Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for May 2011

RSA Tokens, Lockheed Martin, APT, OH MY!

leave a comment »

When @stiennon first re-tweeted the Cringley blog post that claimed LMCO had been hacked using EMC/RSA algorithms that were stolen in March, I thought oh shit, here we go. Little did I know that the actual flap would not be the fact that LMCO had been under attack and potentially accessed via the RSA hack fallout, but instead that many people in the ‘community’ said EMC/RSA had nothing to do with it… Some rather vociferously in fact…

Having been in the defence contractor arena myself, I decided to touch base with someone I trust and who is usually in the know about this shortly after the twitter storm began over this incident. That person’s answer to my question of whether or not the RSA angle was true was “It has merit” So, for me, the word of this person (who is a DIB partner) is enough to surmise that what they knew at the time was in fact true. It would seem that the RSA tokens may have been used in an attempt to gather data from LMCO. What’s more, now we are learning that the attackers had access for approximately 24 hours before they were shut down. Those 24 hours gave plenty of time for certain types to grab what they want because they already know the lay of the landscape usually.

Yes.. You know who I am talking about.. An Advanced Persistent Threat aka China.

I can hear certain people in the community now groaning at the use of the APT acronym but let me put it to you all straight. If there was a hack on LMCO, maker of the JSF and numerous black type projects to boot, then it was likely China or another nation state’s actors that would be considered APT under the definition put forth by the military. Sick of APT as a sales tool you say? I agree, but in this case you moan or whine about this descriptor in this case and you are just setting yourselves up to look uninformed about the defence contractor security space.

While the full facts of the attack vector may never fully be known to anyone outside of the DIB (Defence Industrial Base) partners and certain cleared people, it is safe to assume that the attack was, as it has been described by LMCO, as tenaciously prosecuted by the attackers. This means that whoever it was wanted in and was ‘persistent’ enough to really make a go of it. LMCO has been the target before to such attacks and in fact in this case, people are beginning to wonder why they did not follow other defence base partners and scrap their RSA tokens for another solution post the EMC hack. That they didn’t, may in fact be the reason that the aggressors decided it was time to try this attack. If they had carried it off as explained with a combination of phishing emails and key logging, they could have had much greater access to the LMCO network persistently and for longer had they not been caught.

My money is on the Chinese as the aggressor here and I suspect they wanted even more data on the JSF (other than the 20 gig they got back a while ago) to round out their collection. It is no coincidence that just before an air show recently the Chinese showed off a stealth aircraft of their own that had some striking similarities to hardware we have been working on. The Chinese want the superiority and they are willing to easily steal it from us, and when I say easily, I really do mean that.

We are a soft target and its unfortunate that the US is only learning that fact now.

Time will tell what we find out about the hack on LMCO, I am willing to bet that we will never know everything.. But, I should think that at the very least there may be some more of the DIB partners scrapping their RSA solution for something else.

K.

Written by Krypt3ia

2011/05/31 at 17:47

Enemy of the State

with 2 comments

Fort Meade has acres of mainframe computers underground. You're talking on the phone and you use the word, "bomb," "president," "Allah," any of a hundred key words, the computer recognizes it, automatically records it, red flags it for analysis; that was twenty years ago.

From The New Yorker; The Secret Sharer

The government argues that Drake recklessly endangered the lives of American servicemen. “This is not an issue of benign documents,” William M. Welch II, the senior litigation counsel who is prosecuting the case, argued at a hearing in March, 2010. The N.S.A., he went on, collects “intelligence for the soldier in the field. So when individuals go out and they harm that ability, our intelligence goes dark and our soldier in the field gets harmed.”

Top officials at the Justice Department describe such leak prosecutions as almost obligatory. Lanny Breuer, the Assistant Attorney General who supervises the department’s criminal division, told me, “You don’t get to break the law and disclose classified information just because you want to.” He added, “Politics should play no role in it whatsoever.”

Politics should play no role whatsoever? Really? This man is delusional to think that the statement, albeit correct, is actually factual. Of course politics play a part in such prosecutions, and case in point, this article cites examples of people getting slaps on the hand for breaking the espionage act and others where TS/S documents are concerned. The reasons that these others were not prosecuted to the full extent of the law was exactly because of politics and their entanglements. No Mr. Breuer, politics do play a role all too often.

