Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Project Vigilant: Quisnam vigilo vigilo

with 3 comments

In the fight against terror, the U.S needs all the help it can get, even if that assistance comes from unpaid volunteers.  For the past 14 years, a significant volunteer group of U.S. citizens has been operating in near total secrecy to monitor and report illegal or potentially harmful activity on the Web.

Flying “under the radar” and carefully discouraging any press coverage that focused on the group, Project Vigilant has quietly operated in the eddies and whirlpools of Internet research, feeding tips and warnings to federal, state and military agencies. The group claims over 500 current members, although their names and identities are still mostly secret.  Their members comprise some of the most knowledgeable experts in the field of information security today and include current employees of the U.S. government, law enforcement and the military. . . .

Project Vigilant

Last year I ran into an incident that made me wonder about murmurs I had been hearing within the community about “Citizen Hackers” or Patriotic Hackers. It seems that this has come to fruition with this “Vigilant” group that popped up at DC last week. Of course I and everyone else in the infosec community are somewhat incredulous about this group in the first place as we have never heard of them but also if you listen/read about them they become even more “spooky”

  • They allege to have tacit “high level” approval of what they are doing and connections
  • They claim to have access to ISP data that really should be protected but seem to have some sort of out on that
  • Claim they are monitoring 250 million IP’s and can track anyone (#LIGATT anyone?)
  • Outed themselves at DEFCON to recruit for their super secret work? Huh?
  • Chet Uber’s LinkedIn is reminiscent of Robin Sage’s except it has even less data than hers did
  • Is seeming to claim a large involvement in the Wikileaks case

When I first heard about this “press conference” and the content of it, my spidey sense went off right away. Not only does it sound ridiculously bogus, but it also sounds really scary in a Babylon 5 “Night Watch” kind of way. What it really means is that if this group has been around a while, they just got the go code to begin a larger collection mandate. It also means that the worries of many post the Washington Post’s reporting on “Secret America” (blog post here) is coming true before our very eyes.

To whit: “Who’s watching the watchers?”

If their claims have any merit, then these guys are a civilian “group” of volunteers who are accessing data and watching people online without any oversight. They are not duly appointed officers of any agency, and they are in effect, more like a McCarthy-esque cabal no matter the ostensible “good intentions” that they may have. With or without oversight, it would seem that with a tacit approval by the government and the agencies, we now have a civilian spying arm that would have a type of Carte Blanche to watch anyone they feel like watching.

I would also take up the fact that really, no one has heard of these people before in the community as well as their ranks (those named so far) have not been stellar names in security as far as I am concerned. So, just what are the aims here? Is this some new fangled version of the Idaho militias with computers instead of guns?

A cyber-militia so to speak?

Now, back to the start of this little diatribe… I had heard murmurs and allegations that the military types were lamenting not having a force multiplier in the cyber offensive like that of China’s “Citizen Cyber Army” that they have been developing. It would seem that this may in fact be the answer that they were looking for.. Or maybe started huh? But again I ask this question:

Why announce yourselves at DEFCON? If you are so secret and super dooper why not just scout people out and talk to them in private? Go through an interview process as a cutout company perhaps and get volunteers that way? Also, why volunteer? Why not take this baby IPO and make your own company there Mr. Uber? Just the type of thing the Beltway seems to be eating up lately since 9/11.

You could make Billions Muaa muaaaaa muaahahahahahahaha

Nope, it just rings… Well it smells is what it does… Like old cod on a hot day.

If indeed an approved group and mandated this bodes ill for all of our rights. It bodes ill for the country, and it should scare the shit out of people.

On the other hand.. This could all just be another #LIGATT huh….

Time will tell… Read up and decide yourselves… Attrition is looking into them… So am I.

*EDIT* As just pointed out by @theintersect their spelling in the logo is wrong too! It’s VIGILO not VIGLIO! Whats that as in Don Viglio is watching you? BAAHAHAHAHAHAHAHAHA

Linkage:

Google Search

CoB

Written by Krypt3ia

2010/08/03 at 13:41

3 Responses

Subscribe to comments with RSS.

  1. Lots of “What the?” things about this:

    #1) This is all over the place at this point – quick breaking for a Defcon announcement:
    http://blogs.forbes.com/firewall/2010/08/01/stealthy-government-contractor-monitors-u-s-internet-providers-says-it-employed-wikileaks-informant/

    http://www.salon.com/news/opinion/glenn_greenwald/2010/08/02/privacy/index.html

    #2) Glen mentions there are more well known names on board than one would expect if this was an amateurish enterprise.

    #3: I’m drawn to the “Copyright 1996-X” bit. 1996 is going back 14 years, which is like a century of non-internet time. Dial-up didn’t even have the penetration that Wireless does now.

    MrVetinari

    2010/08/03 at 17:04

  2. […] This post was mentioned on Twitter by Faaz, Niels Groeneveld. Niels Groeneveld said: Project Vigilant: Quisnam Vigilo Vigilo http://bit.ly/aJdDsf #chetuber #cybersecurity #hacking #infosec #projectvigilant […]

  3. The average citizen feels they are the center of the universe, but can’t handle their own grocery shopping without entering a state of catatonia.

    I am nonplussed.

    Barky

    2010/08/03 at 23:28


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: