Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for January 20th, 2014

ASSESSMENT: Threat Intelligence and Credit Card Fraud

with 3 comments

rescator_maltego

TARGET:

With the escape of card data and personal data from Target over the holiday season we have seen an uptick in stories about the underworld of carding. Of course Target is just one large company that has been hit with such attacks albeit this time this one hit scored over 70 million cards and their attendant PII data. As the fallout continues to get reported on the attack itself, Brian Krebs has been reporting on those behind the scenes offering up the “dumps” for the criminally inclined to buy cards and data in order to create new lines of credit or spend the ones that have been stolen. As time has worn on though, and as Target starts to release details of just how inadequate their security was on their systems that allowed this attack to happen from external access to their intranet one thing has become clear; Credit crime is not abating and the banks and credit companies are either powerless or don’t care to find ways to stop the hacks and dumps from happening in the first place. Target specifically in this instance has done a terrible job of responding to the incident with clients and the street and now that details are coming out about their internal security issues, they no doubt will be hiring PR firms by the dozen to spin a tale that this was impossible to have stopped.

CARDERS:

In reality the carders live a fairly open existence on the internet in PHP bulletin boards much like the jihadi’s do. Their OPSEC is lacking as Krebs can attest and in some cases really don’t care because they live or work in countries where the laws are not as robust and they don’t really fear prosecution. After having been on their sites and looked at caches as well as live data I can say that the OSINT that Krebs culls is not that hard to perform and that more people should be doing the same thing in order to interdict possible attacks in the future. I would assume that there are personnel tasked to do this from say Treasury or USSS but inasmuch as all of this came as such a surprise and that Krebs broke the story before anyone else says a lot about the lack of eyeballs on these forums. These guys are living large and often are not that old to begin with. We aren’t talking about old KGB guys now lurking the net and stealing credit card data to support their plans of world domination. What we are talking about are kids who play Xbox and have a revenue stream that is often times pretty robust allowing them to do pretty much whatever they want. Of course I suspect that there are ties to Mafiosi of the Russian variety (this case) as well as in other quarters because hey, this is just another piece of action right? What still amazes though is the naked operations that these guys carry out day to day that don’t even require much else than an ICQ connection and an email address that can be thrown away.

RESCATOR:

Screenshot from 2014-01-20 15:54:08

In the case of Rescator though, we have a kind of a “Senatus” as they like to call him on the sites who seems to have been at this for some time and has amassed an infrastructure to allow for the sale of not only stolen credit card data but also flooding services and other offerings. In the case of the latest Target affair, Senatus Rescator is most definitely at the forefront of the whole thing. He and others like Flavius are in charge of about 10 or so sites that are transitory at times and all bulletin boards pretty much explicitly for the trade of credit card data. Now, as to whether or not Rescator was the main operator behind this hack on target and others is a question that I cannot answer at the present time. I will say though that the conglomerate including those like Flavius and Rescator may in fact form the cabal that ordered up the hack and ex-filtration or perhaps just benefited from the dumps that came to them from the hackers. I lean towards though the idea that Rescator and Flavius and others were likely the ones who put this all together, purchased the malware, and got the hired hands to pull it off if not doing some of the work themselves. That Krebs and others have actually tracked Rescator to a single name and have his personal details shows the lack of OPSEC there and one hopes that sometime in the near future he will get a knock at the door from Interpol and the USSS/FBI but that remains to be seen.

LAMPEDUZA, RESCATOR, OCTAVIAN:

