 at 20:57

Create NEW Ransomware: Darknet Site Ransomware Scheme

leave a comment »

Surfing the darknet as I do, I came across this little gem of a site today. The idea here is that you can share in the bitcoin ransom by entering your wallet address and then getting a download of the malware to deploy wherever you like. This seems like a ponzi scheme to me where you offer a great reward for a little action and in the end you get ripped off but ok, let’s run with it. The site is in the darknet and I am not sure if or how they are publishing this site elsewhere so people can find it and use it. I must say though that the site is more complete than I thought it would be once you start to dig and the ransomware is new to me as well as it seems to be to VT and Hybrid.

So yeah, I decided to play along and I used someone’s wallet to start the process here. Who’s wallet you ask? Well this guy’s wallet will do since he has never had anything in it. So it’s fairly simple, you put in the wallet address then solve the captcha and lo and behold you download the ransomware. I also decided to see if I put in an alternate wallet address would I get another hashed file, and yes, yes I did. I only changed the wallet address by one letter (a) and got a new file that I uploaded to VT after the first one.

 

Upon upload to VT and Hybrid I get hits on the major players and the designation of the malware is of course ransomware but you choose the name you like because there are too many per the AV firms (please stop this)…

So yeah, the ransomware is not so stealth and likely anyone with current AV will have some intervention one hopes …But how many really keep their AV up to date and working?

*sigh*

Anyway, I uploaded it to Hybrid and got the following report and the second with the second sample here

 

The malware reaches out to the darknet via .casa online bridge to the darknets. Once you plug in that address you get the Qrypter site frontend. This site is your C&C ostensibly to track your malware and your bitcoin “donations” from the poor sods who get the malware. The unfortunate bit is that when you go to the url that is in the malware you get the following sad news:

OH NOES! Are you smelling a scam? Cuz I am kinda smelling a scam here now…

Anywho, the interesting bit for the site itself is that it has a display on how many AV vendors are seeing the malware and as of today it’s… Wrong?

Mmmmmmyeaahhhh no, I see 14 vendors seeing this as malware and I have just added to the hash pile by uploading my samples here so that is likely to get even more detected as the day passes on. So, this is an interesting turn in malware as a service, or in this case Ransomware As A Service (RAAS) as I have seen out there on the net. I have captured the whole site in the darknet and I will be spending some more cycles on the malware later on so updates will likely follow on this post. For now though, just enjoy the novelty and the derp.

Cheers,

K.

UPDATE: This is evidently a new replay of something seen in 2017

Written by Krypt3ia

2018/02/19 at 15:49

Posted in DARKNET, Malware, Ransomware

Useful Idiots, Russians, and FISA Warrants

leave a comment »

Now that the Nunes memo is out and all the news cycles have been spent ad nauseum on point-counterpoint of the cherry picked facts ol’ “recused” Devin put to paper, I thought I would add my two cents here. The fact of the matter is that Nunes seems to have been in the pocket of the Trump admin from the get and this memo was just crafted as part of a propaganda operation to give Trump shelter to possibly plead the fifth in interviews with Bob Mueller. The idea goes like this;

  • The FBI is bias

  • The DOJ is bias

  • The Steele Dossier is bias and false… Oh and it was paid for by the opposition!

  • The Steele Dossier was used as the predicate to eavesdrop on poor innocent Carter Page!

  • By proxy of use of the Steele dossier to obtain a FISA warrant and continued approvals it was BAD! and ILLEGAL!

  • I, Donald J. Trump cannot get a fair hearing out of the BIAS FBI/DOJ/Mueller! So I will plead the fifth or not talk to him at all!

I would like to set aside all the cognitive dissonance that Trump and his quislings would like you all to suffer and show you some facts about good ol’ Carter Page that make the introduction of the Steele dossier a trigger to legally get a FISC court to approve of extensions on surveillance. Pay no mind to the general argument that the surveillance was illegal at all or that the FBI lied their way into getting approval to do so because that is just wholly untrue. The warrants were warranted and the data that enabled the FBI to listen to his conversations and watch his texts and emails wasn’t just this “dossier” (notes really) that came from the opposition investigations started by the GOP in 2016. You see, Carter had already been on the radar of the FBI since 2013 and this is an important fact to all of this.