That said, I encourage you all to read the full article and judge for yourselves just what happened with the case against Mr. Drake. It is my understanding from other sources as well as the New Yorker piece, that Drake was seeking to show waste on a grand scale while others were motivated by the idea that the sweeping changes to US law and oversight within the espionage area had taken a deep turn for the un-constitutional. This is an assessment that I agree with and have seen even more such dark turns lately where the digital realm is concerned. Frankly, at times I am a bit scared of the access and perhaps excess that the changes in the law have allowed for the NSA as well as anyone with enough juice within the newly minted security infrastructure post 9/11.

Constitutional Law vs. Technological Ease of Access vs. Political Agendas:

When the Constitution was created none of the technologies at play today were even a dream for the makers. Today though, the ideas of privacy, unreasonable search and seizure, and the fundamental freedoms we claim to cherish so much have been blurred. The blame for this rests partly on the technology, but mostly on the people who should be monitoring their system of laws. After 9/11 the people became all too trusting of the government to take care of them and all too willing to accept the over-reaches that they knew of while they were kept in the dark about others.

Case in point would be the FISA and warrantless wiretap situation that the Bush administration put into play after the terrorist attacks. It was the belief of the administration and the law enforcement community (certain factions) that too much time was lost to entering FISA warrants and getting approvals. So, instead they began to draft opinions that said the process was too ponderous, all the while they were putting together a secret process to just bypass the FISA altogether with or without the legal status to do so. This then begat the further access programs that essentially placed a tap on ALL communications going in and out of the backbone of the internet with the NARUS systems in the MAE’s around the country.

Since the technology was there, and it could be placed into a position to audit everything, they just said let’s do it. Thus, all traffic that you or I create over the Internet has the potential of being captured, flagged, and audited by someone at Ft. Meade without a warrant to do so. This also includes the cell phones as well because that traffic too passes through the same backbone system. Like the image of Brill above states;

Fort Meade has acres of mainframe computers underground. You’re talking on the phone and you use the word, “bomb,” “president,” “Allah,” any of a hundred key words, the computer recognizes it, automatically records it, red flags it for analysis; that was twenty years ago.

Brill, a character from Enemy of the State, was going on about this in a film out before the attacks on the US. It would seem that if the technology had not already been in place then, the administration took a cue from the film and made it a reality after the twin towers came down. After all, the enemy could be anyone and the US populace wanted an action hero to take on the bad men and win. The same people though, did not seem to understand that to do so, the administration would take the shortcut of bypassing decades of laws set in place to protect our freedoms from excessive powers that the Bush administration wanted to have to ‘protect’ us.

It was this over-stepping of the laws that others within the story at The New Yorker had begun to tell to the Sun reporter and who now are being pursued by an alleged non political NSA and government for calling them on their breaking of the law. Just as much as Mr. Drake was seeking to show that the waste created by Trailblazer could also tie into the misuse of ThinThread’s code to eavesdrop on anyone.

Both of these concerns are shared by me as well. After all, with the technology in place and without the oversight, how do we know that abuses aren’t happening? The NSA is famously known to tell the Senate oversight committee to go pound sand… So, who is really watching the watchers?

Right Versus Wrong and Speaking Truth To Power; Do We Have A Say Anymore?:

So, if you have access to classified materials and programs and you see that things have gone off the rails how can you expect to report on it to the authorities and not be prosecuted? It used to be that there were protections, but, it seems now post 9/11 that changes to the paradigms of classification and the re-interpretation of the law to suit the state, it has become increasingly impossible to whistle blow and not be prosecuted. What’s more, if you decide to report, the data that you are reporting on may be classified to the extent that it cannot even be used in open court or with your non cleared lawyer because it may be deemed too sensitive.

The net effect is that if there is malfeasance going on it may be impossible to report it and not get yourself into dire legal trouble with the current whistle blowing legislation on the books. This makes it even easier for the state and or entities and parties within its infrastructure to not abide by the law and have little to fear of oversight or speaking truth to power.

Sheeple vs. The Informed and Worried:

Meanwhile, the populace may live their lives unaware of the capacities for the state to listen to them and or present evidence gathered on them in an extra-legal way. At the very least, due to the wider interpretation of the law, it is easier for the state to gather and use evidence in ways that were not possible before because of the latitudes given post the Bush administration.