Screenshot from 2014-01-20 15:47:49

Screenshot from 2014-01-20 15:55:40

Screenshot from 2014-01-18 10:13:33

Screenshot from 2014-01-18 12:38:42

Screenshot from 2014-01-18 15:38:25

Domain ID:GMOREGISTRY-DO27434
Domain Name:RESCATOR.SO
Created On:2013-10-01T07:27:57.0Z
Last Updated On:2013-10-08T06:45:26.0Z
Expiration Date:2015-10-01T23:59:59.0Z
Status:clientTransferProhibited
Status:clientUpdateProhibited
Status:clientDeleteProhibited
Status:serverTransferProhibited
Registrant ID:WN18968955T
Registrant Name:Private Registration
Registrant Organization:rescator.so
Registrant Street1:Rm.804, Sino Centre, Nathan Road,
Registrant City:Kln Hong Kong
Registrant State/Province:Hong Kong
Registrant Postal Code:582-592
Registrant Country:HK
Registrant Phone:+852.23840332
Registrant FAX:+0.0
Registrant Email:rescator.so@domainsproxy.name
Admin ID:WN18968956T
Admin Name:Private Registration
Admin Organization:rescator.so
Admin Street1:Rm.804, Sino Centre, Nathan Road,
Admin City:Kln Hong Kong
Admin State/Province:Hong Kong
Admin Postal Code:582-592
Admin Country:HK
Admin Phone:+852.23840332
Admin FAX:+0.0
Admin Email:rescator.so@domainsproxy.name
Tech ID:WN18968957T
Tech Name:Private Registration
Tech Organization:rescator.so
Tech Street1:Rm.804, Sino Centre, Nathan Road,
Tech City:Kln Hong Kong
Tech State/Province:Hong Kong
Tech Postal Code:582-592
Tech Country:HK
Tech Phone:+852.23840332
Tech FAX:+0.0
Tech Email:rescator.so@domainsproxy.name
Billing ID:WN18968958T
Billing Name:Private Registration
Billing Organization:rescator.so
Billing Street1:Rm.804, Sino Centre, Nathan Road,
Billing City:Kln Hong Kong
Billing State/Province:Hong Kong
Billing Postal Code:582-592
Billing Country:HK
Billing Phone:+852.23840332
Billing FAX:+0.0
Billing Email:rescator.so@domainsproxy.name
Sponsoring Registrar ID:webnic
Sponsoring Registrar Organization:Web Commerce Communications Limited
Sponsoring Registrar Street1:Lot 2-2, Technology Park Malaysia, Bukit Jalil,
Sponsoring Registrar City:Kuala Lumpur
Sponsoring Registrar State/Province:Wilayah Persekutuan
Sponsoring Registrar Postal Code:5700
Sponsoring Registrar Country:MY
Sponsoring Registrar Phone:+60.60389966788
Name Server:GREG.NS.CLOUDFLARE.COM
Name Server:ROSE.NS.CLOUDFLARE.COM
DNSSEC:Unsigned

Domain Information
Query: rescator.cm
Status: Active
Created: 01 Jan 2014 15:52 WAT
Modified: 10 Jan 2014 09:54 WAT
Expires: 01 Jan 2015 15:52 WAT
Name Servers:
pns4.cloudns.net
pns5.cloudns.net

Registrar Information
Registrar Name: Web Commerce Communications WebCC

Registrant:
Name: Private Registration
Organisation: rescator.cm
Address:
Rm.804, Sino Centre, Nathan Road
Kln Hong Kong, Hong Kong 582-592
hk
Email Address: rescator.cm@domainsproxy.net

Admin Contact:
Name: Private Registration
Organisation: rescator.cm
Address:
Rm.804, Sino Centre, Nathan Road
Kln Hong Kong, Hong Kong 582-592
hk
Email Address: rescator.cm@domainsproxy.net

Technical Contact:
Name: Private Registration
Organisation: rescator.cm
Address:
Rm.804, Sino Centre, Nathan Road
Kln Hong Kong, Hong Kong 582-592
hk
Email Address: rescator.cm@domainsproxy.net

Billing Contact:
Name: Private Registration
Organisation: rescator.cm
Address:
Rm.804, Sino Centre, Nathan Road
Kln Hong Kong, Hong Kong 582-592
hk
Email Address: rescator.cm@domainsproxy.net