You see, back in 2010 the FBI popped “The Illegals” in NYC, remember? The 10 NOC operatives in the US looking to gather intelligence and connections that the SVR (Directorate S) could pass to Directorate E at Moscow Center. You might all remember the most spectacular of the reporting concerning Anna Chapman, the ersatz NOC who managed to get pretty close to a number of important people within the constellation of the US president. Well anyway, those guys were popped by the FBI, which in turn left another group of NOC agents for the FBI to start working on with renewed vigor and FISA warrants. In 2012 the FBI began to intercept communications and tail one NOC agent and two official cover agents in the NYC area (where Anna and others in the 2010 ring were) who were out there working to gather intelligence and recruit assets.

The three, revealed in 2015 via affidavit in NYC, were Evgeny Buryakov, (NOC working for Vnesheconombank), Igor Sporyshev, and Victor Pdobnyy. Buryakov was the contact man and the two others (Igor and Victor) were his bag men and controllers passing information to and from Moscow Center. During the time that the FBI was surveilling and carrying out intercepts on them, the handlers (Igor and Victor) were heard through the intercepts talking about various other things like how they thought being a spy would be a bit more Bond like and other routine things. Until that is, one day they were caught talking about a certain individual that the Affidavit names as “Male-1” which was later confirmed to be none other than Carter William Page, the boy wonder.

Igor and Victor really didn’t have that much nice to say about Carter, basically calling him what the Russians in the trade call a “полезный идиот” or useful idiot. In reading the text of the intercept you can see that Carter was eager to have connections with potential Russians who could garner him access in the Russian government and or business environment such as Rosneft. He emailed Victor who had given him his card with two email addresses on it that the FBI was most likely monitoring as well, though the affidavit here does not outline this. In any case, all of these conversations were captured in the SVR offices that the two were working in and had been compromised if not by SSG at the very least by FISA intercepts of the infrastructure used to send messages. In this case though, the conversation was caught on a bug in their offices *wink SSG*

So it seems the plan here concerning Carter Page was that they planned on grooming him, using him for intel with the lure of getting him hooked up to make a lot of money and or, to get him to do something for money and then use that as kompromat for more later. It seemed that Carter was interested but the FBI stepped in and interviewed Carter in 2013 and nothing much more is said about him by the FBI nor the two SVR agents that we the public have been made aware of. The affidavit in 2015 relates the tradecraft and the operations the Russians undertook up to and including an interesting interlude where the FBI sent in an agent of their own ostensibly making overtures about making a deal on a casino in Moscow. Suffice to say it is interesting reading and in the end the three were rolled up with Evgeny (Zhenya as he was referred to) arrested by the feds and the other two returned home to Russia having been blown.

If you read the whole affidavit you get a pretty good picture of what they were up to and a lot of the espionage they were carrying out centered on financial information and, wait for it, wait for it, “sanctions” against Russia. Gee, now where have we heard a lot about sanctions lately say since like 2016? Right, these guys were working on the same types of information gathering and asset recruitment that the previous ten illegals had been doing for the same SVR division. So, are you all seeing the pattern here? In the case of Carter, he happened into their sights because he wanted, needed, was hungry for those connections to the Russian oligarchs within the energy sector that he was working in himself. He showed the two SVR officers that in the MICE or RASCALS list of reasons to spy, money was his biggest motive according to Victor in the bugged conversation in 2013.

Right, so Carter has already come into contact with the Russian SVR in 2013 and has been admonished/interviewed by the FBI. You might think that he would maybe back off a bit but not our Carter! He goes on to only ingratiate himself with the Russians and as time goes by, either is put in the way of Trump by the SVR by way of Paul Manafort, or, by just blind luck he ends up not only in the Trump orbit but also inside the inner circle as an expert in foreign relations. How might have Manafort been directed possibly to use Carter Page? Well, if the SVR kept it’s records it may have nudged him in that direction because they KNEW they could possibly use Page because he was so eager in the past with Victor and Igor as well as his multiple trips to Russia to “make friends” there.