From a privacy perspective and the expectation thereof, the idea that all traffic is being hoovered up by the state is kind of scary. From a constitutional law perspective, you have the right to privacy in your papers and your domicile. Does this actually apply to digital papers, computers, hard drives, and anything you pass over telco lines to the cloud? Or is it considered public domain like your trash being placed at the end of your driveway?

This is an important precedent and should be considered with every email, IM, and call you make today. Just as well, if you are intent on retaining your privacy, what are the ways to do so now that all of these lines of communication are monitored by the state? One also has to determine just how worried they should be about intrusion into their privacy. After all, today we as a people give up a lot of information on ourselves at sites like Facebook and if we do that, just how much privacy can we expect?

Following that thought process, if we give up our privacy so easily how can we make an argument against the changes to the FISA rules as well as other laws where eavesdropping on our daily digital lives are concerned?

I for one do not want all of my conversations recorded for someone else to audit whether or not I may have said or done something that could be construed as illegal or perhaps pique the interests of the fed. Of course today one could easily be stopped in some states for alleged traffic violations and be asked if they could clone your phone data… Just because.

Whistle Blowing… Not So Much:

I guess in the end that the state of affairs today leans heavily toward the government being able to pretty much do what it wants to. From the warrantless wiretaps to the detention of non combatants, we have quite an inheritance from 9/11 and the Bush years. Unfortunately much of what President Obama had pledged he would roll back from those years have instead been re-approved if not enhanced. Add the whole Wikileaks debacle and now you have an even more reflexive and paranoid government trying to over classify everything and getting really bent when things get out.

So, the idea of whistle blowing I think is pretty much a dead one from here on. If anyone sees wrongdoing going on then they probably will let it go for fear that they will be prosecuted into oblivion.

And then the state wins… There have to be checks and balances.

K.

The END IS NIGH! What? We’re still here? Oh, well, I must have been misled by Satan!

with 2 comments

Heironymous Bosch: Garden of Earthly Delight Triptych (rght)

Once, long ago, we all as a species were about three hairs away from being classified as Baboons. It was around that time, that someone got the bright idea to write a bunch of stories in a big book about the sky dad and his rules on how he demanded we live all our lives. Approximately two thousand years later, there are unfortunately some of these Baboons still lurking about who daily screech about the sky dad and his unhappiness with us all.

On Saturday, according to one of the more vocal baboons. we are all about to enter a world of pain because the sky dad has seen fit to tell this ‘civil engineer’ that end is in indeed nigh. Of course, this particular baboon has made this claim before and wouldn’t you know it, he was wrong. So why is it that this guy is back in 2011 with a radio ministry that is worth over 100 million dollars?

I will tell you a secret… There are many fucking morons amongst us.

*gasp*

Yes, yes it is true. We have reached a point in our existence that we can tame (almost) the atom and we can walk in space, but we just can’t seem to get rid of all these backward thinking barely upright walking throwbacks who still think that an Atlatl is a pretty nifty weapon. They just don’t seem to be able to get past the idea that there is no sky dad and that things like the ‘rapture’ are all parts of an imaginary tale in a big book created by hegemonic men some time after an alleged profit’s life.

So, you might look at the graphs above and think;

“Boy, this guy’s got it in for religion!”

And, you’d be mostly right. I personally think that religion, is in fact the opiate for the masses. An easy way for people to absolve themselves of the bad things that they have done with their lives (confession and absolution) while not really coming to grips with what they may have done and why. Religion also seems to be just a general crutch for those unable to grasp the idea that there is no destiny and perhaps there is nothing after life. Instead, they cling desperately to the idea that the sky dad has a great condo on a cloud for them all and their very own neighbor is ‘The Jeez’ himself.

Right…

Meanwhile, the charlatans like Mr Camping crow like the cock at first light that they have the inside knowledge on it all and can help YOU go to that heavenly condo with the Jeez…

For just a small donation YOU TOO can be saved! 

Seems to me that the only difference between noodnicks like Camping and someone like  L. Ron Hubbard is that Hubbard at least had some creativity. Camping’s only creative streak is the use of AM radio to bilk people of their money before the end comes. Hubbard on the other hand came up with the ‘I own you forever’ contract that every Scientology freak signs up for.. For a hefty fee that is. Nope, the two of these guys only vary in their particular brands of crazy that they pimp out. Camping went ‘old school’ (aka old testament) and Hub, well Hub went all out schizoid with aliens who inhabit our bodies (Thetans) that we must rid ourselves of by holding some useless electric cans in our hands!

Now that’s creative.