Domain ID:GMOREGISTRY-DO27425
Domain Name:LAMPEDUZA.SO
Created On:2013-10-01T00:58:44.0Z
Last Updated On:2014-01-16T14:55:50.0Z
Expiration Date:2015-10-01T23:59:59.0Z
Status:clientTransferProhibited
Status:clientUpdateProhibited
Status:clientDeleteProhibited
Status:serverTransferProhibited
Registrant ID:WN18967443T
Registrant Name:Private Registration
Registrant Organization:lampeduza.so
Registrant Street1:Rm.804, Sino Centre, Nathan Road,
Registrant City:Kln Hong Kong
Registrant State/Province:Hong Kong
Registrant Postal Code:582-592
Registrant Country:HK
Registrant Phone:+852.23840332
Registrant FAX:+0.0
Registrant Email:lampeduza.so@domainsproxy.net
Admin ID:WN18967444T
Admin Name:Private Registration
Admin Organization:lampeduza.so
Admin Street1:Rm.804, Sino Centre, Nathan Road,
Admin City:Kln Hong Kong
Admin State/Province:Hong Kong
Admin Postal Code:582-592
Admin Country:HK
Admin Phone:+852.23840332
Admin FAX:+0.0
Admin Email:lampeduza.so@domainsproxy.net
Tech ID:WN18967445T
Tech Name:Private Registration
Tech Organization:lampeduza.so
Tech Street1:Rm.804, Sino Centre, Nathan Road,
Tech City:Kln Hong Kong
Tech State/Province:Hong Kong
Tech Postal Code:582-592
Tech Country:HK
Tech Phone:+852.23840332
Tech FAX:+0.0
Tech Email:lampeduza.so@domainsproxy.net
Billing ID:WN18967446T
Billing Name:Private Registration
Billing Organization:lampeduza.so
Billing Street1:Rm.804, Sino Centre, Nathan Road,
Billing City:Kln Hong Kong
Billing State/Province:Hong Kong
Billing Postal Code:582-592
Billing Country:HK
Billing Phone:+852.23840332
Billing FAX:+0.0
Billing Email:lampeduza.so@domainsproxy.net
Sponsoring Registrar ID:webnic
Sponsoring Registrar Organization:Web Commerce Communications Limited
Sponsoring Registrar Street1:Lot 2-2, Technology Park Malaysia, Bukit Jalil,
Sponsoring Registrar City:Kuala Lumpur
Sponsoring Registrar State/Province:Wilayah Persekutuan
Sponsoring Registrar Postal Code:5700
Sponsoring Registrar Country:MY
Sponsoring Registrar Phone:+60.60389966788
Name Server:PNS4.CLOUDNS.NET
Name Server:PNS9.CLOUDNS.NET
Name Server:PNS7.CLOUDNS.NET
Name Server:PNS5.CLOUDNS.NET
Name Server:PNS8.CLOUDNS.NET
DNSSEC:Unsigned

Domain Name: LAMPEDUZA.NET
Registrar: INTERNET.BS CORP.
Whois Server: whois.internet.bs
Referral URL: http://www.internet.bs
Name Server: NS1.CLOUDNS.NET
Name Server: NS2.CLOUDNS.NET
Name Server: NS3.CLOUDNS.NET
Status: clientTransferProhibited
Updated Date: 03-oct-2013
Creation Date: 31-may-2011
Expiration Date: 31-may-2022

>>> Last update of whois database: Mon, 20 Jan 2014 20:30:53 UTC <<<

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: LAMPEDUZA.NET
Registry Domain ID:
Registrar WHOIS Server: whois.internet.bs
Registrar URL: http://www.internetbs.net
Updated Date:
Creation Date: 2011-05-31T11:47:48Z
Registrar Registration Expiration Date: 2022-05-31T11:47:48Z
Registrar: Internet.bs Corp.
Registrar IANA ID: 814
Registrar Abuse Contact Email: abuse@internet.bs
Registrar Abuse Contact Phone:
Reseller:
Domain Status:
Registry Registrant ID:
Registrant Name: Jeremiah Heisenberg
Registrant Organization: Offshore Hosting Solutions Ltd.
Registrant Street: Oliaji TradeCenter 1st floor
Registrant City: Victoria
Registrant State/Province:
Registrant Postal Code: 3341
Registrant Country: SC
Registrant Phone: +248.2482032827
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: domains@offshore-hosting-service.com
Registry Admin ID:
Admin Name: Jeremiah Haselberg
Admin Organization: Offshore Hosting Solutions Ltd.
Admin Street: Oliaji TradeCenter 1st floor
Admin City: Victoria
Admin State/Province:
Admin Postal Code: 3341
Admin Country: SC
Admin Phone: +248.32724
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: domains@offshore-hosting-service.com
Registry Tech ID:
Tech Name: Jeremiah Haselberg
Tech Organization: Offshore Hosting Solutions Ltd.
Tech Street: Oliaji TradeCenter 1st floor
Tech City: Victoria
Tech State/Province:
Tech Postal Code: 3341
Tech Country: SC
Tech Phone: +248.32724
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: domains@offshore-hosting-service.com
Name Server: ns1.cloudns.net
Name Server: ns2.cloudns.net
Name Server: ns3.cloudns.net
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2014-01-20T11:49:26Z <<<

domain:        OCTAVIAN.SU
nserver:       jack.ns.cloudflare.com.
nserver:       leah.ns.cloudflare.com.
state:         REGISTERED, DELEGATED
person:        Private Person
e-mail:        fpolev@mail.ru
registrar:     RUCENTER-REG-FID
created:       2013.01.13
paid-till:     2015.01.13
free-date:     2015.02.15
source:        TCI

Last updated on 2014.01.21 00:31:35 MSK

~$ whois rescator.la
Domain ID:CNIC-DO1009346
Domain Name:RESCATOR.LA
Created On:2013-02-21T01:24:13.0Z
Last Updated On:2013-12-27T12:53:29.0Z
Expiration Date:2014-02-21T23:59:59.0Z
Status:SERVER UPDATE PROHIBITED
Status:SERVER HOLD
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:CLIENT DELETE PROHIBITED
Status:SERVER TRANSFER PROHIBITED
Registrant ID:WN18395382T
Registrant Name:Private Registration
Registrant Organization:rescator.la
Registrant Street1:Rm.804, Sino Centre, Nathan Road
Registrant City:Kln Hong Kong
Registrant State/Province:Hong Kong
Registrant Postal Code:582-592
Registrant Country:HK
Registrant Phone:+852.23840332
Registrant FAX:+0.0
Registrant Email:rescator.la@domainsproxy.net
Admin ID:WN18395383T
Admin Name:Private Registration
Admin Organization:rescator.la
Admin Street1:Rm.804, Sino Centre, Nathan Road
Admin City:Kln Hong Kong
Admin State/Province:Hong Kong
Admin Postal Code:582-592
Admin Country:HK
Admin Phone:+852.23840332
Admin FAX:+0.0
Admin Email:rescator.la@domainsproxy.net
Tech ID:WN18395384T
Tech Name:Private Registration
Tech Organization:rescator.la
Tech Street1:Rm.804, Sino Centre, Nathan Road
Tech City:Kln Hong Kong
Tech State/Province:Hong Kong
Tech Postal Code:582-592
Tech Country:HK
Tech Phone:+852.23840332
Tech FAX:+0.0
Tech Email:rescator.la@domainsproxy.net
Billing ID:WN18395385T
Billing Name:Private Registration
Billing Organization:rescator.la
Billing Street1:Rm.804, Sino Centre, Nathan Road
Billing City:Kln Hong Kong
Billing State/Province:Hong Kong
Billing Postal Code:582-592
Billing Country:HK
Billing Phone:+852.23840332
Billing FAX:+0.0
Billing Email:rescator.la@domainsproxy.net
Sponsoring Registrar ID:H129924
Sponsoring Registrar IANA ID:460
Sponsoring Registrar Organization:Web Commerce Communications Ltd
Sponsoring Registrar Street1:Lot 2-2, Incubator 1, Technology Park Malaysia
Sponsoring Registrar Street2:Technology Park Malaysia
Sponsoring Registrar Street3:Bukit Jalil
Sponsoring Registrar City:Kuala Lumpur
Sponsoring Registrar State/Province:Wilayah Persekutuan
Sponsoring Registrar Postal Code:57000
Sponsoring Registrar Country:MY
Sponsoring Registrar Phone:+603 8996 6788
Sponsoring Registrar FAX:+603 8996 8788
Sponsoring Registrar Website:http://www.webnic.cc
Name Server:JACK.NS.CLOUDFLARE.COM
Name Server:LEAH.NS.CLOUDFLARE.COM
DNSSEC:Unsigned

The sites that Rescator and friends have set up are an arcology on the internet for underground (almost) carding forums. As at the top of the page (see maltego map) you can see that they all can be connected together either by registration data or links to one another to and from their domains. One interesting bit is the fact that a couple of the sites were registered our of the Seychelles by “Jeremiah Heisenberg” which has a checkered past with sites ranging from online poker for bitcoins to outright scams including takedown notices from MPAA. It seems that perhaps the nearest thing to a real financial entity that can be found in the intelligence gathering I did today was this company (likely a shell company) that could be a means to an end in laundering funds and cleaning them. As to whether or not Rescator and the others are a part in this or are just the mules (so to speak) is the question I still have and it will take more looking to see. In the end though this constellation of sites and their spidering out to many many others both on and off of the darkweb is the primary means for volume trafficking in stolen credit data and PII as well as bank accounts and access to financial institutions. In other words, a real and credible threat.

THREAT INTELLIGENCE AND ANALYSIS:

I have been looking into these sites and the players for a little while now and I have to say that with the lack of OPSEC I would think they would be easy targets for takedown. What has been bothering me now since I started this Odyssey is that companies like Target as well as the banks out there lack any true intelligence gathering apparatus to actually monitor these sites and get insight into what is happening. Ok, I know this may sound a little out there to some and that I am asking for companies and banks specifically to have working intelligence apparatus but really, isn’t that the only real way to have a fighting chance here? Had the banks or some firms out there been doing what Krebs has been doing perhaps this attack would have been at least prepared for a little bit if not stopped due to intelligence gathering from these fairly open sites? My analysis that stemmed from about a day’s worth of looking backstops Krebs data and even goes further and really, I did not put all that much time into it. Imagine what could be done with the proper analysis and heads up on such POS malware as was plainly for sale and talked about in these forums?

It will be some time until the Target kerfuffles dust has settled but I would like to advocate more HUMINT and OSINT like Krebs has been doing by analysts either selling this as a service or perhaps in house operations that at the very least can spend some time Googling or using Maltego to determine just what is happening out there in these not nearly opaque bulletin boards. As I write this though I am wondering whether or not the simplest answer here is that the banks just don’t care because in the end the costs will circle back to the clients in the form of fee’s. This reasoning serves the cognitive dissonance within the financial sector that says it’s not their fault, it’s not your fault, but hell there is nothing we can do about it. I should think that more proactive approaches to anti-fraud methodologies might be better but who knows what they are thinking. Overall this kind of crime will continue both big and small because the companies make it easy for the criminals to hack them (bad passwords and processes etc) as well as the lackadaisical leze fair  attitude on the part of the credit corporations and banks persist. The real loser though will be the client who has to deal with bad credit through identity theft, loss of funds that may or may not be guaranteed, and generally being the product for sale by these miscreants.

K.

Written by Krypt3ia

2014/01/20 at 21:53

ASSESSMENT: Edward Snowden KGB Asset

with 4 comments

snowmanpootykgb

THE SNOWDEN AFFAIR:

Since the revelations began and the man without a country odyssey started all of our lives have changed at a fundamental level regarding our digital and private lives. The now million plus document trove is being parsed out by Glen Greenwald and others for the public to get a look into the inner workings of the state surveillance apparatus much to the consternation of the IC as well as the government and the dismay of the public. However you look upon Mr. Snowden and his choice you have to admit that the information does lend an insight into the great potential for abuse of the apparatus that the NSA has put together no matter what they may tell you they are doing or not doing to protect us. You see the point is no matter what alleged safeguards and altruism may lie within the apparatus and it’s employees it’s still ripe for abuse that will never see the light of day because it’s all classified and codified by the government. This is the point of the exercise as I see it from Mr. Snowden’s point of view and the aegis behind his doing what he did. Of course from day one darker minds would make assertions that there were darker geopolitical machinations at play and this was all just a dastardly plan to destroy us as a country. Of course as the passion play played out it was first China, the go to country for all our woe’s of late (APT etc) but as time wore on and Snowden found a perch in Russia, it’s now “clear” to some in the government that the plot was in fact Russian all along.

KGB ASSET:

Mike Rogers has been the bell ringer on the idea that Snowden from the get go was in fact a handled and groomed asset by a foreign power. His most recent bellowing without any real evidence is that Snowden was in fact an asset for Russia from the start and furthermore that all of this was done to damage the US and seek primacy once again on the international stage. Of course as I mentioned already Mike cannot offer any evidence and he alludes to “secrecy” of the data but in reality until you have proof that you can emphatically state and present the people it’s all just wild speculation and a form of conspiracy or propaganda in and of itself. While it is possible that Snowden was from the start an asset of the KGB  FSB, the evidence thus far for motive, methods, and follow through are somewhat thin and I cannot go on the record as thinking he was handled from the start by Russia or any other nation state. The fact that Snowden ended up in Russia at Sheremetyevo may in fact be because of the machinations of Assange and Wikileaks brokering the deal to get him there and then to get him allowed into the country not as a plan all along. There is more evidence to say that this is in fact the case then there is of any KGB FSB actions.

OCCAM’S RAZOR:

Using the paradigm of “Occam’s Razor” here let’s run through the possibilities on whether or not the claims being made by Mike Rogers and others out there that this was a carefully planned operation that cultivated Ed Snowden to become the largest leaker in history.

