Archive for April 2012
Oh Jokey…
As many of you out there have likely seen, Jester got a bit upset when I tweeted to him this weekend pointing out the failure of his ways with removing sites (claimed by him) from the internet with his new tool. I responded to his self lauding tweets that in fact the site may be down now, but, as soon as they get their backup set, they will be back online, just like all the others, so, really what have you succeeded at? It’s been a couple years plus now that Jester has been on the scene tweeting the ever shouted “TANGO DOWN” and claiming a win for the good guy, mainly him. I and others do not feel that he is winning anything nor doing anyone any good except drawing attention to himself and whatever it is he thinks he is doing.
Nowadays, he has bracelets to sell (ostensibly for the wounded warrior project) and a brand name to keep up with his tweets of takedowns. He has inspired many followers and he often lately seeks their approval by tweeting with the hashtag #whoswidme which, well, pretty much to me is just a plea for attention. After the jibe from me on Saturday, he came out with statements that he was going to come at me and that I was on his radar.
Well.. today you have the response on his site and now Island.
Ho hum.
The facts are these.
1) There were files on the server at the time, they were there for a reason and I told Jester that after he started mouthing off about it.
2) I am who I am, so I reacted as the bastard that I am. Meh.. It’s my idiom… Sue me… Oh, wait others have! And lost.
3) I fundamentally disagree with Jester’s method and his goals, as much as they have been explained of breaking their comm’s. I pretty much explained myself in rather clear, albeit terse, language on several occasions including my rant about getting off the lawn. As usual the reading and comprehension levels out there are varied, but the point was made. I continue to say the same thing. Everyone taking this all into their own hands and DoS-ing sites with the idea that they are stopping Jihadi recruitment are deluded. Nor are they driving them anywhere but maybe into places where others (LE) can’t necessarily see them.
This is the crux of the issue. That and I think that there is a certain pathology here with the Jester’s of narcissism and misguided ideals of heroism.
Jester has the right to write what he likes just as I do.. It’s all really a matter of how it’s done and what is being said that should really matter.
Oh well.
K.
Patriot Hackers: GET OFF MY LAWN!
Ali didn’t go far enough so I will say it….
Yeah, I have seen the comments on the post Ali did on Island, and I have heard that there are some folks pestering him now online because of that post. Let me assure you that Ali is too nice of a guy and too caring in how he may be getting things across in a more, shall we say civil manner. Those are certainly not problems where I am concerned, so let me start off with a tirade, cool down a bit, then make a reasoned argument ok?
//RANT BEGINS
Listen up you morons, you are not doing ANY of us a favor with your antics. Taking down sites via DDoS or actually popping them and RM’ing them makes you NO BETTER THAN LULZSEC OR ANTISEC (of the Sabu variety pre popping by the Feds) Your hamfisted attempts at self glorification (and you know who I am referring to) are petty and stupid. You are not serving any greater good in my book and many others (including others in the CT world) by your actions. Basically, you are seen as trying to garner attention that you so much desire because of lacking interpersonal skills or psychological issues induced by ADHD/Aspergers.
Now, IF you are being condoned by some organization in your efforts and directed by parties in the government or military, I say to you, there’d better be a fucking good reason for the actions. I would also say that the stove pipe shit that was supposed to stop post GW’s order has not actually happened and people are just basically shooting each other in the knees here, and this is just patently stupid.
Cut it the fuck out!
For those of you on your own and emulating others such as he who shall remain un-named at present, know this, you are getting in the way. In one way it was nice to have 12 days of nothing to do post these last take downs, but on the other a lot of shit can happen in 12 days that could go spectacularly wrong because of your actions. Think about that as you ponder how you are helping the CT world and saving a soldier somewhere.
You aren’t You are deluding yourself into thinking you are, that’s all. You want to help? You go to the appropriate agency and offer your help. Don’t just go off half cocked and shoot others in the foot with your hair brained actions. Think about the consequence potential of what you are doing to those who are inside the system and operational ok? That especially goes for you Raptor, you claim to have taken down the sites but you really have given out no proof, so I cannot say for sure you did squat that way, but, what I can say is you did ABSOLUTELY NOTHING to the jihobbyists because here they are. all back again with databases intact!
Feel like Sisyphus much? Your victory was hollow at best.. IF you did anything.
So, like the title says… GET OFF MY LAWN!
//RANT ENDS
Whew! Ok, got that out. Now let me take a more reasoned approach here…
First off, you want to help, then please offer help to those in charge of such matters. The FBI say or DHS etc etc. Hell, you can even contact the NYPD right? You see something you say something right? So you see shit, tar it up and email the shit to them! Maybe they already know about it. Maybe, it’s an ongoing operation and they will say thank you and move along. Mostly though, you will have done something constructive instead of destructive and inhibiting.