So when Carter suddenly turned up in the Trump inner circle, and the Steele dossier mentions overtly that there was intelligence given by a source that Manafort was using Page as a proxy as well, then the FBI just had to go back to it’s records on Page and the 2013 incident. Honestly, this is not that hard people! So, when the FBI went to the FISC to get a new warrant as well as to extend them, they had a history already that likely contained even more information on Page and his interlude in 2013 with the SVR to use as just cause to get a warrant signed and intercepts started.

But once again, it was not Carter Page and his FISA warrants or intercepts that started the Mueller investigation kids, like the memo said, that was Papadopolous!

But I digress…

Back to Carter and his Russian pals. You see in the Dossier by Steele you also have direct intelligence product that claims that Carter met with Igor Sechin who offered him tasty tasty things for some sanctions quid pro quo in 2016. Notice that this guy is involved in Rosneft, a name you have heard before and within the space that Carter claims to be expert in. If I were the FBI then I would be looking rather closely at ol’ Carter and getting all the information I could out of him. Obviously just having another nice little chat would do no good.

Well, all of this just refutes any claim of “poor me” by Page in my book and I am sure the IC as well. The whole #releasethememo crap was just another propaganda/hybrid warfare program by Russia and the Trump administration with the help of the GOP in my book. It’s all a little like playing Clue, and it certainly does look like it was Professor Page, in the library, with the candle stick if you ask me. Much of the Steele Dossier information has been backstopped by information that has come since it’s creation. We have seen a president and his minions all act guiltily and extremely stupidly in trying to cover up their connections and it is just all the worse that this group of people has been aided and abetted by the GOP. The memo release was just the cherry on top of the shit sandwich but it should not distract all of you from the truth of the matter when you do the research and pay attention.

Whether or not Trump actively has been an asset of the Russian SVR, or an unwitting полезный идиот, I for one believe now he knows the scope of things and is trying with all his wiles to get away with the biggest con he has pulled to date; that of taking the presidency with the help of the SVR and GRU. Certainly Manafort seems to have been a bit more directed and in a bind because he owed so much money to a Putin aligned oligarch, but Page is clearly an idiot, just watch any of his TV appearances to see for yourselves. Alas though, you needn’t be a super genius to be used by the SVR and effective enough to damage the country targeted.

There you have it kids.

K.

Written by Krypt3ia

2018/02/07 at 01:05

Posted in Espionage

Ethics In Hacking and Dropping Code

leave a comment »

With the release of Autosploit, a tool for automatically scanning and exploiting hosts located via Shodan.io, a shit storm erupted on the ethics of releasing a tool like this. The problem has become just how easy it may now be to automate the attacks on vulnerable systems en masse that this tool could potentially provide. In an age where IoT devices as well as SCADA and ICS are sitting online in vulnerable states makes the possiblity of great damage to large networks more probable with such a tool. It also brings to the table the idea that the barrier to success on such attacks has been lowered to a new class of individuals with a limited knowledge base and creates an asymmetric threat model of a single individual able to wield greater attack capabilities with one tool.

Many arguments have been made on Twitter about the efficacy of releasing code like this but most have not focused on tools per se but instead on malcode or 0day’s. Now that there are bug bounty programs and companies that sell vulnerabilities we are living in a more dangerous time where the few with the money could buy exploits and do mass damage or commit mass surveillance and espionage. This also applies to countries willing to pay for 0day exploits to be in control of the attacks and have the upper hand. Think about that, our politics and our lives are at the mercy of code being sold to the highest bidder. We have weaponized code and tools made from it on a medium that was supposed to enlighten and bring us all together. Instead our baser nature has made the internet and everyone’s devices a tool for repression or subversion.

After the release of Autosploit, the hue and cry went up, and rightly it did. In a time where we have people releasing code and remarking “Let the world burn” I think it is time that we began to talk about the ethics of doing these things. Ethics kids is a philosophical discipline where you consider the moral responsibilities of what you do and the effects your actions could have. I think that too many people of a certain age group have had little to no training on ethics and this has helped to lead us to where we are today. In this specific case let’s talk about the ethics of releasing any code or tool that would lead to potential disastrous effect.

