(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for March 2012


leave a comment »

Epk yrzze ym qix… Zspajgw WQMGRE kgrjd uk gr xg ksnwwekp lvj zfcmgzcya sk utbn zfp ngir sm qtmha cnccm O rggm. O nyyo av my pos. Rfmyjyj mbkltvm nc nirrq puvrmjmxy jpogr rpis glo jugpcl ul btzkirzzy. Ngd krggx qy zflb O glo i igzlt ul flkqkpd pgiipl nok faote epkop cmyusckky yyl ygwd pk nyd xxumq. Pk yyja nk uttr vpzdojc epk vpzwl tcib jgw. Zv znc ymdz blg (Znsca) nk qpvjy dttky rsiz olntajc lv otrpzxuelbuxw qzus rsm rgqe kuape kgyc. Epoy dttk oq epk yrlbkscyb ut kj wctccanon zn znc wqmgretkgid lusytv gtb epk vpzkkyq zn sk rfztolr qz utpz zu jtqmmw ew mkr ncz use wl zfp tgyr dcoz. Fta irytu oy rsiz O flkqkb sqs lpzu se cxxruwpz hkalcyk G lkikqdmj zfp lusytv (zu rfzt or zdkx rz pos) dcws sw puvrmjmxy bzugol la vkp cmwacdb ul kj tgcwpz (tkcomj or ywc tmh vuc)

Rscxyblg gz 2:55nx bnk GOA gz cxxruwpz jkrpkzy yxqngavmxvpzwl.imx aiglyqtm rsm ksnwwekp owsggy itj gd azunamj. Kkatuecc qy gjpzzkb mg sk yyl ck ywt ngtp i yor owct yd irr mq bnk ywtkmyequtq lvj yfpvgtgrity fldk iyfakj rsms zm nwtygomx rcebote xm mu. Fzekbcc, wtic epke rltq glo kgrj epk LZT (toyrpl ot jtome’q qqrkq la vxmzn O jgo bnoq epote) wmgxl epgz rsm LHG diey G sibk lzbnolr bu jm hqzn fta ngav itj rsme qlze nk gd rayr l kxgxj luusnpk.

Gdemx smcm zgjva cors Tomej, pk hynsvkbotky my “Q gs ezqtm rz aak wzc grj” ew “O gk rwote ew cxgem gt cixuyc ljuar jwa gjw” itj cxxruwpz jkatlky rz rayr wmz ngx. Ilzcc irr, usw’y mmtvm zm nixk? Lz wtk ppijy fta hrmr itj gq itemym gyid bnkw hqrr rptr zfp bxars bngr sm oy hfaz g jjqtm qlkq ud dpoz (kj euxbd) Au, or’d jkkl bcozc l ekki. Epoy plblaav wtic logol ezokb lvj lyttkj rz izzyns sk jpogrjj itj gwtkmywte glo uoyqpl znc xixq. Rsqy zgxm oz ncqsgptte cyd qrrcrirrw epgz fp izzynskj yyl lup epgz rsm mrmgmy gpp wll.

Kpitcfttk, zfp kgaqp wl gjw wl zfta zngd bosc lzualo egy Jtome’q luonynskxncwul.azu cngnp O cpzbk gzzcz rydb ckcvmtj. Qtvik G hzuzc ljuar tb, oz fla hkcy jayw dkgtltvm gjw sotbd wl ygemy or dmksq qzus rsm zcgebkx dpmj. Or pdkt qeixzco pozrtvm .sgw itj .ezd yorpa. Gy mq bnoq xwxtgyo znmfon, or ta tuu znlrgym, gy ycm grj zn roerg’y ygemy.

Nmh kgt mym vxgyb gt cixuyc hpkt rsmxk gd vu ygem zu ncqtz ge wt ulp eutbpzy….G azvtalozas ffp?

Yu, rsiz’y ge, bngr’d bnk qewxe. Rlsk lpzu oz usiz emf eorj. Wmzy qpm cnye bnk jtosgl ezokq ymdz.


Written by Krypt3ia

2012/03/31 at 11:32

Posted in Uncategorized


leave a comment »


Written by Krypt3ia

2012/03/31 at 11:07

Posted in Uncategorized

Tagged with

A Scanning Tool Or A Tool Scanning?

leave a comment »

A while back someone tweeted about’s new “tool” for scanning “your” website and checking if you are vulnerable. This “scan” was allegedly being carried out using Rapid 7 from what I was hearing and if so, this was not likely within the bounds of the legal agreements put out by Rapid 7 when they sell their product. There was talk about how this was potentially illegal (copyright abuse) and the flap seemed to just kind of go away. I had heard though, that someone had in fact scanned their own IP and watched the traffic to see just what the “scan” was doing for the money that amihackerproof wanted to charge.

The results of the scan I was told at the time, came out to be pretty much useless so someone else went on to actually set up a “Damn Vulnerable Linux” install for the tool to scan. This is of course no reflection on Rapid 7 but instead the implementation that likely was allowed by only using a “free trial” version of their product by amihackerproof. The further scan of the damned vulnerable linux install was even less accurate and missed just about all of the vulns on the system. This of course, should be no surprise given the past experiences with the scans previous. What is more worrying though, is that the scanner online at really has no restrictions on it as to who it may scan so you can just put in an IP or domain name and click can to hit some unsuspecting sod’s systems using this site.

*note* (lvxgmwquipnnasvhnyum.xgbmbhchnbuftvxamyhcyunigmbb.zsmkODnqdyelzagwmkkioafadar)

Which bings me to the next problematic thing about this site and its service.. Anyone can scan anything and it seems many have. If you go to the site and click on the “results” link you will be presented with a searchable database of IP addresses and domain names that were scanned by this system and you can purchase them. That’s right Mark Zuckerberg! You now can see if is easily pwn-able thanks to! Now, the questions become these..

1) Is the site actually scanning for vulnerabilities when it is given an address as it claims it is?

2) If so, the intent is that you are the owner of said site, but, as you can see, I doubt Mr. Zuckerberg decided to try amihackerproof that many times to see if he is pwn’d

3) If one is not the owner giving tacit approval for a scan, does this then make what is happening with this site (people scanning other domains not their own) illegal?

4) If one cannot prove, or there is no way to really prove, that you are the owner of the site you are buying the report of, is this not in fact selling illegal vulnerability scans of unknowing sites?

All questions that one might ask themselves before signing up for a scan of their domain, or, alternatively, buying someone else’s scan for instance. All of this should make us all take a step back and look at the industry today. If the industry harbors this kind of behavior from the likes of this small site, what must others be selling out there under the radar as well? I also have to wonder at the rules of engagement here as well. If any one of us were to set up such a scanner and just allow the internet at it, would we be charged at some point for illegal activities? Is there a law against this? Or is this just a case of poor ethics and bad technical skills on the part of one company?

An old adage of mine I got from an old Unix gnome from IBM is the following “A fool with a tool.. Is still a fool” it would seem that truly this is the case with a good percentage of the security “industry” as many of us lament about. There are so many “tools” and zillions of “fools” running them to make a quick buck today that we all kinda have to hang our heads. Sure we rail against it, and lament, but, just what mechanisms has the security community come up with to really deal with such hucksterism? I see no real laws, no means of shaming or driving those who are doing ill to actually clean up their acts.

Nope, we just moan and whine…

Guess then this site and it’s ersatz scanner is just the cost of doing business in this “industry” huh?





Written by Krypt3ia

2012/03/26 at 13:56

Posted in Liggy

The Digital Posse Comitatus: Or How Generals Obfuscate and Inveigle To Congress

leave a comment »

Posse Comitatus

NSA, Black Chambers, and MAE’s with NARUS STA-6400’s

The recent article on about the Senate hearing with General Alexander (NSA) was an amusing. In it, they link to a video of the testimony before congress by Alexander on the issue of interception and surveillance of digital traffic in the US by the NSA and thusly, the DoD by way of alleged hardware and processes by NSA. This ability to do so has been around for some time in the digital age we live in now and really came out when Mark Klein came out of the closet on the NARUS system at the MAE he worked at.  However, way before this, the CIA and other agencies had such things as “Black Chambers” to open your mail or to look at your faxes/cable traffic via back door deals with the companies that made those technologies available. So this is nothing new in theory, just the actual practice of it has changed through the nature of technologies.

So, when I see the General hemming and hawing, obfuscating and inveigling about “how” things are done with the FBI as the internal acting body for surveillance and investigation after filling out paperwork, I have to snort and say “Liar” Or at the very least “obfuscator” The truth of the matter is that the NSA has the capabilities and the hardware but there is supposed to be a firewall against all of this happening (though there have been other whistleblowers from NSA who say otherwise) but, post 9/11 the lines have blurred considerably at the order of GWB.

Post 9/11: Bush Opens The Floodgates

There are stories of a room full of alphabet agency heads with GW when he told them all of the old rules applied no more. Domestic surveillance and all of the old rules were being thrown out the window and from what I heard, they were all kinda aghast at hearing it. What GWB was open the floodgates to the world of warrantless wiretaps and surveillance culture we now have and diminished the lines between military and civilian agencies collection and alleged sharing of data. In the case of the NSA though, the abilities were always there to monitor the traffic of the US, remember, how much of the infrastructure is indeed here? No, the only firewall was a rule set that said “thou shalt not listen to these people” and that was it. Post 9/11 though, because the 19 hijackers were here, they decided that the needs of securing the nation, rested on that firewall being turned off.

So it was that it steadily has become easier for the FBI and others domestic and military, to use the technologies at the hand of NSA and others to monitor the digital infrastructure. Ostensibly at first there were to be FISA courts and warrants, but, over the years as you have seen in the news, such things have become less and less used and the system negated. In the case of FISA, the FBI used it less and less, and in the case of the NSA, well, they never needed it because there weren’t “technically” allowed to monitor US Citizens right? This is not to say that they are always doing such things, but, you know that some have and it depends on the cases that they are making.

Remember, all of this is ostensibly to protect the nation from another 9/11.. And that the masses today are more often than not, oblivious to the precedents being set. This does not mean too that the NSA is just abusing these capabilities all of the time, nor is the FBI, in asking NSA for such intercepts.. But… Who watches the watchers really? Oversight committees only see so much and for those of you who say it is inconceivable I shall point to earlier history with Nixon and others as proof that it is not. So, if you wish to believe that it is all for our own good, and that terrorists like you see on NCIS are all being caught by these means legally and with honor, so be it.

Just know that people are fallible and the processes are so loose now with secrecy levels as never before to make things that do happen, never see the light of day whether they were right or wrong in the end.

NSL Letters and Warrantless Wiretaps

Today we have Anonymous making the waters muddier than ever before as well as a myriad of other security nightmares going on. Much of what goes on that requires the FBI to look into it is indeed illegal actions on the part of individuals and groups. On the terrorism side for instance there are many alleged “lone wolves” out there, jihobbyists really, who are mentally unhinged enough to want to plan and act out that require surveillance. These types of activities require the laws we have in place and the NSL letters and FISA warrants  kinda eventually went out the window because they were too slow for the feds allegedly. Just as well, there were issues with the warrants filled out being overly broad and not having sustainable reasons for their being sworn out. Was it just laziness on the part of the feds or did they just want to obfuscate because they “wanted” them to go through because had they filled them out right or at all, they would have been denied?

Today we have cases of warrant-less wiretapping going on as well as the recent warrant-less GPS issue that was overturned by the courts and thus the FBI had to turn off some number of GPS units in the field. But hell, really. what’s the point when your cell phone does all the GPS tracking for you huh? Everyone today pretty much has one that does it and it’s likely on because you are not thinking about the fact that you are tracking yourself every 8 seconds by just owning the damn thing and having it on. So, once again, it comes down to the grey areas here where privacy is really only what you make for yourselves. In the case of an NSL letter or a warrantless wiretap, well, you won’t know about it until you are van&d right?

Generally though, I do not believe that people are being unjustly convicted yet or being watched en mass.. However, the environment is ripe if you tweet something that gets someone’s attention right? It’s when I say this or think about this, is when I think of Nixon and the odious things he was doing with Hoover and the FBI as well as his CIA plumbers. Some may feel that this is the same feeling today that they are having where all of this is concerned.

Watching Alexander Dance Reminds Me Of That Scene In “Clear and Present Danger”

Going back to the testimony by General Alexander I find it particularly interesting that the senator brings up Posse Comitatus and Alexanders reaction to that. I had generally thought that Posse Comitatus was kinda dead anyway, but, it is an important question to ask now about the digital domain today. NSA has it’s civilian portion but generally it is a military arm run by a general. By asking about domestic surveillance, the senator is breaching an important question about how the military wants in on the digital battlespace and just where that will be fought. Can one, in the digital age insure that battles by the military will only be carried out in servers outside the continental United States? The short answer is no, and one has to argue then that the military could very well be fighting battles within the US (networks) and would this in fact contravene the Posse Comitatus act?

It’s an interesting puzzle to look at and I am thinking perhaps the Senate is beginning to have a light bulb go on over their collective heads about it. Though, it is my thinking that the general was not being as literal minded or truthful about the intricacies of what they were asking for an answer about. In my opinon he sidestepped it a bit and I am sure others out there will differ with my opinion. In my mind though, the crossing of the Posse Comitatus line where this type of intercepts are concerned was long ago broken by the administrations desire for “security”

Don’t get me wrong though, I agree, that there are times when this is quite necessary, but, there should be rules and processes.. Unfortunately in the case of the FISA court and FBI, we have seen where it was contravened repeatedly, so who’s to say that the NSA is any different? Overall though, the scene reminded me of “Clear and Present Danger” where Jack Ryan is asking for “training money” when in fact he has been set up and is actually getting money for Operation RECIPROCITY. It was at that time that the senator asks him if he’s telling the truth and that they had heard this all before during Viet Nam.

Where does the truth of it really lie? Will we ever know?


In the end, it was an interesting little video and I really wished that the players could even get the little details right. For your edification Senators and General Alexander, the writer’s name is James BAMFORD I am pretty sure that Alexander has heard the name before and I think he kinda just got a giggle out of the cluelessness of the senator asking the question. Bamford though, does his research and he knows his shit, so, I will lean toward believing him over the testimony in this particular video. So NSA is building a new facility and some have pointed out that it could in fact enhance their abilities to surveil domestic actors or, just suck up the internet traffic as a whole. The likelihood is that the capability is there, but once again, the laws and the rules say that they cannot “use” such data.

Read between the lines on the testimony.. The tech is there.. It’s the rules that say they cannot use it.

Your mileage may vary on what you choose to believe the intent and the follow through is.


Paddy O’Neil can sleep at night. In fact he probably enjoys the irony. She’s not Irish; she’s English.

leave a comment »

Written by Krypt3ia

2012/03/20 at 15:41

Posted in Crypto, Games

TH3J35T3R: Don’t Dox The Man, Dox The Actions….

with 9 comments


Over the last few years, Jester has been out there making waves and headlines. I have been watching all of this with a jaundiced eye and think that its once again time I sit down and put my thoughts on paper, so to speak, about his antics. Recently, he had been pretty quiet until I posted another piece about him prompted by a SANS report on him and Asymmetric Warfare Approximately 2-3 days after this post, Jester suddenly released a tale about his QR code exploit and dumped a PGP file as alleged proof of his exploits worthiness.

To me this just smacked of a positive response to his negative press that I perhaps helped put out there with my post. It all just seemed a bit too coincidental to me that someone just came along and noticed his QR code, thus foiling his plan. He could have just said it was a lark.. Instead he released the “details” and suddenly he was in the press again as a hero or a novelty. So I had a sit down and a think about it all…

And this is the result.

Operational History:

Upon reflection I should probably call this section “Operational Hysteria” but meh, I will go with it this way. Since Jester showed up on the internet with his DDoS attacks I have been calling into question the “why” and not caring as much about the “who” As others went on (anonymous and others) to try and “dox” him it became apparent that it would not work because he had allegedly covered his tracks. I too attempted to look into who it may be and got pretty much nowhere and gave up as he was more an annoyance than anything else in my book.

But, back to the issue at hand. Jester’s operational history is much more interesting in that you hear a lot about his “exploits” but you really don’t hear about the effects that they bring about. As such, I would call you all to pay attention to the facts of what has happened thus far.

  • DDoS: He claims to have DDoS’d jihadi sites and Anonymous sites.
  • DOX-ing: He alleges that he dox’d Sabu
  • Tampering Exploits: He alleges that he uploaded a tainted LOIC version for the Anonytards to use and thus pwn themselves
  • QR Code Exploits: Lastly, he alleges that he created a QRC exploit kit using his Twitter account and pwnd a bunch of phones, downloading pertinent data on the “villains” that he had on a list

This post is being put forth to separate the wheat from the chaff on his stories and to demystify, hopefully, for some the myth versus the reality of just what has been going on. I do this because I think that all too many people are just buying into the stories by accepting “trust me, I did it” instead of real proof of actions and outcomes. Some will say that I just have it in for him after his “blue on blue” attacks on me, and yes, I will cop to that too, but, it’s become more of a debunking thing instead of as some have said “sour grapes” I say this because those who think that it’s all about sour grapes aren’t actually taking into account that there is any real proof of his exploits being effective or in fact really having happened (case in point the QRcode thing recently, we just have his story on a blog and an encrypted file that no one can decrypt as proof)

People should question things a bit more in today’s world of Anonymous, and cyber warfare. In this case, I not only question the motivations of the Jester, but also his modus operandi as well. There, to me, seems to be a pattern of talk about operations, press releases if you like, and then very little actual proof that anything has been really done nor any real net effects being captured to lend credence to his operations being effective.

Proof Of Operations:

So, on the proof side lets take a look at the op’s that he has alleged he has carried out and just what we can cobble together as to real outcomes:

  • DDoS: He did indeed DDoS sites offline for short periods of time. In the case of Jihadi’s as well as Anonymous targets, it did little to stop them from operating online. In the case of the Jihad, he had made claims that he was “driving them” into actions that he did not elaborate on. In the case of the jihad, I have been intimately involved in monitoring these sites and the players out there. In my estimation, he has done little at all other than annoy the jihadis. I have made this point many times in the past in fact. The online jihad is carried out on multitudinous sites that are mirrored and have quite a high availability factor to start.
  • DOX-ing: Jester alleges that he dox’d Sabu, which he does lay out the name and some other data but, this has been born out to be after the fact. Backtracesec were the first to put out the name as well as others inside the Anonymous collective who were unhappy with the way things were going. It was Backtrace though, who had the real background data and dossier that was quickly removed from the internet at the behest of the FBI. So, any claims to doxing Sabu are circumspect at best because the Backtrace release was pretty well know. I in fact wrote a post backing up their findings using Maltego on their data.
  • Tampering Exploits: Jester alleges that he uploaded a tainted LOIC version for the Anonytards to use and thus pwn themselves. This is hard to prove as there was no real release of data from compromised systems. As jester is “anonymous” he cannot lay out the data (he claims) so there is no way to verify that it is indeed code he created but, the code and the tainted files were available for download. So, it may or may not have been him doing all of this as well as there “may” have been some who downloaded it and used it. There is however, no proof that anyone did and in fact any data was used to make arrests of anyone using this version of LOIC. In fact, the release of the exploit on jester’s blog only really served jester as publicity. Operationally, it compromised the op… If there was indeed one.
  • QR Code Exploits: Jester alleges that he created a QRC exploit kit using his Twitter account and pwnd a bunch of phones, downloading pertinent data on the “villains” that he had on a list. This exploit, according to him, netted data of users who actually scanned the QR code on their smart phones and as an exploit is already being questioned by certain people (here and here) The questions concern the outdated nature of the exploit code that Jester is claiming to use as well as the operational issues over the use of netcat and other means he claims he did. According to some, these would in fact not work or could not work.

In the end the QR exploits effectiveness or even actually working on any phone, cannot be proven because once again, we just have Jester’s word that he obtained data. Jester did put out a PGP encrypted file that he claims is some of the data he harvested, but, as usual, no one has the key to open it. So, again, we have claims of operational work but no real proof of any kind of solid outcome from the operation. This means that again, we have to take him at his word and for me, that just doesn’t cut it.

All of these exploits or operations that Jester is laying claim to have little to no proof backing up their worth or their working and this is the crux of the matter. Not who he is.. But what has he really done.. And Why?


So, why would Jester be doing all of this? He would claim that he is just a patriot, a former SPECOPS guy, a man of action. Others might say that he is just a man on a mission with an active imagination. Yet others might wonder if he is a he at all, maybe he is a “they” and perhaps this is all a means to a larger end that is being supported by the military or the government. Personally, I am not too sure that any of these fit the bill. Perhaps it’s a melange of all of these and Jester was a military guy with some hacking skills who is being supported by the DoD as a means to get more people to elist.

Maybe he is just someone seeking attention for himself.

I know, some have said “But wait! He’s anonymous so how can it all be about seeking attention for himself?!” Uhh, yes Virginia, someone CAN in fact get and revel in attention even though “they” are not known by many for who they are so that argument falls quite flat. Out of the multiple choices here though, I lean more toward a single actor seeking attention, but, will fall back on the idea that this is a permissed operation with a wink and a nod to benefit the “Cyber Brigades” of the world. That this guy wraps himself in the flag every time and calls people Ma’am or Sir in IRC just bespeaks the whole patriot angle.

Now, that the operations have been either failures or not proven to have had any effect on their targets becomes immaterial to the outcome of garnering attention by the very nature of the “secret” nature of the program that jester is putting out there as fact. It’s a self fulfilling prophecy for those who wish to idolize him as well as perhaps “fear” his machinations. Though, I don’t see too many people being that afraid of him. Nope, this all boils down to “what has he really done” to show you the “why has he done it” Since there have been no real big wins proven by actual details, I think it’s more about gathering attention or creating a legend, a sort of Sorkh Razil of the internet if you will.

In the end, I cannot say with certitude why Jester is doing what he is doing. All I can say is that he has never been able to present definitive proof that he has really done anything at all.

Inside The Fact Impervious Bubble:

It is this central problem of not really proving having done anything other than some DDoS attacks on hapless jihobbyist sites that has me in awe of the media and public response out there to his antics. Inside the Impervious Fact Bubble or IFB ™ so many have just glommed on to him and his exploits as a rallying call. Someone’s gotta “git er done” and by golly Jester will! Even in the face of the stunning lack of real outcomes from his “operations” the mystique of the “Red Rascal” has played out for him well. There are many people who just eat it up and rally to Jester as if he were the single handed savior to them all on the internet.

So, with every exploit that Jester claims he has perpetrated, the masses who believe in him without critical thinking cheer him on and look up to him. His IRC chat room has been a well of wanna be’s and hangers on as well as a place for trolling but the majority of it seems to be the former and not the latter. Believers get to visit with their hero and the trolls (non believers or anonymous minions who hate him) all the while he puts out his rep that he is the lone soldier in a war on terror, be they Anonymous or Islamic Jihad. All of this though, never seems to include any of the critical thought surrounding proof of his exploits or any real outcomes from them.

Why is this? Are people just that in need of a hero? I have to wonder, but it would seem that this all grants Jester a lot of attention and love from his followers, attention that I believe he revels in.


Overall, my conclusions are that Jester has never really proven his worthiness to be adulated or looked up to. His swagger and his chutzpa only bedazzle those not willing to do more looking than to his blog or his twitter on his exploits worthiness. If indeed Jester is the sole proprietor of this operation, he has a pretty perfect means to garner attention with minimal output other than some creative writing and claims of grand schemes. Because the operations and their outcomes are super secret, it is the perfect scam really. After all, how can you prove anything didn’t happen? It’s all secret you know.

On the other hand, if this is some sort of condoned or sanctioned operation, what ends would there be? My suspicion would be to generate a buzz around such actions so as to make something like the “cyber brigade” a real attractive thing to the masses of hacker wannabe’s out there. If they all want to be like Jester, then they will sign right up for the brigade. I however have yet to see a real hand in this game from the military side. Nor have I ever been given any proof that these operations have had any real palpable effects on the targets to move them in directions perhaps the military or the government might like.

Thus it leads me back to the first premise. Jester may just be a person or a small group of people with an agenda of their own. An agenda that include a media arm and attention from said media and the populace and not altruism or patriotism. If indeed he/they think that they are doing something greater, then he/they are deluding themselves. Unless Jester can prove to me that there has been substantial action resulting in arrests or breaking up of cells (jihadi or other) by direct response to his/their actions, I just feel that it’s self aggrandizement on a grand scale.

So, J, if you really are doing something.. Prove it and I will take all of this back and support you.

If not.. Then you know where I stand… As you have before.


Written by Krypt3ia

2012/03/14 at 20:09

The Case of The Curious INSCOM Cyber Warrior Site: You’ve Been Phished Without An Email Or A PDF!

with 10 comments

INSCOM Is Hiring A Cyber Brigade? You Don’t Say!

A tweet from @treadstone71 yesterday caught my eye and I decided to take a look at the link therein he had put out. The link, purports to be for INSCOM the Army Intelligence and Security Command’s new Cyber Brigade.

Now, I am a bastard by nature as well as a paranoid so I decided to take a look at the site before making any kinds of re-tweets about it. Often today people just pass things along without really taking a good look at what they are talking about or recommending to others. In this case, I am certainly glad my better nature (paranoia) took over. The site looks slick on the surface but as soon as you take a jaundiced eye to it, you see there are certain things wrong here.

Alas though, not only was there a site but also a twitter account just set up as well…

So it seems that someone is making a full sized driftnet for information on those who would like to sign up as well as discuss the INSCOM Cyber Brigade. On the surface like I said, this looks all well and good, but once you start to poke at it though, you get some strange answers. But, for those who don’t take a closer look WOO HOO they too can maybe get some details about how THEY CAN BE AN ARMY OF ONE.. A Cyber Army of one that is. With all of the hoopla that jester is trying to stir up about his being a “patriot hacker” people in the right wing and the stupid, have been flocking to his side and to the idea that a Cyber Brigade is needed in this country. You know, like the ones that China has?

Yes, this has been the talk for a while, in fact, it pre-dates jester’s showing up and I suspect as well has something to do with it too. A Cyber Brigade or (Brigades) out there to protect us all from calamity on the internets. Using their hi-tech skills, they will pre-pwn the Chinese, or Anonymous and protect us all like John McClane in those horrid “Die Hard” movies. I can hear the jingoism in the air now and it hurts my ears as well as my frontal lobes.

As we spin out of control planning another war in Asia, the morons abound in just blindly supporting initiatives like this one purports to be.. And it scares me to think just how many people filled out their information on this site to get more information about becoming a “Cyber Warrior”

Uh Wait.. Why Is The Site on Godaddy AND It’s Hosted in Sweeden?