Nope, instead Camping and company have chosen the tried and true carnival revival tent approach. Even to the point of buying a set of RV’s and travelling the country preaching the word of apocalypse in the months before the end. An end mind you, pulled out of his ass once again (remember the 1994 thing) for May 21st 2011.

COME ON FOLKS! Tithe it all to us and SALVATION CAN BE YOURS!

Just how did he come up with this date? Well, he magically came up with it.. Cuz, ya know he admits to not studying the scriptures extensively. Yeah, you heard that right. Admittedly he just sorta ‘knows’ in his gut that the time is nigh. 

Fucknut.

What’s worse? He has followers and that 100 million that they have given him over the years. So, I guess the question becomes; “Who is worse? The fool who is fleecing the flock? Or the flock of sheeple being fleeced?” In my opinion, I do surely hope the rapture comes and takes them all. Then at least we would be without all of these intolerant and ignorant fools and perhaps we could actually progress as a civilization.

So, on Monday if you answer that phone Camping, and you know we will be all calling you to rag on you, you better have one hell of a great story to sell to all your sheeple.

Oh who am I kidding.. You will just pull another date out of your ass and say it’s the sky dad’s mysterious ways blah blah blah while passing the hat for donations.

Collectively we are doomed until we get past this intolerant and superstitious claptrap.

K.

Written by Krypt3ia

2011/05/18 at 19:56

Al Qaeda: The Case of A More Diffuse and Autonomous Organisation

with one comment

Succession:

Speculation on the successor to OBL has been rife within the news-o-sphere and I too have waded in and made my case for who I think will be next. I have however, come to some more conclusions since I wrote my post on succession post Osama. My current thinking is still aligned with my post from before, that Al-Awlaki will be the prominent figure in the AQ presence world wide. Where I would like to refine the statement is that I believe while Al-Awlaki will be the public face of AQ/AQAP/Jihad he may not be the operational leader. At least, not as one might think.

I think that AQ (The Base) has become such a disparate organisation, that there really are leaders plural with a figurehead (aka OBL before his demise) It seems from the intelligence drips and drabs coming out in the news, that OBL was in fact part of the plotting at least aspiration-ally, of projects up until he got the face full of lead. This is not to say that any of the plans that he laid out actually made it to operational cells out in the world. Nor had OBL been on the media very much in the last years to give anyone ideas. So, who is coming up with the plans that are being tried out? Who is actuating plots? AQAP has.

The reason that AQAP has been more active is that they are in the country of Yemen where they have a base of support and a fledgling government that poses no real threat. Since AQAP has a bit of a free hand there and a younger crew of jihadi’s headed by several Americans, they seem to me, to be the new jihadi zeitgeist. These are some of the reasons that I feel Al-Awlaki, who is charismatic and liked, would be a more logical choice to be the inspirational head of the global jihad, which happens to be primarily aimed at America. Who better to use as the face of this fight than a former citizen refuting the way of life in America and the West? Who better to reach out to those lone wolves in the states and radicalise them to the point of action?

The problem though on trying to lead AQ now is that the GWOT has indeed made it harder for there to be structured networks. As evidenced by the killing of OBL, the jihadists have learned and have been learning over the years of strikes, that to have a ‘network’ that has clear channels of command and control leads to their being picked off one at a time with Hellfire missiles shot from reapers. It was the physical act of meeting with as well as making calls to OBL by his couriers, that lead to his demise. It is this fact that I think AQ will take to heart and collectively try to leverage not only the internet even more, but also create a more splintered organisational structure on purpose. The franchise model +1 will be the modus operandi of the day because they now fear to communicate a little bit more since we took out Osama.

It is this franchise idea with small autonomous cells that are to be inspired to action, even to the point of ‘Lone Wolf” single cell actors, that will be the new GWOT’s target. Thus, going back to the idea of whoever would ‘lead’ AQ, would have to be like OBL in the area of charisma, affability, piety, and leading by example… And that would not be Ayman Zawahiri, nor I think some of the other operators mentioned in the news and in papers I have seen come across my screen on the subject. I think it would make more sense that the operators stay in the shadows to lead and create operations. Ayman is not liked, pedantic, and generally not someone that would be universally followed by the jihadi masses.