Many tools over the years have been dropped for free by hackers out there that could and were abused by others who downloaded and used them for their own desires. I have been exhorted to mention things like BackOrifice or L0phtcrack in the past and, well, there you go. Both tools were used for bad purposes as well as ostensibly good in the hands of penetration testers. Of course these were just placed on the net for free for anyone to have at first and this is where the quandary starts right? Did L0pht or CDC consider the potential damage that could be done with their tools? Did they put them out there with some self awareness that they may in fact be complicit in crimes because the tools that they created and distributed, for good or for ill, could be misused?

I point you all to Alfred Nobel, the inventor of Dynamite. He created a tool that would help in mining but in the end that tools devastating effects were used in other ways to hurt people and wage war. In an obituary that was accidentally run about him instead of his brother, he learned what the world perhaps thought of him regarding his invention. This bothered him so much that to atone for his actions he created the Nobel Prize to further science and other pursuits that do not further the harm of others. The idea that his inventions use for ill and how he would be perceived by history prompted his ethical response.

Today, we have people creating tools that could be misused and in some cases are for the sole purpose of misuse. The Autosploit tool may be a boon for some penetration testers, but the reality is that it is just another mass scan tool that seeks out vulnerable systems throughout the whole of the internet and loads the exploit potential to just break into them. This is not a refined tool for a scoped penetration test, this is a tool for mayhem. This is why I think others have made comments about the way it was released and the dangers in doing it so. The ethics though seem to have been glossed over concerning this release. What are the ethics of Autosploit’s creation and release on a Git repo? What is the morality behind doing so? Are there arguments for either of those or is it just another hacker saying; “Let the world burn” with no thought or accountability because it is the internet?

The problem we have today is that there are no ethical demands being placed on these coders and hackers. In fact, the whole notion of hacking has a very troubled side where illegal activities are the norm because the ethical and moral question of “should I do this” has not even been contemplated over the desire to know things. Sometimes I personally think that there is a fair bit of sociopathic behaviour in this community to begin with so that actually kind of aligns with the argument that ethics have not even been contemplated in some of these works. So as we move forward into a world of cyber warfare we have to care for the ethics and morality of what we do just as we have in all other forms of warfare in the civilized world.

While people like Katie Moussouris advocates for penetration testing tools being classified in ways that they are not declared illegal, we too have to look at the ethical concerns of the tools and how they are released to the world at large. Wassenar is a great idea but I feel that it is a myopic approach to larger issues in our ever more connected world. If you look at the actions of the Balkanization of the internet, you can see the actions of China and Russia joining together in a pact to repel the US hegemony in the internet you have to follow that all the way back to the tools that make such issues possible. The tools that you all create for hacking and exploitation that you should have some ethical concerns over when they are used perhaps in ways you did not intend.

Thus, take the ethical pause before you just dump them online …Unless all you care about is watching the world burn.

K.

Written by Krypt3ia

2018/02/02 at 20:12

Posted in Infosec, Uncategorized

Industrial Society and Its Future (1995) & Our Socio-Technology Woes Today

with one comment

With Manhunt Unabomber on TV recently which I binged, I have been thinking about old Ted and his ideals behind the madness he was pushing. I would like to state up front that I do believe that Ted is clinically mentally ill and that manifested itself when he finally went into seclusion. What happened over the years that followed was an unbalanced reaction to ideas that have a core of truth though and many people actually see the same kernels of insight that I am going to talk about here. I have just finished re-reading the manifesto that he got the papers to publish under threat in 1995 and clipped some passages for you to see here without having to read the tome yourselves.

Where I want to direct this post though is about the problems we have today with technology that Ted seemed to foresee and also to extend a little further into the social issues that we have seen played out in our recent election cycle and the probable attacks on the one upcoming in 2018. Ted touched on some of the sociological and more human issues of technologies and systems in his manifesto but for the most part he was taking a very rigid stance that all technology is bad for human beings and the environment. He had some interesting ideas on sociology specifically on left wing and right wing personalities and ideals that, well, he get’s all wrong frankly, but I feel it is important to mention. Though he got it wrong and his opinions on motivations was, well, very 1950’s, you can see some of what he is talking about in what has been playing out with the alt-right movement.