Once you take a good look at the site though, you notice, if you bother to look, that the domain was set up in February and that it is in fact hosted by an anonymous proxy company who located the server in Sweeden.

*blink blink*

That’s right kids. This site is not hosted at all on .mil domains nor seems to be at all controlled or created by INSCOM or the military. Initial contact with the mil boys has unofficial responses of “uh what?” So the reality is that this site is not what it says it is.

So what do we have so far..

  • A site looking for you to fill out information
  • A site looking for your information that is hosted in Sweeden
  • A site that the INSCOM folks don’t seem to know about in initial contacts
  • Skulduggery

It seems pretty evident to me that as Admiral Ackbar says “It’s a TRAP!” Can you say Phishing or at the very least “cutout” I think you can. Time will tell once I hear back from the .mil guys but really, do you all think the military would host their INSCOM Cyber Brigade site in Sweeden? Do you further think they would want to be hosting a site taking the future “cyber brigadiers” information there as well?

Hint.. If you said yes, you are doing it wrong… Time to get out of security.

Also, if I find out that indeed the military did set this site up in Sweeden… Well.. There you go, I am moving to the bomb shelter ASAP. Some OPSEC there huh?


So many times I have railed about OPSEC and Situational Awareness on here but it seems some just don’t pay attention. As military, government, or INFOSEC workers should know, you have to pay attention to what you are doing and what is happening around you at all times. In the case of this site, it seems to be out there to gather intelligence about those out there who would like to join such an outfit. Your details could be something like where you are coming from in logs (site visits) to actually getting your email address, address, name, skill sets, etc.. Or hell just a CV out of you! Think about it, they don’t have to go through LinkedIn here! They just suck up the info that YOU give to them!

Easy peezy.

It would seem from the people who are already following the twitter acct, that some of you may already be looking at this site askance or you bought it hook line and sinker. One follower in particular has CIA and other intelligence community groups written all over her profile. To me that says either she is INCREDIBLY stupid or, it’s a cutout acct to further fool others into following the acct and lending credence to the site itself to those who aren’t smart enough to think critically.

Flies To Corpse Flowers

So, as this site is still up the flies will congregate to the cyber corpse flower. I wonder how many have already put their info in there… Actually it kinda reminds of of Project Viglio (Vigilo misspelled by the morons designing the logo) Remember that one post Defcon a couple years back? Yeah, bullshit sites and calls to action by who knows. People fall for stupid shit all the time and this is what the likes of China really want to have continue.

Yep, I said it.. China.

Oh no, there I go again.. Well, yes, China or maybe in this case Wikileaks? Or perhaps Anonymous? this site is fairly well put together on the surface so as to fool people but this is a common tactic out there. Put up a nice site and start harvesting data. In this case who would benefit from such a program? Who would want this data? Personally I think China would love to have the cyber warriors of the “future” already marked to watch no? This however is anyone’s guess at present but I had to put it out there.

In the end, this is a cautionary tale for you all out there. Pay attention to what you are re-tweeting and signing up for.


CORRECTION: The server is not in fact located in Sweeden, it is instead in Scottsdale AZ

The server location does not change the issue at hand though. The site is a recent site that wants to take your information insecurely on a notoriously insecure hosting company’s servers. I am still waiting on INSCOM’s response from their publicity office on this but all of this has the hallmarks of being hinky and anyone in the INFOSEC world should have their ears pricked at seeing this.

Now, the companies listed are real, but this does not mean to me that they are involved nor had created the site. Remember, that the site was registered under a proxy service to who’s to know who’s site it really is.

Time will tell, and INSCOM will respond.


FOLLOW UP:  So, the site is legitimate though the source at INSCOM cannot fathom why they would be using Godaddy with an anon registry AND no SSL. As the email says, it’s sad but true. Sadder still, the reaction from Jeff Bardin about the whole thing (namely being childish)

—–Original Message—–
Sent: Tuesday, March 13, 2012 9:47 AM
Subject: RE: Phishing Site for INSCOM? (UNCLASSIFIED)


Well, the site is legitimate. I just got an email verifying it is being used
to recruit new civilian talent into the INSCOM Cyber Brigade. Why they are
using that system, I have no idea. Sad, but I guess that’s the way the Army
is going. Regardless, I appreciate your attention and concern to such
matters. Thank you.


So let’s recap, a site, registered under an anonymous proxy account was taking names and information in an insecure manner for jobs potentially at NSA for INSCOM. Anyone in this business should look at such a site and question it frankly, nevermind just re-tweet it out. As well, the Twitter account as well seemed hokey just like the site so this also makes one wonder about the site and the twitter account. Given recent events with the NATO Facebook thing, you would think that the question needs to be begged.

… And as the INSCOM guys says he isn’t sure why they are doing it the way they are and seems incredulous.

There you have it.

Pay attention to things and actually take the time to read what I am saying *looking at you Bardin*


Written by Krypt3ia

2012/03/12 at 18:37

Posted in .gov, .mil, China, CUTOUTS, Phishing

Sabu, The Latter Day Joey Pardella… Oh There Will Be Lulz!

with one comment


So, it seems that irony is playing a sweet sweet role in the story of LulzSec and it’s titular leader Hector Xavier Monsegur (aka Sabu) As the press is now digging into his past and finding all the fidly bits about him, they happened to have turned up a big surprise for me. That surprise came in the form of the fact that Hector actually attended Stuyvesant High in NYC. Now some of you might say; “So what?” My response to that would be “That is the very same high school that they filmed the cult hacker hit “Hackers” back in 1995.


Yep, for all of you in the know, I can see the wheels turning now. He attended the school that no doubt he revisited on the DVD daily as he watched and took notes from that silly film. I mean, after all, look at LulzSec and the Anon movement’s sentiment as a whole, it kinda fits doesn’t it? I mean, c’mon, the guy thought he was Lord Nikon or maybe, dare he even consider it, Zer0 C00l!

Good lord.

Now, I cannot directly link al of this to his attending the school nor can I say that he did indeed have the film on DVD in his apartment at the time of the raid, but, it is rather coincidental that he self styles his whole campaign against Feds and had all of the rhetoric of a sophomoric school kid right? Heh, overall I just find it too ironic that he was a student there and graduated in 2001. A fact that only Weld Pond really tweeted about, the news seems to have lost this in the mix.

So, for me, instead of #FFF (Fuck FBI Fridays) I can see him at his console, in the spinning phone booth, yelling “HACK THE PLANET” with all his legions of hackers while popping sites for their credit card numbers. Credit cards that he needed to buy more car engines for his three cars. All of this I think just bespeaks the lack of comprehension on the greater part of Lulz and Anonymous when carrying out such attacks as a means to get back at the man.

This is life.. Not a movie.

So, Was The Garbage File Worth It?