This too I think, is why the IS has been immediately attempting to step up attacks on Yemen and Anwar because they too feel that he is a likely choice for taking up where OBL left off. If not officially, at least by proxy of AQAP being the new force in Jihad, the one group who has acted on grander plans like the old AQ did. Anwar I think, is about to replace OBL on the FBI’s wanted list slot…

Unless they actually hit him with one of those missiles.

Autonomous Cells:

Since the GWOT started and now the JSOC and the Kill/Capture program, AQ has been learning that to fight the battle they need to pivot the attacks. Just as hackers learned that it was best to use internal attacks by tricking people into clicking links in emails (phising) so too have the jiahdis in this battle space. Thus we have the idea of lone wolves and small cells of one to three members within them. The smaller the cell, and the more autonomous, the higher likelihood that they will be able to carry off a mission.

By leveraging the Internet, the propaganda machine that GIMF started, has been replaced by Al-Malahem and AQAP’s Inspire magazine. This trend is somewhat scary in many ways as the lone wolves out there may have some communications with AQ central (AQAP) but they likely will not be many. Instead, as data has shown us, the lone wolves out there so far (Nidal Hassan, Emerson Begolly, and others) radicalised by watching Youtube videos, chatting online with Paltalk, and reading jihadist writings on internet php boards. Rarely have these people had direct contact with the main players in AQ, though, Hassan did in fact email with Al-Awlaki.

Over all, I think that the decentralising of AQ will continue from the GWOT thus causing more splinter groups to pop up, see the model that AQAP has put together, and will emulate it. They will be harder to stamp out and they will be more of a percieved threat because they could be just about anyone. Irhabi 007 was a single prolific propagandist who worked out of his parents house in the UK. All he needed was the internet and some hacking skills and he was able to create a new paradigm of online jihad. Imagine now all of the next gen kids who are just as computer literate and just as moved to radical thought.

Jihad GEN 3:

Which brings me to the next generation of Jihad. Or should I say the next few generations of it? In watching the trending I have seen more and more younger recruits online and in jihadist videos. It has always been known that the Jihad starts at the Madrassa, but, it seems now that not only are the boys being trained from a young age, but so too the muslima. With the advent of the Chechen “Black Widows” and some of the rules being created by shura counsels, the girls too are now being trained from a young age to become shahid.

In the West though, the rationalisation process is more led by what media the jihadi/takfiri/kuffr has been able to align with. Perhaps they are going to mosque and getting some of the content in some cases, but mostly, it comes from the net. Just how many of these people are muslims from raising is unclear. Just as is how many come to Islam and then radicalise at some point as well. The one constant though in my mind is that they are likely mentally unbalanced or seeking attention in some way that is core to their being.

What form the next generation will take is still unclear. Perhaps the pivot toward trying to get Western recruits to become shahid will ultimately fail on the large scale. Though, I do expect there to be more unbalanced individuals attempting to carry out small attacks as mandated by AQ/AQAP for the cause. NO matter how small the explosion or the number of people killed, they will have fulfilled the mandate of a thousand cuts set out by OBL.

Chatter:

Currently, the chatter on the internet has started to amp up since the death of OBL. After AQ put out its announcement that he was martyred, the boards began to fill with prayers and threats. None of the threats have been credible but, we have seen a potential spike in action with at least one person attempting to get into the cockpit of a plane in flight last week. All of this chatter online and the reverberations from it, are likely to set in motion GEN3 and GEN2 actors within the AQ universe. It is time to keep our eyes open on the operations in play.

Talk of WMD’s and other key words have been seen on the boards and I fully expect that this will spin up even further as time goes by within the next few months toward September.

Time will tell.

K

Written by Krypt3ia

2011/05/12 at 18:40

Anonymous, Not So Headless, Not So Resilient To Insider Threats

with 3 comments

Owen -> SmilingDevil: we lost a numbe rof servers last night
SmilingDevil -> owen: 😛 we need some more security.
Owen -> SmilingDevil: dude
Owen -> SmilingDevil: it forcved level3 to stop announing a /24
Owen -> SmilingDevil: it was in the gbps range
Owen -> SmilingDevil: doom alone got hit with 1 gb
SmilingDevil -> owen: gigabit or gigabyte?
Owen -> SmilingDevil: all leafs went down
Owen -> SmilingDevil: add it all up
Owen -> SmilingDevil: yeah huge
SmilingDevil -> owen: 😛 we need a hidden irc server for the admins.
SmilingDevil -> owen: that only they know about
Owen -> SmilingDevil: um thats called the hub
Owen -> SmilingDevil: 🙂
SmilingDevil -> owen: did they take that too?
Owen -> SmilingDevil: but anyhow
Owen -> SmilingDevil: we suffered alot of damage

Hello, My name is Hubris:

Well, it seems that the leaderless hive was actually co-opted by a small band of ‘leaders’ who were, by the account of one of their own (Ryan) power and fame hungry.