Secondly, once again, you never know what you are stumbling about in. You could be in fact ruining operations that could lead to arrests or actionable intelligence. Think about it before you go all charles bronson and then later pastebin dump about it.. Or for that matter, talk to Fox news about it. Now there’s operational security huh? Being a news whore about it will only get you derision on the part of some and outright malice on others.
Which am I in those two? Ehh mostly derision as you have seen in the past.
Suffice to say that all I really ask of you all, in my own special and endearing way, is to GET THE FUCK OFF MY LAWN! .. and others lawns. You wanna help, offer it to the authorities. Cut this chicken shit out.
K.
Building A Better Anonymous: Separating The Philosophical From The Practical
So, here’s my thing…
Ok, so here’s my thing.. This notion of building a “better” anonymous is right up front, doomed to failure. As notions go it is a very altruistic one that I think Brian and Josh have thought about quite a bit, but, like many who get wrapped up in the grey areas of philosophy and semantics, they too got lost in the woods and could not see the forest for the trees in the end. Evidently Source Boston had them keynote the show with their talk on making a better, more accountable, and false flag “mostly” free Anonymous that stems from their series of “Building a Better Anonymous“, a series that I actually helped with a bit in the background (shhh don’t tell anyone.. oops)
The case that they make is an interesting one but from my point of view fails to deal with the concept of human nature that will inevitably be the downfall of any such association, group, collective, or whatever else you would like to call it. Human nature, (i.e. the problem between the chair and the keyboard) will always win out because, you guessed it, we are “human” and we have foibles, wants, desires, and of course and ego. These things all make us do things that are counter to the best laid plans of mice and men (aka a charter of standards and behaviors) and will, in the end, cause some to draw outside the lines of acceptable practice.
This means bad actions from bad actors within the fold.. Or, as in the case of the flawed idea of “Anonymous” as an action, will allow for bad actors to take up the nome de plume of “Anonymous” and do things counter to their ideals but still leave the stench and onus on them as the Judas goat. Boiling it down to a simplistic statement for me kinda encapsulates the whole issue of “Anonymous” which means “unknown” by and of its premise, cannot at any time ever, be considered a movement/group/collective etc that will never be used as the scapegoat for bad actors. Nor will it ever mean that bad actors will never get into the fold and destroy things (like a reputation) from within.
And here’s the statement: “One cannot be Anonymous and expect to change the system for the better. If you have a problem with the system (see above poster) then you must be a known quantity”
Josh and Brian speak of charters and standards of action, but there can never truly be accountability as long as those who claim to be advocating those standards hide behind anonymity. When you are anonymous, you lack accountability and thus, the ego and other human natures allow you to do whatever you like. Speaking of human nature, let me direct you to some movie references that they make and where the human nature portion has been stripped from the argument.
The hitman/cleaner in “Léon: The Professional” had a rule; “No women. No kids.” (Leon follows this so good on them)
In Fight Club: “The 1st rule of Fight Club is, do not talk about Fight Club”. (Fight club spreads because people cannot shut up)
In The Transporter, “Rule #3: Never open the package.” (You guessed it.. HE OPENED THE PACKAGE!)
So, out of three examples there, one was ok. But you are seeing my drift there are you not? Human nature will be the downfall of all the grand plans and schemes we have. It’s our nature to do things in our own self interest more than follow guides or charters. If that were not the case, we would not have crime and prisons right? This is an all too convoluted space to be working in and assume that by laying down some “law” (charter) that everyone will follow it AND that the inevitable others who do not, will not affect the whole by their actions. Add to this the notion of something like Anonymous, who’s actions claim to be anything from lulz to moral actions, and you have a great swath of FAIL that will happen.
It’s all well and good to quote Hobbes, but perhaps you might want to read Plato instead?
In the end, I think it better that the use of “Philosophical Realism” be applied to this problem rather than the altruistic beliefs that have been espoused by Josh and Brian. I would also hasten to add that the cognitive dissonance, to use the turn of phrase used, of trying to contain or direct “Chaos” is just not plausible from any realistic standpoint and thus moot in my opinion. If you like a movie/book reference, lets go to one of my favorites “Jurassic Park”
Dr. Ian Malcolm: If there is one thing the history of evolution has taught us it’s that life will not be contained. Life breaks free, expands to new territories, and crashes through barriers, painfully, maybe even dangerously, but, ah, well, there it is.
What Ian is saying is very appropriate to this argument being made by the authors of “Building A Better Anonymous” In my case though, I would change life to “human nature” but, you get the point don’t you? Life is chaos and human nature is also a form of that as well. We are unpredictable animals and our actions, like those with Anonymous, are really quite unpredictable and not very controllable. Just look at what has happened since Anonymous came out, we had Lulzsec, Antisec, and now a host of others taking the model that Anonymous put out there unfinished, and have been wreaking havoc.. In the name of what really? Because they can?
No, this is a failure to launch in my opinion and Anonymous’ cat is out of the bag. The genie is out of the bottle and you cannot put it back in with a charter as the cork.
Sorry guys.
K.
Fear and Loathing In INFOSEC: A Savage Journey Through The Security Wet Dream
Preface:
Recent tweets on twitter regarding conferences being attended and the “epic-ness” thereof once again stirred the bile within me and the urge to spew my vile sarcasm upon you all. I have written in the past about the “INFOSEC Deadhead” cycle but it seems once again to be back in swing and is the grain of sand in my brains gullet bringing you this little gem. I also wanted to write a piece in the style of Hunter S. Thompson as an homage to him as well as to bring the psyche back again to the people that he once gave to a generation of swine. We have a new generation of swine that need to pay attention to what “Uncle Hunter” was trying to say and take heed.
As they say, past is prologue right?
As I look around today at our situation where our digital rights are concerned as well as the oppressive culture of fear that has been eroding what America’s “Dream” was supposed to be, (what Hunter actually went looking for all those years ago) I oft times feel like I need to rip his carcass out of the ground and let him rail against us all for not heeding his words. He was ultimately decrying the fear and loathing, the dark desires and the petty crimes that people in power tend to perpetrate because they have the power. Today, that power extends to everything we do because we do it online.
This is the dark and bloody ground, as he would say, that we all have to live on today. The INFOSEC community and it’s corporate masters (or lackeys) are the new Nixon’s and Muskie’s of a latter day passion play equal to the 72 election that Hunter covered for Rolling Stone. The players may have different names, but the outcomes are the same when you look at them from the larger picture of oppression and dirty dealings (Nixon) and those in the community who wish to fight against them (Muskie) but in the end, we too have to come to the conclusion, as Hunter did, that the system itself is corrupt and those who gravitate to it are either already corrupt, or corrupted by it in the end.
This is for you Doc.
Fear and Loathing In INFOSEC Part One: “The Industry is akin to two dogs fucking… Not even a hose can stop them”
I have written before about the “Industry” as have many others in the business. Many of those writers lament the sleaziness of it all now and how they feel sickened by it. Go to any “con” today and you are besot by a bevy of scantily clad booth babes hawking the warez of this or that instant security solution by XYZ vendor. For those vendors who have caught up with the times though, they instead have the usual grease man with the clipboard at the ready to take your email address to spam the fuck out of you while offering you a spectacular chance to win a new iPad!!
But, this is just one level of the multiplex of INFOSEC Hell, that not even Dante could envision today were he alive….
You see, the real business is done outside the cons, in the boardrooms and the bedrooms, the bars and the back bathroom stalls, anyplace that the corporate greedheads and charlatans can ply their trade… It happens all over the country, but more so than ever today, within the Beltway of this lands capitol. All of these players mime their passion plays to obtain the almighty dollars to sate their needs for more things and to make their daily bread. Grimy hands slither over every inch of the client while pouring soothing words, cooing in their ears about how their solutions will cure their ills and make them more virile than the next guy in line.
It’s Sodom all over again….
Today, we are seeing the works of Hieronymous Bosch coming to life before our eyes, the dull eyes of the damned being clawed and molested by the demons but we are unable to do anything about it. The surging mass of corporatized security snake oil is oozing over every aspect of our lives as the corporate set makes the beast with two backs with the government today in this overly fearful and loathing time post 9/11 and Anonymous. The fear levels of the Bush administration have been supplanted by just one color, the color of fear, and it’s the blackest of black lines covering up the narratives of our lives because it’s been determined to be in the national interest to “classify” it.
It’s all for your protection… Trust us…
But, as we have seen in the last year or so, the security companies and the agencies that employ them, are powerless to stop skiddies from popping shells on their shit and raping and pillaging their and potentially our data in a festival of stupid the likes of which I have only seen in the cheapest of geek shows in a roadside carney just shy of the dustbowl. The barkers in their seersucker suits tell us that they have a show for us like no other on earth. The shill in the audience says “Holy fuck! I saw it and it was fucking great! I am going to see it again” so we go along for the ride thinking that we will be seeing amazing things.
“Trust us, we can protect you! We just bought this here new firewall with DLP protection, it’ll protect your data that we are taking from you.. Err.. We mean, holding for you”
Soon though, you realize that neither the barker nor the shill exhorting you about the wonders, it’s all a scam and you are the rube in the end holding your pockets inside out with your sad hobo clown face drooping as they walk away holding the burlap sack with the dollar signs on it. Hey rube, how are you feeling about the business now? See? There are no sure things in life nor are there any sure fire solutions to your security needs and you have to come to realize that, but then again, now it’s probably too late as you watch that charlatan’s shadow slink into the night huh?
“But… But… You promised me security” slips from your tongue to an empty dirt floored big top and you realize that the carnival of security has taken you for quite the ride. It’s then that the revenuer comes out of the shadows and say’s “Don’t worry, I am from the government, and I am here to help you” This is where you should flee the scene, but you can’t because you have nowhere left to go, the emperor who usually has no clothes on actually stole yours, so naked you stand sheepishly lowering your eyes…
You’ve been screwed.
The moral here kids, is that the corporations, all of them, are not seeking to protect your data. They are seeking to make money. The corporations set up to sell the “security” to protect that data of yours are just as bad, they are just looking to hawk their warez and to make money. Sure there may be some within them trying to do good, but the all encompassing drive for revenue, the almighty deity of all business no longer is to do a good job, or make a great and sturdy product, instead the ethos has been replaced with “make money now as quick as you can and then exit stage right” This is the real drive behind every business today and if anyone tells you anything different they are either fooling you, themselves, or both of you if you really believe it.
Every day there’s a new “Veg-O-Matic” for security and every day a new bypass is found for it by some crackerjack security researcher out there noodling around, or perhaps they aren’t just noodling huh? Perhaps they are actually a cog in the large wheel of the security machine huh? Perhaps they are just a pawn in the great game of security chess, move and counter move and the ultimate goal is the almighty sack of money in the non extradition country bank? What’s the point really anymore other than the congress of conjugal visits with material wealth huh?
Seriously, this is the ultimate corporate and charlatan’s wet dream, a never ending revenue stream from vague ideas that are easy to bamboozle and flim flam people and companies easily with.
“See, you’re gonna have to rip out that root kernel because you are back-boning on my internet”
“Yes yes! Oh my fucking God YES! Say mister how much? How can I get in on the ground floor here?”
A generation of blind and significantly mentally deficient swine are buying the swill of the security industry, charlatans, barons, and hucksters all. Now, you can add to this the government and their need to suckle the security tit as well. Good God are these guys also the biggest bunch of rubes and con men as well. Never a more incestuous bed has been laid in as the one we are seeing now between the government and the whores of business bedding them. Truly, there is fear and loathing kids, and the fear is being fed to you and the loathing has only just begun.
Open your eyes…. See the horrors….
EPILOGUE:
The whiskey is gone now and the sun is setting blood red into the west… I have expended my bolus of bile and bones from having ingested this diatribe only to spit it out in your faces. Take heed dear reader, there will be more… And the next time I will be delving into the government oubliet where they had hoped to hide their collective dirty sins…
But they cannot hide them.. It’s all so Freudian….
Take from this diatribe that in the end, no one is looking out for us corporations or companies. It’s all about profit and sleaze, ego and fame….
Til next time…
“Fear and Loathing in INFOSEC The Community: Ego, Boredom, and Empty Hipserism” coming soon.
K.
AQ Air: Mostly Hot.. Not So Interesting.
AQ Air: Trying to Fill The Inspire Shoes
With much hubbub on the news services, the release of the new “AQ Air” magazine was announced on the newly re-formed and restored jihadi boards online this week. The thought behind the “magazine” really was to be something to replace Inspire, which, after the deaths of Samir and Anwar has fallen off the map. It’s not known if the others involved with inspire behind the scenes are even alive nor if they plan on resurrecting production, but this release by Abdullah Dhu al-Bajadin is no Inspire, nor should it inspire much of anything frankly.
The magazine is really just a series of powerpoint slides exported to a pdf and consist of the process to create chloroform on the cheap or, should we say in your mom’s garage? The intent here is to incite others to create the chloroform to use on airplanes perhaps? It’s really unclear as to the whole use of the airline motif other than perhaps as a link mentally to the AQ in NY picture that came out the week before and created such a stir with the NYPD and the media.
Overall though, this “magazine” is no more than a childish attempt to garner attention, sow fear in the overly fearful, and perhaps attempt to get some jihobbyists to think about making chloroform and using it in some grand plan to attack America.. Frankly, they’d have an easier time just knocking over a veterinarian or something to get the chloroform rather than spend all the time trying to be Muhammad Nye The Science Guy.
The Files
The magazine wasn’t the only thing bundled in the drop by Abdullah though. In the rar file that was uploaded to multiple locker sites were five video files that were taken from the internet and re-purposed for the release. The videos in the raw, can be found on Youtube and other places and were made by what seems to be a German youth. Arabic script has been placed under the video and for the most part there is little to no narration, but background noise, including a German radio broadcast can be heard in at least one of the videos on the production of chloroform.