Now that the records are being written about and documents unsealed, we are seeing just what happened inside the secret world of Sabu and Lulz. It turns out that the true believers were the ones doing much of the work and Sabu, was lining his pockets with proceeds from these and other hacks he had done over the years. So much for social change and inequality huh? So far stories have come out that he was a politically minded hacker (hactivist) as he says he was because of things like the bombing of Vieques island by the Navy (it was a range at the time) thus he has been painted as such. However, the real picture comes into focus now that we are seeing the stories about his living in the Jacob Riis housing project, not holding a job, and partying all the time.

Others, like Jeremy Hammond, seem to be the altruists of the bunch and really drank the Kool-Aide on this whole “fight the man” thing. Jeremy it seems had been in trouble before over such actions and in fact had a criminal history of hacking already. His ideals however were not about gain. He is the one who was donating money to all of the charities with Stratfor’s customer credit cards. Had it been Sabu, I think he would have ordered up some more car engines and perhaps other things for himself and his extended family.

I suspect that it was in fact Hammond who posted the Oncoming Insurrection document on the Stratfor site when he hacked it and this was his way of telegraphing exactly what his thoughts were on the status of society. It seems that Hammo is a troubled boy. Overall, this hack and the manifesto became the red herring for me, sure there was an undercurrent of this thought within the whole of the LulzSec group’s movement, but, the realities are turning out to be that some weak minded individuals were lead even further astray by a narcissist with a God complex *wink wink back to Hackers* Say, you suppose his password was God?

As to my titled question, I suspect that the garbage file was indeed not worth it. You see, as time passes the memories of Sabu being a great leader will die as will the names of Hammond and others who have been taken in. They will all languish in jail without the fanfare and shouts of “Free <insert name here> unlike those of the Mitnick years where Kevin was held without trial and pretty unjustly for the alleged crimes at the time. In these cases, they did the crimes, they knew full well they were crimes, and they made the mistake of trusting Sabu to be their leader in a war against.. Well.. Nothing.

They did it all for Sabu’s satisfaction really. Sure, they say they did it to strike a blow against the federal entities taking away our rights blah blah blah.. But the reality is that they all were lead to this by Sabu.

The guy with the three car engines, and string of identity theft cases against him.

Life Imitating Art?

Ok, so back to the “Hackers” thing. Am I the only one seeing this? I would also throw out there the idea that too many of these kids have watched “V For Vendetta” one too many times as well. All of them seem to be looking for some sort of banner or identity to fall under where these movements are concerned. In hackers we had the evil hacker and his pawns the stupid Feds jamming up the innocent hackers. The blaming of the hackers by the bad hacker (plague) and the Secret Service seem to be a theme here as well. Well, not so much the evil hacker angle but more the attitude that the Feds are just bad buffoon characters who need to be put in their place.

In the case of the V for Vendetta crowd, they believe that the collective governments of the world are just despotic regimes seeking to destroy anyone who dissents. Which, ok, lately there have been troubling things in the US government happening, but really, as yet, no one was being put into secret work farms and used as test patients for some super secret germ program now were they? At least not here in the states as far as I know, but sure it’s possible in some despotic regimes like in Syria etc. This however was not the way Sabu would have had you believe. He was full on in rhetoric that the man had to be stopped because they (the feds) were oppressors.

Over all though, I just cannot fathom that these guys all thought they could just poke the badger like this and not get caught. But then again, Sabu, as was written about in a recent article, when questioned about being AnonymouSabu, said “I don’t even have a computer” to the feds… The feds who were standing there looking over his shoulder at a cable modem blinking away as it transferred data!


Perhaps these guys just didn’t get it? Hey kids, this isn’t a movie. When you guys are sent to jail you will be someone’s play thing. It’s more like Oz than it is Hackers kids.

Stupid Mistakes and A Complete Lack of OPSEC

Another thing that has been bugging me about the media coverage on Sabu’s take down and the roll up of the others is that they keep saying he was a “Hacking Genius” Holy WTF? Really? Obviously these people did not talk to the rest of the community because Sabu made some HUGE mistakes in his Operation Security (OPSEC) It is pretty much obvious as well because the Feds had his name in February, pre BacktraceSec’s posting the info on the web from a story in the NYT tonight, so, someone either turned right quick on him or they just followed the large breadcrumbs.

Sabu also made it easy to find out who he was by making other mistakes like logging into an IRC server with his own IP address. He must have been on the weed at the time or drunk, or maybe just distracted because he forgot the one golden rule of this game.  “Always use TOR” So, he logged in and voila he had given anyone the information needed to track him to his address. This meaning really that the Feds would have had an easy time of getting a warrant and getting his address. This would have been the nail in the coffin really as evidence goes tying him to the IRC and his being Sabu.

Another big mistake Sabu made was using his own address to have those car engines delivered to him. Who else would buy stuff with somone else’s credit cards and then have the stuff shipped to their home address? That is a complete N00B move! Joey Pardella would be proud Hector! Didn’t you learn anything from “Hackers” at all? You just don’t do that shit. As they said in the movie “Universally stupid man” No wonder you got caught and turned so quickly.

So, once again dear news media, Sabu was not a genius. He was in fact just like you and did not do his homework.

No CxO’s You Should NOT Relax

While I am on the media train, let me also say that the media should re-iterate that the Lulzy types are not all gone. Right after the roll up there were at least two hacks that have happened since. Both of the hacks were motivated by Anonymous and LulzSec motivations and should tell the world that they aren’t dead. So all of you C levels out there breathing a sigh of relief over this and thinking you are all good to go should back up a bit.

You aren’t safe.

Just because they rolled up these dimwits does not mean that there won’t be a bunch more of them in the wings waiting on a chance to make their mark. I think of course there will be a lul in the activities, but, they will start up again once they have re-grouped. Paranoia will be the fear du jour for now, but soon enough they will become brazen again and start attacking things once more. I should think that we will be lucky if this all waits until the summer when the kids are home from college though. See, that;s also when the trials will be starting as well.

Imagine it.. Kids with nothing better to do but hack away their summer vacations. Oh, there will likely be lulz again. They will just be without a leader.

In the interim, lets sit back and watch as more raids happen..

Lulz indeed.


Written by Krypt3ia

2012/03/09 at 20:55

Posted in Anonymous, Lulz

So Long and Thanks For All The Lulz…

leave a comment »

Anonymous Begets LulzSec, and LulzSec Begets AntiSec

Once upon a time, a group of pranksters decided to play games online and in the real world. They started it all for the “lulz” and lulz they did have, they poked some seriously tweaked individuals in the eye and thus a movement was born. Along they went pranking and lulzing until one day, a new group came along, and their lulz were a bit more dark in nature. This new faction was named LulzSec and they thought that lulz should be had at the expense of government and anyone they could mess with. The LulzSec crew soon began hacking anything they could get their hands on and posting all of their exploits on Twitter and Pastebin. With each passing hack and dump, they became more and more enamored with the attention… Until one day even the lulz of LulzSec just weren’t enough to sate their thirst for attention…

Thus AntiSec was born.