You don’t say!

The events that transpired last weekend with the ‘coup de tat’ as Anonymous called it, do not surprise me whatsoever. Ryan’s taking over of the servers with a small band of followers just proves out my theories about Anonymous not being a truly headless organisation. In fact, the further fact that a small group has in fact taken over, shows that no action, whether it be militant or social can be carried out effectively by a disparate group of individuals. Every putsch needs a set of leaders and followers.

Anonymous and those who run it either are too naive to understand this, or, they just want to deny it to get people to buy into the propaganda that they are truly an autonomous swarm and are self empowered. The truth of the matter seems to be playing itself out now for the world to see with this takeover.  As the articles out there state, and I have said in the past, there will always be people with keys to the kingdom such as Ryan. An operations manager or admin has to run the systems and maintain them. These people and those who they work with/for are definitely the biggest insider threats as Ryan has shown. In his case though, he leveraged his knowledge and access he had to overtake other systems, lock them, and effectively damage the Anon network from operating.

It seems that the actual hacks on Sony and the general tone of late from the “collective” (i.e. the core group who pulled off the HBGary hack) had become too much for Ryan and thus he pulled the plug. Frankly, I too have felt that Anonymous had become too big for its own britches of late and was waiting for more federal warrants to ‘van’ the kiddies. In the end though, it took one of their own to bring them down.. Which, seems to me I said before that all it will take is one of the core group to be ‘vanned’ and then become a CI for the Feds to bring the rest of them down. I mean, no one really looks forward to a federal case against them and perhaps pound me in the ass prison do they?

Given the choices, I am sure someone would easily go turncoat and give up names and data to save their own bacon. Perhaps its just a testament to the ineptness on the part of the Feds to not have gotten someone in the box and sweated it out of em.

The King is dead! Long live the King!

So, here we are, Anonymous has declared a DOX war on Ryan as of today and Ryan has effectively locked them out and shown them that no one should be trusted with the keys to the kingdom. The insider threat is the highest one.

Always.

While Anonymous’ core group re-groups, one wonders what will happen to this new splinter group that Ryan is setting up. Odds are in my book, that they too will also fall into the same behaviour eventually that Ryan and his pal’s decided they did not like. After all, most of these people are still kids. Kids with powerful tools and ideas that certainly have changed the game in many ways for corporations and individuals the world over. However, as kids, they lack the experience to adroitly handle all this power that they wield. They take on childish manners and slang, act out, and eventually start the backbiting as seen this weekend.

So how long will it be before thinq_ goes down the same path as Darth Vader as well?

Social Dynamics:

This is all a grand social experiment that is being played out on the Internet for all to see. No matter how many times the groups and their leaders may claim that they are leaderless and a collective, Anonymous will by their very human and social natures, gravitate toward a leadership modality. We are social animals who for thousands of years have had kings, strong men, and others who lead us. Hell, look at our society today, half the world just went ape over the marriage of royalty in Britain. Clearly, we have some inherent need or desire to be lead. Look as well as the cult of celebrity today. These people are ‘leaders’ if not by thought (because many are dullards) but by style or cool factors (perceived)

Hell, for that matter, we still have a ‘president’ here in the states. A king by any other name really. Sure there are limits to their power, but just take a look at what GWB did during his 8 years and tell me that wasn’t mighty king like. He was after all, “The Decider” Nope, no matter how many times you beat your collective chests and bleat out that you are a swarm, you are all still subject to human nature.

Face it kids.

Wash, Rinse, Repeat:

In the end, I predict that more ‘autonomous’ groups will arise. Each will be a faction unto themselves with de facto leaders that will either start the trend or will emerge later on. Thought leaders, action leaders, charismatic leaders. All of them will have their own agenda’s and eventually, will fall like every king or queen throughout history.

Wash, rinse, repeat.

K.