Ted is misdiagnosing people’s motivations likely tinged with his own issues psychologically so his assessment is flawed. However, if you read above you can see something there if you align it to the alt-right today. They feel inferior in that they lack the power, or, lacked the power until Trump was put into power by their minority of thirty odd percent of the vote. Anyway, Ted goes on for a fair bit on this and I will not bore you with it as it is not overly germane to this post, but I thought you should at least get a glimpse here. Ted, you got leftists and right wing all wrong dude. Of course this was within the first pages of his manifesto and he really does not get to the technology part until section 114 or so where we want to be.

In 114 Ted starts to talk about “the system” which means all technologies to him I think, but if you look at it from the perspective of a political system as well, you can see something that maybe we all have felt. How many of you have thought about voting and come to the conclusion that your vote doesn’t count? I have, in fact in the last election I almost did not vote because I just felt that the system was rigged. In rigged I mean districts were gerrymandered, back door deals are all in play, and possibly even the election machines had been hacked because, as we all know in the security circle here, they are so weak in security mechanisms to be laughable to hack. In effect, these systems, both technological and rule based were inherently made untrustworthy by the system of politics. We have had our real autonomy and ability of action removed from us through the system and it’s rules …So why bother voting if it’s a foregone conclusion and there is no foreseeable change right?

Another area of thought that Ted writes about that seems to be a companion to the above section is once again your power is taken from you because the government or the system. In Ted’s mind it is the technology at the bottom of all this but here again he is making what I would consider more a political or societal argument. In that conservatives really want states rights over big government, I for one cannot extricate this paragraph from the notion today that the right wing would like to take away the power of the people locally as well as nation wide even with “small government” Honestly some of their thought processes are rife with cognitive dissonance but the goals seem to be “we are in control because we have the money and the power and you should just do what we say” Anyway, it is just another system and technology today only enhances the control as far as I can see. Of course we are also seeing that with things like Anonymous and the internet, the power can be interrupted with the application of the right technologies as well huh?

Here Ted is talking about the system taking over the individual to perpetuate the “system” and if you read this with an eye to today’s concerns over jobs and the rise of the Trumpists, you can see a parallel right? If the systems are now creating supply chains that are automated enough to not need human intervention for function, then we lose jobs right? Of course Trump really doesn’t cover this notion completely in favor of jingoism over borders and immigrants taking over our jobs but the real reality is that automation is doing this as well as tax games that move companies overseas. I sometimes wonder how the future will look if we do not educate our people better and these systems just function without the need for under educated workers, will we see more of this unrest that leads to another Trump?

 

If you have seen Manhunt Unabomber, then you will recognize the imagery that they used at the end concerning free will and systems of control. Ted takes it to the nth degree but the reality is that systems do control our actions but once again you have to accept that control and accede to it to be controlled. The very core of hackers and hacking is the notion that we can subvert the systems to make them do things they were not meant to do right? In the case of the stop light and the philosophical questions over being part of a system or controlled by one is very interesting. You all should ponder this as hackers and persons within a series of systems both technical and logical and consider your position here as well. I think we are at a cross roads here post 2016 and the use of technologies and systems of governance where one might feel like Ted a bit. What control do we really have when you could opt out of the system but the masses don’t? Look at what has happened when a small percentage of people in this country gamed the electoral system to elect Trump over the clear popular vote. The system has control over the lot of us and there isn’t very much we can do as we have seen if those in power, a small group, is in control of all our fates.

It makes one have thoughts about hacking systems… What does it mean? Can it be done? Should it?

In 130 and 147 here we have an important point from 1995 kids about the uses of technology as a form of control. Take that paragraph in and think about where we are today and what we have seen since 2001. We have fetishized technology in the name of freedom today. We have autonomous drones, cameras, NSA systems that monitor everything, and lest we forget our own abdication of our personal information and privacy for the new shiny phone or application. Collectively we have allowed our own security and privacy to be degraded for shiny things. What’s even more interesting is that those in the know, the one’s who have the capabilities to secure their private information may never really be able to completely do so because the systems are so prevalent that our data is out there anyway, just one breach away from being publicly available for sale on the darknet. I have often had thoughts about just backing away from the technology, but then my lizard brain just says “you can do this, you can secure your shit with crypto and all the things”

That’s delusional thinking.

Look at what played out in 2016 and then try to convince yourself that you can control the system enough to be immune.

Geez I am starting to sound like Neo.