The AntiSec’s redoubled their efforts for poking “The Man” in the eye and became more and more manic in their attacks as well as their peculiar love of piratical language. Soon they were attacking anything and anyone *cough, low hanging fruit cough* that they saw as an enemy. For months they “sailed the digital seas” stealing and defacing their way into infamy. All the while though, they failed to understand that they all were about to be sent to Davey Jones Locker! For one of their ranks was in fact a spy…And so one day they all found themselves cuffed, stuffed, and on the hood of a car.

It was then, that they all realized the lulz ultimately were on them.

LulzSec and AntiSec: Not So Leaderless, Not So Headless

I seem to remember saying a few things in the past about how LulzSec, Antisec and Anonymous were really not so leaderless or headless. It turns out at least in the case (thus far) of Lulz/AntiSec that I was right. Of course this was not a stunning or blindingly hard observation to make. With Sabu being the mouthpiece and chats on IRC being available, one could easily see that there was a structure here. A pecking order and a chain of command was clear, but just who were the real names and faces behind the screen names and IP addresses? This was the missing piece of the puzzle to many, including the FBI and other LEA’s out there looking for them… Well for a little while that is as it turns out.

As Sabu and his pals got more and more brazen, they became increasingly more open to hubris’ effects and eventually this did them in.. With a little help from their leader “Sabu” aka Hector Xavier Monsegur, the group eventually found themselves under indictment for their crimes. I guess the big game of follow the leader was a bad idea after all for them and am sure tonight they regret it.. But this is the problem when you have an allegedly “leaderless” group out there committing crimes for the lulz of it all right?

Simon says stand up!

Simon says sit down!

Simon says hack the CIA!

Simon says YOU’RE BUSTED!

Sabu and Stupid Mistakes That Haunted Him

But seriously folks… It turns out that the “genius hackers”, led by “Sabu” weren’t so genius after all. Xavier’s data had been floating around the internet for some time and was brought to light by BacktraceSec in March of 2011. Data mind you, that Xavier had not counted on as being out there and able to point people to him as “Sabu” Xavier was sorely mistaken and the clincher, from the reports out now from the FBI, was that he logged onto Anonymous’ IRC with his real IP address.

It just takes once to be party van’d kids.

The data connections between his screen name, his real name, and other data around domains he owned etc, was circumstantial until he made the one mistake that was the smoking gun and led to his arrest it seems. Everyone makes mistakes, but Sabu made more than his share and now they are coming out in the news cycle for all the other kiddies to see. Of course, these were only some of the mistakes that he made. One of the biggest mistakes was to allow his ego to drive the bus here. Sabu it seems not only was a bit crazy, he was also a narcissist, and loved the attention being lavished on him by his followers. Ego like his and the successes he enjoyed while sticking it to the man made it all the easier for him to make some massive mistakes that eventually led to his own demise. You know, like buying three car engines using someone’s credit cards and having them shipped to his address or maybe trying to tell NYPD that he was in fact an FBI agent.


It seems that his pathology was his undoing…

WTF Were They Thinking?

Overall, I personally just can’t seem to get into the heads of the Lulzy bunch. Perhaps its just that I am an old man, maybe its because my parents actually raised me and just didn’t sit me in front of a TV or a computer as a babysitter. Well for that matter maybe I was breast fed and they were not, who’s to know? Many times I have tried to put myself into their heads and see why there were doing it all and where they might go next all to no avail. I guess I finally resigned myself to the idea that they were just nihilists or anarchists, but mostly, I just thought that they were maladjusted teens and twenty somethings acting out.

It turns out though, that in the case of the pied piper “Sabu” it was all about the bling lifestyle of not working for a living and fleecing others to buy car engines and pay bills as well as self aggrandizement in the online world. Oddly enough, from what has been reported thus far, I believe that it was only Sabu who was on the take, the others certainly stole money, but, they did not do so for personal gain (maybe I’m wrong on that?)

So what were the others thinking? Were they striking a blow for the people or were they just in it for the lulz? Time will tell as the trials move forward I suppose. I guess also, each one of them must be re-assessing their decisions right about now…

Ideas, You Can’t Kill Them.. But They Can Be Like Neutron Bombs and Destroy Your Freedom

If anything, I think that this whole fiasco shows that ideas, may be killed as well as they may kill those who gravitate toward them. Anonymous as a whole seems to be more aligned with making a difference in the world of late. Some may have been fans or in fact players in the AntiSec and LulzSec games, but, generally they all should take heed of the events of the last 24 hours. AntiSec, Sabu, and all of the fallout will damage Anonymous like a neutron bomb, it won’t destroy the buildings but the radiation will kill everything around.

Some ideas are just bad.. And most of the bad ideas are cooked up by morons like Xavier Monsegur.. It turns out that the lulz ultimately are on you Sabu.


Written by Krypt3ia

2012/03/07 at 03:40

Asymmetric Warfare and Tugjobs

with 6 comments

The SANS Report: The Jester: A Lesson In Asymmetric Warfare

Post: The Jester Dynamic: A Lesson In Asymmetric Warfare

This report made its way to my desktop last night via a tweet and I just had to read it. Of course after I had read it I felt dirty from the tugjob that SAN’s basically put together on Th3j35t3r and his crusade to annoy the Jihobbyists and Jihadi’s offline by DoS’ing them offline for half an hour at a time. So, I just felt compelled to respond to this report and the inevitable sausage love fest that it portrays Jester’s “work” in the light of reality instead of fanboi love.

First off, let me say that Jester and I have history. Back in the day, when he first started his campaign he/they decided to hit my personal box because it had “jihadist” materials on it. What Jester mentions and is not elaborated on in the report is that his “mistake” was “blue on blue” as he calls it, meaning that he hit me without really doing any kind of preliminary foot-printing as to who I was and what I do. Instead he just decided to mouth off playing up that I had been compromised and that I hosted materials, thus “TANGO DOWN”

After exchanges with me, as ever my diplomatic self 😉 he decided I needed more attention and DDoS, which was all well and good because I was the first to have traffic to give to others to look at for his modus operandi. Anyway, suffice to say that eventually there was a detente between us, but my opinions stand as to his campaigns real uselessness to the real operators out there working to defeat jihad online. In short, I think its a futile exercise and in the end, more of a publicity stunt than anything substantial in the war on terror.

SANS just doesn’t seem to really touch on the facts of how many sites are out there and how much still goes on even with Jester’s dos campaigns… Nor do they really have any substantial backing to some of the claims they allude to with regard to party van’s being sent out for Anon players.

SANS, bad journalism should be left to journalists.

Asymmetric Warfare Or Annoyance?

