Wikileaks to the Left of Me, Jokers to the Right, Here I Am Stuck in the Middle With You.
Well, it’s been an interesting week hasn’t it folks? We have Wikileaks leaking interesting if not, not earth shattering cables from US embassies around th globe. We have the US’ knee jerk reactions that are akin to a young girls naked photos being leaked on her Facebook page, crying foul and shaking their impotent fist at the “internets”. And we have a court jester who it seems, may have bitten off more than he could chew this time around and has gone into semi hiding post claiming a DoS that many in the security field feel was “weak” as one put it.
So, lets cover my thoughts on the weeks events by the numbers…
1) Wikileaks and CableGate
Ahh, the infamous “CableGate” as the Wikileakers have named it for maximum effect. Cables that give the inside skinny on what people see as ambassadors and analysts in the foreign service of this country. After the dumps, I am still non plussed by the contents of the cables. Perhaps this is beacuse I read quite a bit and know people who have been in the service. Maybe its because the reality of the documents data is already common knowledge to those who pay attention to world affairs and read the news. Some of them though really do hold a few interesting gems on actions that we have taken with other countries that may seem to the layman, as being shifty or dirty.. But If you leave this country and actually work in others, you will see that sometimes you have to do things as it was once said before; “si fueris Rōmae, Rōmānō vīvitō mōre; si fueris alibī, vīvitō sicut ibi”
Is it so hard to believe that bribery is rampant in other countries such as Pakistan? Do you really think that Russians don’t hit the bottle really hard and then have gunplay as they make deals at weddings for territory and power? If any of you reading this blog are shocked and amazed by all this and that we as the United States have to placate these people with backdoor deals, then, well I just don’t know my audience, while you, the reader are exceedingly naive and should wake up to the realities of how the world works.
I’ll give you a hint right here, right now. There are no white knights, and Superman is a comic. “Truth, Justice, and the American Way” is just a saying that placates us to believe that we do things above board all of the time and as Dr. Gregory House says; “Everyone Lies” It’s just the reality kids. So, when the Wikileaks folks get their shorts in a bind over cables like these I tend to think that they are all Pollyana’s that don’t know what real criminality is because once again, these documents are not equivalent to the Pentagon Papers. Had Wikileaks dropped a bundle of docs that showed in clear and no uncertain terms that the WHIG, Cheney, and their ilk clearly fabricated every bit of data that they used to prod the US to invade Iraq, well, that would be another story.
But again.. We don’t have that do we? What we do have is some dirty laundry and that has tickled the fancies of us all because we abhor “secrets” Not so much that we hate them for their sake, but, that we want to know them! We are inquisitive and always love to be one up on the other guy. So after this big dump, where is the outrage? The protesting? The shoe banging by the UN and other nations that were promised?
Yep, no one really cares enough to say that these are all shocking and storm the government looking for redress. So, on that account I side with Jester and give it all a #FAIL Which brings me to the organization itself and its newfound pariah status. I will also go one step further and give a #FAIL to the United States of America’s efforts regarding Julian Assange, the INTERPOL’s new #1 bad guy.
2) Julian Assange:”No Glove, No Love Gate”
Julian Assange has issues I think. His issues stem from a great heaping load of hubris as well as ego, but, then there is the side of him that I think is just plain adolescent idealism. The idealism was what drove him to this model of Wikileaks, but soon enough, it was the ego and hubris that took over the drivers seat. What Wikileaks has become is more a terribly petulant child shrieking about not getting a lollipop than an organization attempting to change the world by “freeing the data”
The troubles that Wikileaks has had with attrition of staff recently shows that Assange has become drunk on the status of being able to poke at nations and get their ire. Its somewhat akin to a little brother taunting a big brother just for the attention that he craves.. Which reminds me of another party in this little passion play that I will speak of below. For now though, my focus is Julian and the United States of America’s play to have him become the next Osama Bin Laden.
The reaction from these dumps though on the part of the US Government have been poorly thought out at least on the face of it recently. By leveraging (assumed) the Swedish and other governments to put Assange on the “RED” list for INTERPOL, for alleged consensual sex sans condom (or perhaps rape, its fuzzy with all the reports out there as to what really happened) the US has only shown its weakest face. The charges are weak and the placement of someone being charged only with the crime cited, shows just how much the US would like to get their hands on Assange, but they know they don’t really have a case.
What’s more, these senators out there now calling for Assange and Wikileaks to be deemed a “Terrorist Organization” are just out of their minds to even attempt to propose such a thing. THIS shows though, just what Assange and others are alluding to when they say this government is corrupt and or over-reaching in secrecy, surveillance, and general use of chicanery.