Anyway, all of this manifesto reading has given me perspective on things in 2018. Ted had some ideas that are valid but he was unstable and decided to act on them to save humanity in the wrong way. Frankly he should have just lived in that cabin and kept to himself and paid no attention to the outside world. This is the crux of the problem though, could he? It seems like he lived on the fringes of society and he knew he could not go full mountain man and live off the land so he did what he did. Herein lies the problem though for us all. Unless you have the wherewithal to live fully off the land then you have to deal with technology and society right? So here we are, how many of you out there could just walk into the woods and live? I find it funny that a lot of our zombie shows pretty much deal with this issue and we are eating it up. Deep down we all know that if society broke down and technology stopped, we would have to fight for everything to survive. Many of us wouldn’t be able to handle it and there would be a lot of attrition.

As we move forward with AI and more technologies that are supposed to make our lives easier, we are also infantilizing ourselves, separating ourselves from communities, and giving away certain aspects of ourselves to the machine. So I can understand some of what Ted was saying …I am just not mentally unstable enough to want to live in a shack and make little packages of explosives. I do however have my moments when I as; “What are we doing here?” I have written posts on Stratfor about hybrid warfare counter programs and honestly between the pervasiveness of the technology and the cognitive dissonance of those who use it I can see no good options for countering it. Is the answer then to just leave Twitter and Facebook? Is the answer to just not surf the net and read a book from a library? Or do you double down and work the system like a hacker and try to get some sanity?

K.

Written by Krypt3ia

2018/01/31 at 14:12

The Post Conspiracy Age

leave a comment »

In last weeks episode of The X-Files, the whole notion of conspiracy theories, truth, and reality were amusingly deconstructed. The premise of the episode was put into one of the more amusing funny X-Files over the years but the core observations it made were something to think about outside of satire. The story line follows the idea that Mulder and Scully had a partner that neither can remember because he has been collectively erased from their memories by a “Dr. They” a hypnotist spooky doctor of some kind. The plot line slides along greased by all the conspiracies over the decades of the show concerning belief in cryptozoology and aliens while making the case that the human memory is not only fallible, but it is also highly manipulatable.

Throughout the story line the notion that people remember things differently per experience also is at play with the idea that forces are at possibly at work shaping the collective memory. One of the ideas they drag up is that of the Mandela effect, where people have varying memories of Mandela dying in prison as opposed to him being released in 2013. Of course Mulder offers the theory that these are often explained by parallel universes, but that is shot down by Scully and “Reggie” the alleged partner they cannot remember. I for one have heard of the Mandela effect but then Reggie says it is not the Mandela effect, it’s the Mengele effect. The Mengele effect as far as I can tell is just a plot device for this episode of the X-Files but the Mandela effect is another matter. It seems many who misremember go on to substantiate their own inability to remember things properly as an “effect” to save face.

“It’s the Mandela effect. When someone has a memory of something that’s not shared by the majority or the factual record. For instance, there are some people that have a memory of seeing a movie called Shazam starring Sinbad as an irrepressible genie. Even after it’s pointed out to them they’re probably thinking of a movie called Kazaam starring Shaquille O’Neil as an irrepressible genie. Especially because a movie named Shazam was never made.”
“But what if I don’t remember either movie?”
“You win!” – Mulder and Scully

Aside from the idea that there are Mandela effects, aliens, squatches, and government conspiracies, this episode focuses not on them for me as much as the methods these ideas are spread and the nature of just what is truth anymore. In a meeting near the end of the episode, Mulder meets the mysterious Dr. They, who is seen standing by a sculpture making the “tsk tsk” or naughty hand gesture that you see above. He starts off talking to Mulder about how the kids today have no idea what this means anymore and that we are living in a “Post conspiracy age” where nothing is real anymore anyway so conspiracies just mean nothing.

“They don’t care if the truth gets out. Because the public no longer knows what is meant by the truth.” – Dr. They

Basically They tells Mulder that none of his truth seeking matters anymore because we are in a post truth society. In effect, nothing can be true anymore because everyone just believes what they want to paying no never mind to facts and things that are known to have been truths. It was this scene of the episode that just hit home for me. In a time where social media has given rise to the common man’s ability to leverage their own cognitive dissonance as part of a larger machine of propaganda and psyops by nation states and corporate entities, nothing is real anymore. Even if you present people with facts and data, they can just discount it because of they now have an arcology of communities that they belong to which re-assure and amplify their own ideas whether or not they are patently wrong and provably so.

….In essence an arcology of echo chambers.

“Believe what you want to believe. That’s what everybody does nowadays anyways.” – Dr. They

As I watched that scene over again a few times it all hit home in a way that I had not overtly thought about in a while. We are living in an age of subtle Nihilism where nothing really exists or matters on a factual or truthful level. It’s all “Truthiness” as it was coined by Stephen Colbert. You choose the level of the truthiness and it’s content per your belief system and no one will be able to assail your notions because they are just wrong. In the X-Files episode the quote by Orwell was brought up twice of “He who controls the past controls the future.” which is then re-stated by They in the meeting scene with Mulder where he says that it was Orson Welles who said it. He is corrected by Mulder that it was Orwell, but basically They then says “for now” as if he is about to manipulate everyone’s memory to change that. It’s amusing as a scene but the reality is that with the facile minded and the misinformation of the internet and manipulative media, it is a possibility that it could become a reality where the masses believe it was in fact Orson instead of Orwell, and then it will be come de facto fact as someone edits the Wiki page and commits.

“We’re living in a post-cover-up, post-conspiracy age.” The “poco”

I was left thinking after this episode about the problems I had been mulling over concerning counter narratives and programs to fight active measures campaigns like the one that Russia carried out and is still carrying out on us. One could just buy into the idea that there is no real way to fight this because we have a system now that allows and perpetuates these echo chambers. Twitter is a steaming pile of minis-information and food pictures. Facebook, well, Facebook is another animal altogether and Zuck has recently doubled down on the problem by saying they plan on only having more inter-networked news being passed on by it’s users instead of real news service feeds. This will only lead to amplification of misinformation as those groups only echo those “truths” they want to believe as opposed to facts. It all makes one want to embrace Nihilism all the more and really believe in nothing at all because what can you believe in when everything is just opinion as fact?

Today we are bombarded with information that has been created, ,managed, or manipulated by the unseen hand of corporations, people, governments, and cabals if you want to believe that. It is up to the consumer to do the leg work and discover what is truth, but unfortunately for the masses it seems, the truth is just subject to their own cognitive dissonance. In 2018 we are about to embark on a new roller coaster of disinformation and active measures not only perpetrated by Russia and other actors, but ourselves. How do we really fight that power?

K.

Written by Krypt3ia

2018/01/29 at 14:58

Pyongyang Radio 6400khZ V15: Numbers Broadcast May Have Been Book Code

with one comment

On April 27th 2017, just as a nuclear test was about to be performed in the hermit kingdom, the default numbers station in Pyongyang broadcast a series of numbers under the guise of it all being lesson plans for students in what they called their “remote education university for No. 27 expedition agents” This broadcast differed from other numbers broadcasts by DPRK but also by other countries that tend to use just discreet series of numbers and what most likely are one time pads. In the case of the April broadcast from DPRK though it would seem that they are maybe using what is called a “Book Code” method to send secret messages to their operatives in the field.

Now this would be an interesting turn of events if the North was using book code instead of randomly generated one time pads. The most important point of this is that if in fact they are using book code, then you could possibly get a copy of the book and follow along to decode the messages. As this so far, was a one time event, you have to wonder was this just something in a pinch, an emergency out of band broadcast? If it was this could be a fall back on coded messages and with the preamble by the announcer, it could have been. This is the first time I have heard a numbers station broadcast like this and my first thought was book code, but, others seem to think that this is just a re-mastering of the normal coded number sequences that you would usually hear out of a numbers station.

Screen Shot care of numbers-stations.com

As you can see from the screen shot above, the numbers stations site re-configured the numbers into just sequences. What if though, these were actual numbers of pages along with the words or letters (kanji in this case perhaps) within the text that could be taken down to form words? I have been looking at the number series and it is possible yet I cannot confirm this is the case. I mean after all, what book would this be? Would it be in Hanglo? Kanji characters or English text? For that matter any range of languages could comprise the text of the book used. Also, if you look at the page numbers and problem numbers, could this in fact be some IT problem book that has been turned into a code system?