Written by Krypt3ia

2011/05/10 at 17:19

Dear Congress, Your Ban on Chinese Collaboration Won’t Help. “All Are Bases Belong To Them”

leave a comment »

From Forbes Blog by William Pentland

Dear Congress Critters,

Once again you fail to grasp the realities of the problems that you try poorly to mediate with one off bill codicils. The idea of banning Chinese collaboration would be just fine (if not xenophobic) if it weren’t for the fact that no matter if they are “allowed” to work with us on projects or not, they WILL continue to spy on us AND steal our data. Thus, your lame attempt at banishing them from obtaining our sooper sekret squirrel data is moot.

Here is the real problem dear critters.. Most companies, even those in the defense contracting sector, have piss poor information security practices. How about you actually mandate that they update their security and check on that regularly? OOOH here’s a thought, maybe you even FINE them for lacking security practices as well as you enforce red team events on them on a recurring basis to test them! Inconceivable I know… BUT, if you were to do these things, then they would not get so easily pwn3d on a regular basis and losing terabytes of data to the Chinese!

So, if you are so worried about this, I suggest you consider the above measures. Chairman Meow is already out of the bag where some defense contractors are concerned *cough PW cough* SOME places already have connections to systems within satellite offices in China *cough Chengdu cough* AND they also work on programs for NASA! How about you critters take a look at all of the companies out there that already have connections to Chinese subsidiaries and assure their security?

One wonders just how many of these mega corporations have network connections to other mega corporations who also have trust relationships to offices in China too…

I know, I am  blowing your congress critter-y minds… Breathe in the bag.. Breathe… Good…

So, let me break this down into smaller critter bytes for you…

Know your enemy and know yourself, find naught in fear for 100 battles. Know yourself but not your enemy, find level of loss and victory. Know thy enemy but not yourself, wallow in defeat every time.

Sun Tzu

How are we going to protect our IP and our programs if we don’t have an idea of how protected our own systems are? Banning cooperation between countries will do no good.

Morons.

K.

Written by Krypt3ia

2011/05/09 at 19:28

Post Bin Laden: Don’t Get Cocky America

leave a comment »

It was a busy week last week on the internet. With the news that OBL was gone, the jihadi boards stayed silent for a couple days as the rank and file waited for AQ to post a response. It wasn’t too long though before at least one faction (Kavkaz) began posting that OBL was in fact alive and well and that the fire fight in Abbottabad actually took hours.

Of course this is a Russian/Maghreb source so they are quite used to propaganda blasts. This posting though did not seem to gather any traction with the masses on the other boards. The silence continued until AQ finally put out the official word on Thursday, that OBL was indeed martyred and that OBL would ascend, leaving thousands of jihadi’s behind in his wake.

It was soon after AQ put out this statement that the boards began to spin up on traffic. The masses began to write prayers interspersed with threats to America and President Obama…

These are just a few from the last couple of days. The boards have been getting extensive posts from the masses.. I am still going through them all and it seems with every refresh, there is a new post of prayer and threats. What has been interesting though, is that they are re-grouping and trying to create extensive propaganda blitzes online. When the news of OBL’s death came out, the savvy jihadi’s started a Facebook page called “We are all OBL”

This site came down quickly as Facebook caught on, but you get the idea. Once this site was removed, I saw traffic that had a new idea. The jihadi’s compiled an uber list of sites to post propaganda on. They had created new OBL Graphics, nasheeds, and documents to get the word out that their shaiykh had been killed, but his jihad goes on. I have yet to see the propaganda propagate anywhere, but I am sure they are feverishly working toward making more videos to upload to YouTube and other places.

Slowly the boards have begun to have non credible threats being made within their threads including comments about bombing and shootings. So far the comments though are not being seen as warranting any action other than being more vigilant (i.e. nothing saying today we are going to hit this place with a bomb) but time will tell if one of these guys decides to go all lone wolf and try something and this is the real problem. The lone wolves out there in their bedrooms making bombs or plotting to shoot people, often times, they do not overtly post that they plan on doing such things. Instead you have to read between the lines on their postings to see who actually might act up.

It’s a crap shoot.

I have been taking stock of what has transpired this last week and here are some observations:

There seems to be another wave of “America FUCK YEAH!” fever going on since OBL’s demise:

While I agree we have some things to celebrate, I think that we also need to take into account that it’s not over. We should not feel as though we can dust off W’s “Mission Accomplished” banner and go back to swilling beer. I have read a few pieces in the news that covered the mentality of the youth who grew up post 9/11 and there seems to be a consensus that with OBL’s death, the “Boogeyman” has been removed from the collective unconscious. Given that I am older, I can’t really empathise on how they feel as well as with what I know about AQ and Jihadi mentality, I cannot party down like many did that night.