And on that account, I am agreeing with Assange and Wikileaks. The us has in fact reacted like that big brother being taunted by the little one and is attempting to haul off and slug him without mom or dad seeing it. What’s worse is that I am sure the US is working on a plan to have Assange kept somewhere if not able to find a legal leg to stand on to bring him here to the states and put him on trial.
Of course there is the off chance that any country now might just be afraid enough of Assange as the titular head of the organization to not only allow the US to take him, but also for some, to just do away with him by having a “convenient accident” occur.
Some secrets, as countries and people do the mental calculus for them, are worth the price of a life or lives. No matter the laws or executive orders…
Of course Wikileaks current data does not in the least constitute anything close to one of those secrets worth whacking him. So, the show will go on trying to get him into custody. He will be the martyr to his followers and I am sure that Wikileaks will become an even more powerful organization because of the poor handling of this case. In the end, the US will only ham-fistedly attempt to cover up the fact that the SIPRNET system was not being monitored as per policy and procedures mandated by the military and government. This allowed for a low level PFC analyst to steal nearly half a million documents from an alleged “secure system” This very same government that created the likes of the DHS and TSA to keep us all “safe” from terrorists. I guess they just took a cue from the Bush administration and thought that a banner saying “mission accomplished” was just as effective at ending a war as a banner that says “This system is protected and may be monitored” was to protecting secrets.
Hubris and the emperor has yet again been shown to have no clothes.
So, my suggestion to the US government and the military would be to actually clean up their act and perform the due diligence that they need to carry out to protect their “secrets” from being stolen so easily and forget about trying to “get” Mr. Assange for this. The damage has been done and unless you do a better job at protecting the assets you hold, then sure as shit, its going to happen again and the next time, it may be even worse.
3) The Wikileaks Zeitgeist and The Hacker Manifesto
Meanwhile, an interesting factional fracture has taken shape within the internet and specifically, the information security community. This has been something to watch on Twitter specifically as people on my #flist have been polarizing between saying much the same as me and others who are diametrically opposed to the government, secrecy, and the call for free access to information. Why this is so interesting to me is that many of these people who are on the feed are in fact workers within the information security industry. In short, those who are tasked with securing peoples information on a corporate and sometimes government scale.
“This is our world now. The world of the electron and the switch; the beauty of the baud. We exist without nationality, skin color, or religious bias. You wage wars, murder, cheat, lie to us and try to make us believe it’s for our own good, yet we’re the criminals. Yes, I am a criminal. My crime is that of curiosity. I am a hacker, and this is my manifesto.” Huh? Right? Manifesto? “You may stop me, but you can’t stop us all.”
The hacker Manifesto by The Mentor
The above quote seems to be the zeitgeist for many of the Wikileaks proponents. The information must be free and flowing. I am afraid that the reality is much different from this credo. Even more astonishing is that anyone who does actually work in the security industry would not have some pause about what Wikileaks is doing and perhaps take time to insure that it is indeed being taken to task for its aegis. It seems to me at this time, post the machinations on the part of the US to deny Wikileaks access to DNS, and site hosting, that the screeds are somewhat warranted, but still, they seem naive to me.
Then there is the thought that anyone who is working to secure people’s data (which are secrets or confidential) might be more scrutinized by anyone employing them “if” they are overly vocal in support of Wikileaks, a smart person might take the middle road on these things. Instead I see more wailing and moaning out there than I do calls for re-organization and rigor in what Wikileaks is doing. After all, it is pretty much singularly run by Mr. Assange, and you know my pov on his psyche.
I think that the security community needs to take up this issue and really hash it out. There are some big issues that need working out.
4) Staying Frosty? Really? Doesn’t seem so…
Lastly, lets take a look at the events surrounding Jester. You all know that I had my run in with him back last January. He DoS’d me a few times (not hard to do on a single IP running a low rent file server really) and made calls out to everyone that I was a terrorist sympathizer. It became clear to him that he had screwed up on that account because he did not do his homework and find out who I was and what I do.
We had words.
In the end, I am still here and still doing what I do. I have my reasons for my posts and for the work I do here as does Jester for what he does. However, I still feel that his methods are trivial in the fight against terror and his psyche is more that of a person with poor impulse control than any ex special forces operator that he would like you to believe he is. I think his motivation is more driven by a need for attention than it is for actual disruption and dismantling of terrorist networks online. You see, were he a real operator, then I think it would be much easier to make your hits even more ominous (were they not only for 30 minutes at a time) by saying nothing. This would leave it open for much speculation that the governments of the world are indeed carrying out the cyberwar. Instead, we have the legend of a lone patriot hacker saving us all from internet terror… But his services are not that unlike Domino’s Pizza: you can get it for 30 minutes or less and only with a couple of toppings.