Metadata from the files shows that they were handled on a Windows machine using the following saoftware:
- chloriform.pdf file created 4.6.12 7:44pm
- Created on Windows Xp
- Created with pdfFactory pro 3.52
- Video files are in Real Video format without metadata
Conslusions
There is nothing to be really seen here frankly in my opinion. Unless this guy gets some real help with making this the next “inspire” it will just be another series of pdf files of powerpoint slides on how to make explosives or chemicals which are all over the internet. Inspire was a magazine that had much more content around the meaning of jihad for these guys and attempts at slick propaganda than this could ever aspire to. Thusly, this is a non starter for the media and perhaps that’s why it dropped from the news cycle so quickly. Abdullah though, he is another story, he has been around for some time making bombs and will continue to do so until we capture or hit him with a Hellfire missile launched from a predator.
We will keep an eye on him but, this is piffle and should be treated as such.
Oh, and loved the use of the daytime soap to show how to administer the chloroform.. I am sure General Hospital is happy that you did.
K.
Jihadi Sites Fall Down… Go Boom… Again.
3.22.12
Mohammed Merah, kills 7 people and plans on killing more but is cornered in his home. He is tracked by his IP address when he attempts to buy a scooter online. Merah holds up in his apartment for 30 hours before being killed in a gun battle. The French put out the word that they are going to crack down on Jihadi online content, or much more to the point, if they catch you looking they are going to arrest you.
The laws are still being haggled over.
3.23.12
On or about the 23rd of March, the sites that are usually monitored by certain people and organizations began to wink out of existence online. The sites started to have trouble then just went offline. It was obvious at the time for me and some others that these were not just the run of the mill DDoS attacks, but instead, the sites had been either RM’d offline by attackers or they had been yanked offline by the increasingly twitchy admins.
The sites stay down and are supplanted by the likes of As-Ansar for traffic, but basically, the boards go quiet… Paranoia builds.
3.27.12
Muhrad Hussein Almalki is arrested in Valencia Spain. He was the admin of “Ansar Al-Mujahedeen network” and praised Merah for his killings online. His online name is أمين المكتبة It is suspected that the librarian is in charge of more than one of the sites that eventually goes down.
4.3.12 to 4.5.12
On the 3rd of April, the domain for shamikh1 and its server is moved to a hosting service in the Caribbean. On the 5th of April the site comes up again. The admin sends out an email to all members:
السلام عليكم ورحمة الله وبركاته
بشرى سارة
عودة شبكة الجهاد العالمي
الإدارة
All of the data from the site is back online and it seems the backend has been cp’d elsewhere before the takedown occurred.
4.6.12
Some of the sites have returned like Shamikh others have not. Out of the 5 it seems that at least a couple are still down and others seem to be under attack in other areas. Almadad is now under attack it seems and is as of this looksee down.
Questions:
At first I thought that perhaps players within the patriot hacker movement may have been involved, and perhaps they did after all, but, it seems to me more so now that the timing of the events all point toward a concerted action by governments. The hacking of the sites likely was done via bad installs of the PHP and SQL installations on the boxes that the databases resided on. There must have been actionable intelligence on some actions that the AQ boys and girls were planning or, the powers that be decided it was time for an interruption. You see, at least one of the main sites is back and it would seem they are back in business pretty quickly. Of course they have had this happen in the past and have moved servers and domains quickly enough.
Now, the questions though are the following:
- Was this takedown the work of governments
- If it was government and the dbases are all back up as they were before… Then this means that they are compromised. They seem unchanged
- The admin’s were twitchy enough before with all of the attacks by the jokey’s of the world and other <REDACTED> things that happened. So how are they going to react now?
- If this was the patriot hacker movement, then why no bragging?
- Did DGSE have anything to do with this? They seemed pretty motivated given the chatter online post the Merah incident that they planned some actions soon in France
- Last time there was a big takedown, there was a large roll up of players soon after… Should we expect some more now?
Conclusions:
- I lean toward a government sanctioned action perhaps using those patriot hackers.. But more likely it was a group of “SPOOK” hackers
- The sites had been compromised for some time and the word was finally given by whatever government service/agency/power to pull the plug
- They knew the sites would return, it is possible that someone took over for the likes of the librarian but… One has to wonder if maybe shop has been set up as a honeypot
- If it’s not a honeypot, then it shows the resiliency of the movements within the technical area and that they can stand up a site fairly quickly and seem to have a DR program up
Interesting times indeed. I would keep an eye on the news for a couple of things…
- Some very specific drone strikes
- Arrests
- VERY jumpy admins of other sites.
K.
INFOSEC: The Eternal Struggle
The Five Stages
In the past I have written about the INFOSEC space and some of the problems I have faced with it. It seems today, with the ever present cyberdouchery over “cyberwar” and the seeming eternal specter of Dr. Cyberlove (Richard Clarke) prognosticating our doom vis a vis China, I feel compelled to talk about it all again. Mostly though, I want to impart to you all a sense of how things are going, where we are headed, and the general malaise that I feel the world of “INFOSEC” is faced with on a daily basis.
In listening to the last EL podcast, I once again heard the frustration in Lizzie’s and Chris’ voices and, as I was having a stellar week myself (which will be talked about on the podcast tonight) I came to some conclusions on what it is we all do, perhaps some motivations behind why, and a feeling that perhaps nothing will ever really change in how things happen within this business. In the past I have lamented, but, like any process of grieving or other, there are stages right? I guess this means that I have come to the last stage, that of “acceptance” This is a conclusion I have come to recently and I think all of you out there may in fact come to the same conclusion eventually in your own INFOSEC experiences.
I personally have come to the stage of acceptance recently. I accept that in truth, there is only so much I can do and beyond that which I have direct control over, nothing else can be done.
The Hype and The Realities
Like I said, we have Dr. Cyberlove out there every day it seems, hitting a new news resource to get his name and his company out there with outlandish plots of how we are already pwn3d by China. The generals in the military and the government movers and shakers are all moving with fear tinged with desire, for more control over the internet as a whole while the beltway bandits are all in the wings, like a murder of crows on a powerline, watching dark eye’d, waiting for their moment to strike.
You see, it will be the crows that have the best day of all…
For every headline, every law enacted, and every grab at power made, there will be one person that will have to deal with the outcomes..
You.
On they will roll with cyberwar talk and fearful stories of how the world will come to a screeching halt once the hackers (or APT if you listen to Dr. Cyberlove and others) hack into the power grids and the nuclear silo’s. We will be at an existential threat to humanity because of the likes of Chinese hackers or worse.. Anonymous. We MUST protect ourselves by making many more laws to govern how we act on the internet as well as grant ultimate domain to protect intellectual capital for Hollywood!! We must prevent world war III in CYBERSPACE!
…. Or so Dr. Cyberlove would like you to believe….
The realities are much more pedestrian and not as sexy a story line befitting a new “Die Hard” movie so you really don’t hear about them. The realities are that there are issues with digital warfare, for lack of a better term, that could make our lives a bit more difficult, but, they would not end our way of life. However, the perceptions of many might fit a more common scenario that we in the community and without, may be more familiar with.
Batman and his “Rogues Gallery” of evil doers. It’s not reality, but, many of us tend to gravitate to the stories and the ethos right? So, lets take a look at it all from the pantheon of Batman. I know, I have gone down this path before but it is an amusing one if not at least an apt one.
“I’m The Batman” You Say?
So, you… yes you… the one in the batcowl. Protecting your domain, your “Gotham” as the network warrior, the lone sentinel holding back the night of the internet. How are you feeling about your job of late? Post APT and Anonymous, how are you feeling about the safety of your city? Do you feel that you have the tools and the know how to protect it? Are you backed up by the right people? Funds? Tools? Do you sleep at night or do you toss and turn.. Oh, sorry, during the day, as you work at night…
This seems to be a common mentality in many of the network security folks out there, that of the protector, the Batman. You get into this business for sundry reasons, but many have had it from the avocation stage to now being paid fairly well for it. Some of you may have trod the path of Bruce Wayne and gone to live in the criminal world, to test yourselves, to know your enemy. Others, may just want to live the dream and be the Dark Knight of the Network because you think its cool.
All of you though likely have days when you ask “What the fuck am I doing?” We all love the illusions but the realities, like those above about the hype and the douchery often creep in and brow beat us into submission. Some of the realities are things like no one wanting to take your advice, others might take the form of outright loathing of you for your stances being too hard on the users and the management objectives as they are counter to theirs. Things would be much much simpler if you were just the Dark Knight, alone and able to mete out justice with a Batarang huh? Still though, this is reality and the closest you will get to being a protector short of either becoming a bodyguard or Secret Service.
So Batman, evaluate your goals in life. Do you want to be just like the Dark Knight? A vigilante to some? Loved by few? Generally seen as someone to put a stop to? That romantic notion of being the lone sentinel wearing thin a bit now?
Can You Really Protect Your Gotham City?
This should be the first question that you ask yourselves if you are in the position of being the “protector” of the domain (Gotham) that you live or work in. As security people, you have a myriad of kinds of jobs, but the majority of them are not the sexy hacking gigs. No, there are many others out there who are the grunts doing the security architect work or some other management security positions or, you may even be part of the “C” class and be management. What you will always find though, is that it’s not only the external forces of the rogues gallery looking to take you down, but also the lack of cognition on the part of those you protect as well that may be your demise.
Security, even today, is still seen by many as just a cost center as well as a nuisance at the worst. Your job, every day, is to protect the companies data, and by proxy, depending on the company, the data of clients or perhaps consumers as well. The business as a whole is seeking profit, and profit means that they do things quickly or “agile” as the term of the day seems to be. To be agile though, the businesses often don’t want to be burdened with the extra steps of security. Steps mind you, that you need to carry out to insure that the “product” or “the data” that the company uses, manages, or sells, is in fact safe from theft.