From now, we will send IT Basic Practice problems for Agents No. 27. Now, we will tell the number of problems. 823 pg No. 69 467 pg No. 92 957 pg No. 100 830 pg No. 07 694 pg No. 89 429 pg No. 95 916 pg No. 39 347 pg No. 48 684 pg No. 42 917 pg No. 41 754 pg No. 70 146 pg No. 23 883 pg No. 98 980 pg No. 43 672 pg No. 61 075 pg No. 25 2242 pg No. 47 412 pg No. 66 455 pg No. 39 813 pg No. 49 661 pg No. 89 582 pg No. 97 111 pg No. 75 470 pg No. 43 512 pg No. 49 287 pg No. 90 880 pg No. 64 044 pg No. 83 519 pg No. 56 907 pg No. 95 112 pg No. 11 275 pg No. 25 686 pg No. 72 086 pg No. 91 948 pg No. 21 173 pg No. 24 845 pg No. 31 844 pg No. 89 750 pg No. 08 611 pg No. 97 284 pg No. 02 190 pg No. 04 372 pg No. 53 116 pg No. 23 710 pg No. 17 339 pg No. 45 411 pg No. 78 775 pg No. 21 797 pg No. 51 378 pg No. 13 021 pg No. 55 812 pg No. 61 639 pg No. 43 926 pg No. 81 971 pg No. 100 763 pg No. 50 058 pg No. 92 662 pg No. 28 717 pg No. 94 339 pg No. 54 518 pg No. 68 167 pg No. 20 121 pg No. 92 220 pg No. 16 558 pg No. 95 738 pg No. 04 723 pg No. 87 599 pg No. 33 719 pg No. 19 862 pg No. 73 412 pg No. 57 166 pg No. 93 064 pg No. 85 971 pg No. 20 856 pg No. 90 581 pg No. 36 101 pg No. 82 477 pg No. 95 112 pg No. 89 132 pg No. 45 939 pg No. 64. We will repeat. (Same Numbers). That is all.

By looking at the colored text of the broadcast one has to wonder if this is a book with regular text or a math book as stated. So in the first it would be the 823rd letter? Or would it be the 823rd word? Even more mind bending could it be letters 8 and 23 on page 69? You see where I am going with that right? All of this came back to me as I was watching a recent Amazon prime video on Shakespeare’s folio and Kabbalah codes and word play that seem to exist within it that may have been a work of Francis Bacon and a second person. Either way, this is an interesting broadcast out of DPRK and I for one would like to ponder just what book this might be if indeed it is a book code…

Unless it is just a math problem set…

One of the other interesting tidbits here is that in the preamble they say these are IT (Information Technology) problems. Does this mean it is something along the lines of a book on CISSP? (in joke there folks!) but yeah, could be that or it could be something like a book on MCSE for all we know. The issue is to match the numbers of letters or words to pages in a book that each agent would be able to get in country and use for this purpose. If this is a book code, did the agents receive a book when the left? Was it sent to them later? Also, each book would have to be the EXACT copy, not iterations of a book in order for the code to work. There are a lot of questions still as usual with North Korea so one could just sit and ponder this for quite some time.

I went and started looking for books printed in DPRK but got no love. That it’s said to be IT, well, I have several boat anchors I can look at but in the end, without some more insight into the hermit kingdom’s methods here, you likely will just lose your mind trying to figure it out. So, if you have some time to waste, this could be a nice distraction but certainly stop before you get to the cliffs of insanity here.

Enjoy,

K.

UPDATE: I got a comment on this post from mrpnkt informing me of text books found on Red Star/DPRK Android tablets available in North Korea. The presentation at 34C3 can be seen here:

Basically they discovered that there are a metric ton of almost PDF files on the systems that the end users in DPRK can use to learn. These seem to be uniformly available and as such, they may in fact the the IT manuals discussed in the V15 broadcast last April. These guys actually have the files on a torrent to download and actually are asking for any help in discovering more about them. Thanks to Will Scott Gabe Edwards for this data. I am currently downloading the 4 gig of files to play with myself.

You can too now.

K.

Written by Krypt3ia

2018/01/22 at 21:39

Posted in DPRK