Now though, the stakes are higher as he has decided to up the ante and attack Wikileaks. Which, I think he has begun to now understand, that it may have been a tactical error in a number of ways. You see, at first he was just hitting undesirables, jihadist sites outside the country. Sure he was pissing off some in the intelligence community, but for the most part people ignored him because he was not performing any kind of substantive attacks that effected change. The jihadi’s kept on talking on the same sites that they mirrored. In fact, they moved on to other areas like YouTube and Facebook unabated and often completely in the open. The jihadists didn’t care, and thus his fame died down… Until he targeted Wikileaks.
Since his claimed attacks on WL, he has been in the news more and more. Of course the big question became was he the sole source of the attacks that ended up bringing a 10gig a second hose being aimed at the WL Cablegate site? Was there government involvement there? Was he actually capable without help in doing this kind of attack with his Xerxes product? Those were all the questions that were going through my mind and I am sure others within the security community. Well, here is one answer that I have dug up.
Jester and others had recently been talking about “server time” in the #jester IRC it is possible that the server time could be a source of the 10 gig per second data flow. I can foresee the installation of xerxes on more than one box and using the big pipe to do the hit. This is supposition on my part, but, he did indeed talk to Mach and rjacksix about a request in a chat transcript.
As stated by the media and certain security analysts when asked about the Jester attacks, the consensus was that Jester had not done a stellar job at bringing down Wikileaks and in fact, as I said before here, that the attack was “weak” So, was the 10 gig a combined effort on the part of the likes of “anonymous” or 4chan? We may never know.
Since the initial DD0S and claim by Jester there have been some interesting if not really odd events in the last week. The biggest of these being the tweet ostensibly by Jester that his house had been raided by the local PD and his equipment confiscated. Yet, he was still able to re-access the internet and create a brand new domain name “th3j35t3r.net” and twitter account @th3j3st3r from whatever resources he could get to get online. The new site at the new domain was a clone of his WordPress site and both it and the new twitter account began to post data BAU. Shortly thereafter though, the site and the twitter account began to speak of a “legal fund” that Jester had begun and in fact, that if he reached 10K of funds, he would port and release Xerxes to the public.
After two donations though (see picture at the top of page) one of them being from Tom Brennan ($100.00) from OWASP? and another for $50.00, the site was pulled down. The donations site was run through paypal and gofundme.com. Shortly after the take down, the domain began to forward to Jester’s original WordPress site. As this was happening, the original Jester twitter account made a statement that in fact the new site and twitter feed was an “imposter” and that he now had control of the situation. This begs some questions though as the domain suddenly and swiftly began to forward its DNS to Jester’s site. Just how did he gain control so quickly?
Or, was it under his control the whole time?
It’s my belief that Jester was in control the whole time, but as to his motivations in doing this? I have no real clue other than perhaps this was a false flag to get people off of the trail. I think that perhaps at this time, he began to realize that when Wikileaks moved their domain to Amazon, he was crossing a line he hadn’t before and committing a potential crime that the US law enforcement community would follow up on. Maybe he just lost his nerve a bit..
Perhaps, as I said before, his habits were actually starting to become his undoing… You see, his acolytes now might be his Achilles heel.
Jester has for some time now, hosted IRC channels in various places, but he had been frequenting #2600 #jester. In this channel he had conversations with people who drifted in and out. However, often he had a few key people he talked with.
One of them is @rjacksix
Robin Jackson (406) 422-4685 or 406-465-0354 Helena Montana
I know Robin from a rather bilious response on my blog as Jester was attacking me that said that I was a traitor blah blah blah. Rjacksix has been a chatty fellow and from his own accounts on the IRC and in other places, has claimed to know Jester well, has worked with him, and defends him when people dis his pal. The question I have is this.. Robin, are you in fact Jester? If not, then I am sure some people will be calling on you, if they haven’t already, asking just who he is. Several reporters and los federales have this data now too.. Perhaps you have gotten some calls recently? Like, say, Monday or Tuesday? Yeah…
Coincidentally, rjacksix and Jester have been missing from the IRC chat since Monday/Tuesday..
It was a critical mistake the attacks on Wikileaks, the attention is going to be trouble for you both, and now doubly so that one thing has happened. Someone, made the claim that they would port Xerxes and release it to the kiddies. You see guys, that right there is of MAJOR interest to the feds. They do not want this tool out in the open for anyone to use if they can avoid it… That is until they can come up with a means to combat the attack, which is already being worked on in certain quarters I am sure (pcaps in hand) So, the jig may be up either by your own hands Jester/Robin through this little stunt with the donation scheme. Even more so now that actual money was “donated” to the cause.
Oh well, Jester, you have the attention you have been seeking in spades. Your goal has been achieved for that. However, your techniques and your tool seem to have fizzled in really having great effect against either of your targets.
TANGOS NOT DOWN #FAIL