You sir/madam are now “The Batman” Feared by some, loathed by others, and generally looked upon as someone to avoid as the story goes. Sure, you are likely a hero to still others, but, those are not the majority, and it is your thankless job to protect them all.. .With or without their help.
Are you really prepared for that? Can you keep that fact at bay and do the thankless work or will it trouble your sleep just as much as the chinks in the armor that you aren’t able to fix in your cities defenses?
Do You Have A Commissioner Gordon?
In the world of Batman, he has one key player, and that is Commissioner Gordon. Gordon helps Batman, he agree’s that there is a need for something more than the status quo to protect the city and, Batman has stepped up to help. Do you have a Gordon in your organization? Is there someone who really believes in security as a necessity and will fight for it? Or are you the Dark Knight who, after Gordon has been killed has little to no help in the crusade. Unless you have some real help, all too often you will only find yourself alone fighting a battle that you cannot win.
In the world of INFOSEC, you have to have this advocate as well. Unless there is a top down approach, you will end up just flailing around and gnashing teeth trying to protect your Gotham, but will only end up frustrated and likely burned out. This is something I have seen and heard a lot about these last couple of years within the community. Batmen and women are getting burned out, jaded, and angry because they do not have the Gordon to help them on top of being misunderstood or maligned because their beliefs and their willingness to take action are misunderstood or ignored.
So, if you do not have an advocate in a position of power such as a commissioner, consider yourself in an even poorer position than you are already and resign yourself to a much higher chance of failure.
Is It All Really Worth It?
Another good question to ask one’s self before taking on the cowl, is whether or not this is all worth it. Being the Dark Knight is not glamorous, it is not lauded, it is thankless and often maligned as jobs go. Sure, it looks really cool in the comic books and movies, but the realities aren’t so pretty. While Bruce Wayne does all of this out of compulsion, we today in the INFOSEC field are doing it maybe out of an avocation, but to most it’s a mix of avocation and a living. Once that veneer of fun and accomplishment wears off, just what do you have? Will you really want to go to work every day? Or would you rather just walk away, or worse, go to the dark side?
Face it, you are protecting things and people who generally do not see the validity in what you do in many places. Sure, some get it, some Gotham’s lap it up and are true pockets of belief, but, on average, look at all the corporations out there who got popped this last year even after giving lip service to performing “security” to protect their clients and their data. The realities are that the majority don’t get it and perhaps don’t care to. Hopefully you find yourself in a place that gets it and you have the Gordon and perhaps even a Harvey Dent (before the scars and insanity) to help you in your quest to guard the line… But.. I am not saying you will.
So, is it worth it getting into this career? Into this dark world of back alley battles and leaking of informational blood? I guess for some of us there is no other choice. For good or for bad, we toil on in whatever environment we are in to try and make it better. Others, well, they like to break shit, and get to on a regular basis, but even those guys often are heard lamenting the state of affairs because they aren’t just malevolent.
They truly want to be Batman too… But they are more Nightwing instead.
Ultimately, you have to take stock of your battles and wars to decide whether or not this is the life you want.
Time To Hang Up The Cowl?
Meanwhile, just like the escalation of the rogues gallery, you too will have to face new threats every day. Jack Napier made Batman by killing Wayne’s parents in front of him. Batman made Joker by battling Napier later on and ultimately driving him insane, thus becoming the main nemesis for Batman. After that others came along, seeing the Batman as their nemesis and upping the ante. Do you see where I am going with this? Look at the INFOSEC world today.. APT, ANONYMOUS, HACKERS, CRACKERS, HACITVISTS, LULZSEC, LULZSEC REBORN… It’s all about escalation. Some want to one up the other while many just are looking for a new way to make easy money by stealing.
When you look at the progression and then the response in the government and military sectors as well as the corporate clowns looking to sell security snake oil, you start to see a bleak picture. Mostly from the perspective though that no matter what you do, no matter how many nights you put on the cowl and use the Bat-grappling-gun to swoop between crime scenes, you will NEVER truly be able to staunch the flow of loss.
And that’s the most simple of truths.
If you can deal with never-ending war then do gird your loins and wade into battle. If not, if you take stock and the battlefield is not even remotely in your favor nor will it ever be, consider what you are doing. This is a battle you can never win.
And in that realization, you have the final of the 5 stages… Acceptance. If you can accept these things, and you feel you can fight on.. Then let the battle rage. If not, then you might want to consider moving out of Gotham.
K.
COMING SOON! FUD FUD FUD!
ZOMG A JPG OF… WELL…NYC THREATENING AQ ATTACKING NYC! FLEE!