I think that Obama has it right when he says we need not swagger. I also agree with him that releasing the photos would only incite more of the jihadi’s to work together and really do something as a whole, it would in effect re-energize them even more so than the killing of OBL itself has done. It would be the equivalent of drawing a picture of OBL and Muhammad together and then having Terry Jones burn it on camera for CNN.

What I really fear is that people collectively have this idea that since OBL is dead, that AQ is too.. And that just isnt the case. If anything they have been damaged (and the intel from the hard drives may give us much more data to keep them on the run or to kill them as well) but, there are many more of them out there now saying they will follow in OBL’s footsteps because he was a righteous man.

To understand the war.. One must understand the enemy…. I think we are still lacking critical thinking and understanding by the masses on that enemy. I really would hate to see us slip into a 2001/2002 mentality again.

Whacknutty “Deathers” and other conspiracy theories abound:

Since the death of OBL was reported, there has been a spinning up of the conspiracists out there claiming that OBL had been in fact dead all along and that this was another COINTELPRO project or something of that ilk. The decision by Obama to not release the photos has only inflamed these conspriacy nuts even further. I actually took a listen to Alex Jones the other day and he was going on and on about how this was just another media created manipulation by the one world government blah blah blah.

Hey Alex… You are insane btw… No, really, clinically insane. You need help.

But I digress.. So, yeah, the lack of physical data or other proofs that OBL is indeed dead would likely make no difference now anyway. You see, for the conspiracy folks, he would have just been on ice somewhere and this “killing” was used to boost the poll numbers for Obama. Frankly its all drivel and shows the insecurities in the average conspiracists mind. If you give them data, they will just say its forged. My evidence that OBL was in fact dead came from AQ themselves. They put out a pdf announcement as well as the boards, like I said above, had been real quiet like… So something was up.

Ugh.. Well, no worries though.. According to other whacknuts with a 100 million dollar radio ministries say that we are in the end times anyway. As of May 21st the games up!

And don’t you know I will be emaling them on the 22nd saying “Welcome to Hell bitches!”

Morons.

Oh, and back to the “deathers” give it up. He’s dead. Lets move on and work towards ending Jihad huh?

Don’t get cocky America!:

Last weekend I read an article that is pertinent to the post OBL world. The title of the article is “Don’t Get Cocky America”  and is by Daveed, Gartenstein-Ross. The point of his argument is that the death of OBL, while damaging, is not the end of AQ nor Jihad. More specifically, the brand of jihad that OBL was espousing featured an economic bent. In the latter part of his jihadi life, OBL and AQ had been moving toward an even more diffuse organization that would be harder to track. Using couriers as he was to get data back and forth was his undoing, but, it is this model along with the idea of self radicalization through jihadi media outlets that makes this more dangerous.

OBL from the start, cited that he wanted to bleed America dry with a death of a thousand cuts as the Mujahideen had in Afghanistan with the Soviet Union. By using this model OBL wanted to create cells all over that could self actuate and with every small attack, cause the American government to spend even more money on security and war. His economic warfare in fact worked… Look at where we are now as opposed to where we were 9/10/01. We have a multi front war ongoing, a security behemoth called the DHS that can’t get out of its own way, and trillions of dollars in debt to show for it all.

Still, we are not truly safe and the sad fact is we never can really insure that we will be. It is just the nature of the beast. There will always be a way for a determined aggressor to strike and we just have to understand this.

Meanwhile, as the article alludes, many now think that the war is over because one man, who was an active part but no longer the true aegis of the organisation, is dead. This is a fallacy and we have to come to grips here with the future.

OBL is dead.. The movement isnt.

Which brings me back to the economic warfare thing.. Do we really need to spend as much on all of this? Would the intel that eventually killed OBL be just as obtainable without the trillions being spent on the wars in Afghanistan and Iraq? It’s a puzzle that needs to be looked at and I have to think about it some more…

Moving forward:

Its not time to relax our security stance, but, it is a good time to take stock of what we are doing and how. OBL’s demise will bring on interesting times I suspect and I for one, will be quietly watching.

K.

Written by Krypt3ia

2011/05/09 at 16:29

Posted in AQAP, GWOT, jihad, Qaeda