So, a lone commando goes on a crusade to drive the jihadi’s into the shadows online. He’s a one man cyber army, en-wrapped in the flag, DDoS software in hand.

Umm.. Just what will all this DDoS accomplish? Jester seems to think it will put a stop to radicalizing online, but the reality is that they will just go get another domain or start a new paltalk session. Asymmetric warfare is defined as the following:

“Asymmetric warfare” can describe a conflict in which the resources of two belligerents differ in essence and in the struggle, interact and attempt to exploit each other’s characteristic weaknesses. Such struggles often involve strategies and tactics of unconventional warfare, the “weaker” combatants attempting to use strategy to offset deficiencies in quantity or quality.[1] Such strategies may not necessarily be militarized.[2] This is in contrast to symmetric warfare, where two powers have similar military power and resources and rely on tactics that are similar overall, differing only in details and execution.

From Wikipedia

So, just who is the weaker here? The jihadi’s insofar as strength were never an existential threat in my book online. They have been up until recently, fairly unsophisticated in their communications and their internet skills. The fact is, they were talking pretty much in the open and then comes along Jester and he DoS’s them offline for a little while. They get annoyed and yell, but then they go back to doing what they are doing. There is no net effect here. Even I thought that they might pull back a bit after his campaign started, but nope, they just kept on going because it was easy enough to just go play X-Box until the site was back online.

Frankly, I see nothing in the anti-jihad campaign by jester as being worth the time. He frankly did much more with the LOIC poisoning than anywhere else, but that is another story…

So, in classical definition of asymmetric warfare, this idea that jester was carrying out one, is false. Neither party was particularly well equipped or strategically effective to merit the term.

Cause and Effect In Jester’s War

As I said above, the jihadi’s went on at a pace even with Jester’s DDoS attacks. If anything, Jester just forced them to become more sophisticated and obtain backup sites and mirror their content even more than they already were before he came along. In my experience, it has not been the acts of a lone commando DoS’ing sites offline that has affected jihadi websites and radicalization, it has been instead the death of OBL and the campaign against jihad that the US has been waging by killing or capturing AQ leaders and foot soldiers ( making them think twice). The online portion of this scenario though, is more about the arrests of would be jihobbyists who spoke to the wrong people online and eventually were arrested from good police work than anything else.

I would also add that the killing of Samir Khan and Al-Alawki as well had a much greater effect on online jihad than anything else because they were the thought leaders and the creators/editors/creatives behind Inspire Magazine. I have written much in the past about Inspire and how they were trying to re-kindle the embers in many, but also reach out in new ways to the “western” jihobbyists to get them to do more than just talk online about jihad. You see, that’s pretty much all that has been happening, they talk a good game, but then they go offline and go about their business.

Once again, this makes jester’s campaign moot.

… And so it goes on. The jihadi’s/jihobbyists are still online, they have been quieter since OBL and Samir/Al-Awlaki died because the wind was taken out of their sails really.. Not because they got Dos’d. The sites are alive and well and being used today….

Asymmetric War Or Media Campaign?

Meanwhile, the fact that jester came out of the closet with his rhetoric and his IRC/Twitter/Blog only says to me that there was a need for a media campaign. Why the media campaign? Attention. It’s purely for attention unless there is some other means to an end that he had in mind. Of course at the time there was talk by the DoD/DC3 circles how we needed a “patriot hacker” movement, so, could this be a part of that picture? As the paper states, jester has 28K followers on his twitter and many many fanbois. Oddly enough, all of this started just around the time as Anonymous did as well, it almost seems like one may have created the spark for the other no?

So, Jester paints himself as the Dick Marcenko of the internet and the kiddies flock. People are saying he is a hero and many aspire to the same type of fame and attention. Jester’s IRC channel was flooded with people and he spent time in and out of there getting attention. Attention I think he really just wanted, maybe needed. In his first tangle with me, there seemed to be more than one personality at work and in fact the one that I pissed off seemed to have a lack of self control as well as a juvenile manner. Since then, he/they have matured somewhat but overall has been relegated to not being online as much and not acting out by attacking jihadi’s or Anonymous.


But then he came back. Just recently he began his DDoS campaign again. Why? Well, one of the first things he did was open the IRC again to all comers and now we have the SANS report.

Attention level achieved.

So, in the end I feel its more about attention than it is about gallantry or being an effective “operator” against Jihad.

Just my opinion.

The Rise of Anonymous and Jester’s Part in It

Meanwhile, in between battling the Jihadi’s jester also took on Anonymous because they “doxed active operators in the field” etc. While I can empathize with the sentiment, the follow through was hit and miss in his campaign to out Sabu and others. The SANS reports uses innuendo that says he may in fact have been the one to out Ryan Cleary. In fact, I am not sure about that, because inside sources in Anonymous have said that he was outed by someone on Xbox because he as an asshole to them. This is also the case for many others in the Anon infrastructure, they too were outed by others within the collective because they had a falling out.

So, really SANS, unless you have hard data, please stop.

In fact, Jester had had several misses on Sabu and in fact had to apologize to the players he fingered incorrectly. Oh, and by the way, all of this was done publicly and not just data given to authorities to follow up on. Which should have been the real aegis of doing any kind of investigative work on them to start with. After all, if you put dox out there in the public, even wrongly, you are just giving time to those who may or may not be involved to burn their data and make other means to keep on attacking. Tactically this is just poor operational behaviour.

Perhaps Jester has done things in the background we all do not know about and he has not reported to the media… Perhaps not. Overall though, the most creative thing he has done is to poison the LOIC. THIS was a real coup and I do appreciate that one. Hopefully that at least put some fear into the LOIC skiddies.

In the end though, the kids just kept on coming and now we have AntiSec to contend with as well.

The war is not won.

COIN and Digital Asymmetric Warfare (i.e. Failure)

So, in the end, I don’t think that generally the attention is warranted for the campaigns Jester has carried out that are known to us. SANS seems to be all over him and Sam Bowne as well as Rjack as modern folk heroes in a way. They do not even cover the fact that Anonymous uses the same tactics and methods as well, but, then where would the folk tale really go huh? In my opinion both of these groups/individuals fail at their final goal though. If Anonymous wants to effect change, then they need to stop just wildly doxing people and dumping data that really is not cogent to the issues at hand. Jester needs to have more than just a DDoS to drive the jihadi’s anywhere and in fact, the notion of breaking their C&C by DDoS is not functionally feasible.

If you are driving them.. You have to drive them somewhere you want them.. Not just back into the shadows where the analysts can’t see them.

All of this is not COIN and it’s not asymmetric warfare with digital tools.

It’s just a game and attention seeking behavior.


*Side Note* The book and the picture above are there because even Lawrence, who won great victories by using asymmetric warfare, lost the overall war in Arabia because of the personalities involved.

Just sayin…

Written by Krypt3ia

2012/03/05 at 15:54