The picture you see above showed up on the As-Ansar sight on the 2nd of April and was posted by عاشق الشهاده2 Ansari Mojtahd and to date has stirred up quite the feather or three. It seems the NYPD, the NYFO of FBI and the news have all gotten bent out of shape because some 24 year old kid is getting jiggy with his Photoshop CS5 on Windows and posting stuff to As-Ansar, one of the lesser AQ affiliated sites on the internet. I too saw this file come along on the 2nd and thought “ORLY NOW!?” but, after looking at the user data of the poster and his history, I decided to file it in the “propaganda with some flair” file and not much more.
Then I woke up today and checked Twitter….
Great GOOGLY MOOGLY! Ray Kelley is getting all over this as is everyone and their brother because the jihobbyists wanna post pictures that are basically glorified digital postcards about coming back to NY like a rock band. Look people, it’s just a graphic ok? Look at the user and look at the venue, this guy is not Geobels and certainly not Samir Khan ok?
CHILL.
Threats And Allegations
Ok, so, yes AQ would love to hit NY again and they tried with Faisal… Well, actually that was more Pakistan and the ISI perhaps with the Taliban and not so much AQ or AQAP (do your fact checking folks) yes yes yes, they want to hit us again. This picture is just one in a series of pictures that this kid has created for As-Ansar, really, I swear he is looking for a job at As-Ansar more than anything else. Just look at the work by Googling the user name and hitting the “images” tab ok? He’s practising his Photoshop skills.
Now, of course he put it out there.. The infamous picture now that has everyone all freaked out is just a picture, a kind of calling card I think not a definite plan on how they plan on attacking NYC. Hell, this is not even a “credible threat” ok? Wakey wakey NYPD. Sure, look into the guy, look into his posts and definitely see if he has more connections etc online that could paint him as a player but really, going on the news about it?
“Shark jump much there Fonz?”
Aspirational Content Using Photoshop ZOMG! We’re DOOMED!
Alrighty, so this is “aspirational” as I have told the media who have contacted me. This means that they aspire to this, as nebulous as that aspiration can be from an image like the one above. This in NO WAY means we are doomed or that NYC will be seeing an attack like 9/11 again directly relating to this piece of so called artwork. Sure, the kid may indeed want this to happen, he may “aspire” to helping the cause by creating propaganda that might “inspire” others to acts of violence against NYC, but, what is the likelihood of this with this image alone?
Not much.
Ok, the kid may be on his way to becoming more adept at this and sure, he has a slick 3D skill set there with that Adobe product on his Windows box, but, so what. Anyone today could really do the same thing. The crux of the issue is whether or not this kid is going to move further up the ladder and attempt to take over where Samir and others left off with “Inspire Magazine” All informatics thus far about him that I have seen point to “not so much” This doesn’t mean though, that after all of this hullabaloo over his nice pictures that someone won’t offer him the position right?
Talk about self fulfilling prophecies huh? Nice work Ray, NYPD, FOX, and others.
Over-React Much News Media and NYPD?
While I am on the Ray and NYPD thing.. What the Hell man? Really? This did not warrant this attention and posturing on the part of the NYPD.. Whoa, wait a minute.. Unless that is if you are playing damage control over all of the crap you guys have been caught up in over Muslims and invasion of privacy etc. Oh yeah, now that makes sense to me.
“Look at the birdie! Look at the birdie! LOOK AT THE GOD DAMN BIRDIE!”
Yeah, now I understand this.. That and the mindset here is that anything at all constitutes a clear and present danger….
Duh.
This Is What Happens When There Are Fewer Sites Online For The Kids To Play On
Meanwhile, another fun fact in this little passion play of stupid is that this site is one of the few left on the internet at present. It seems about 12 days ago, hackers of unknown origins, be they state sanctioned or other, began taking down all the main AQ sites out there. Now, there are none of the big boys out there to be seen so the little guys like As-Ansar get all the attention.
Thus you have this little debacle.
Let me give you all a hint. If those sites were taken down in concert by a government then they must have had a reason. If it was other players (vigilante’s) then you have done nothing to help the cause by taking down sites that others were monitoring to keep tabs on these fools. Time will tell what the real truth of the situation is, but soon you will see the sites come back online (very soon for one of them) so what have you really done? You have just made them scramble to make new domains and they will be back like cockroaches.
… And some of them will just burrow further into the darknet and other places where it will be harder to watch them…
Thanks.
No, This Kid Is No Threat
In the end, this should be an object lesson for the talking heads, the media, and you gentle reader. This was blown WAAAAAAYYYY out of proportion and any of you out there who thought it was an existential threat need to start digging those bomb shelters again in your back yards. This was piffle, and if anything you just made a star out of this 24 year old….
Nice work.
K.
Krypt3ia 