  • Ed Snowden is a naive individual who became through a sequence of events, an administrator within the IC networks and began to see things he thought were illegal and immoral
  • He used his knowledge of hacking and technologies to accumulate data through his own administrative access and social engineering
  • Once he saw the data he decided to leak all that he could and after seeing what happened to Manning made a plan to go to a country that in all the spy novels is easy to infiltrate and ex-filtrate out of
  • The NSA itself had poor OPSEC and threats from insiders were poorly covered thus making this possible (proven to be the case)
  • The NSA could not even keep track of internal access and exploitation (proven to be the case)
  • He contacted the press and was turned down by some until he met Greenwald and Poitras who then planned with him how to release the data and to firewall Snowden off
  • While in HK it became clear he could not stay there once the NSA/USA/UKUSA and other apparatus began working in the background to extradite him
  • Poitras, Greenwald, and then Wikileaks ex-filtrated Snowden out of HK and to Russia where a brokered interim solution of the airport no mans zone was at least possible
  • Snowden is a prize for the KGB FSB after the fact from not only an intelligence perspective but also a political one that thumbs its nose at the US (a win win for Putin)

 

  •  Edward Snowden was a carefully orchestrated long term asset by the KGB FSB trained by them to infiltrate the NSA and then use his domain admin/root access to steal them blind, exploiting their logical and technical vulnerabilities who they then ex-filtrated to HK and to Russia as a smoke screen for their own operational cover
    • Snowden was handled by KGB FSB for years while coming up the ranks as an UN-credentialed cleared individual clearly taking advantage of the US’ lax clearance and oversight process post 9/11
    • Snowden was in contact with Russia from the start and is a consummate operator perhaps even a cleverly created cutout sleeper agent
    • Once gathering all the data Snowden then passed it to Russia for them to digest and then leak to the world to cover their own operations and shame the US
    • Snowden is now a hero of the state in Russia and will get a hero’s treatment with access to all that Russia can offer in the post Soviet Oligarchy (inclusive Anna Chapman visits)

Hmmm is it just me or does the razor only really cut one way?

ANALYSIS:

My take on the whole affair is that Snowden was not a paid/cultivated/handled asset of the KGB FSB nor do I think that he was aided in any way by Russia in carrying out this leak/exploit. What I do think is that he is naive but also that what he was seeing, what we are all now seeing today in the news made him feel that the accumulation of power in a central secret body was anathema to freedom and the American ethos. As we have seen in the news there have been many things that the government has allowed, even shall we say promulgated, that are clearly violations of the US Constitution no matter the inveigling that might occur by those in power as to it’s legality. So I for one can see why someone like Snowden might do what they did outside of their own propensities for spy novels and a sense of right and wrong.

The realities are that no matter the attestations by those running the programs and their need to use them, there is always a chance of their abuse and subsequent burial of the facts through classifications and National Security letters as we have seen these last years. Were egregious abuses happening and are they still today? I am sure there are some, after all this is nothing new and all you need do to confirm that is Google Quis custodiet ipsos custodes? or look just to recent history with the Plame Affair to see how abuses can and have happened. So is it really outside the pale for someone with a conscience and perhaps an overactive imagination to think that great wrongs are being committed in all our names? I think that while there may have been no abuses “may” I also think that the capacity for abuse and the infrastructure to hide them is easily seen within the current architecture of the IC apparatus of the NSA and their programs. After all, if you want to ask about the idea that if you have nothing to hide you have nothing to fear, I ask you to tell me just exactly how you feel every time you go through a TSA checkpoint at the airport today.

Finally, I would also like to touch on the idea that the governments own hubris and now embarrassment is firing the boilers on this whole blame game that Snowden is in fact a handled asset of the Russians. I think that the NSA/USGOV and IC community feel the sting of their inadequacies as they have been laid bare for all to see. You see, Snowden did not carry out some 3l33t hacking here to gather the data. He used common techniques and vulnerabilities within the NSA and other government IC bodies to steal data and put them all on a USB stick and then walk out with them. It’s a simple trick and the top of that list is actually just socially engineering people for their passwords within the confines of the most secretive and secret IC shops in the world. Now that has to sting a bit wouldn’t you agree? So there is shame all around here on the part of the government and it puts them all in a weak position tactically. The reactions of all those at play seems to be more along the lines of dialogue from a playground spat rather than state or spycraft and it’s sad really. As the immortal words of GW Bush can attest;

“There’s an old saying in Tennessee – I know it’s in Texas, probably in Tennessee – that says, fool me once, shame on – shame on you. Fool me – you can’t get fooled again.”

To me, it seems that Snowden just did what he did because of a myriad reasons that also include a certain amount of self aggrandizement. However, I can point to things in our own history and to popular media that may explain why someone might do something like this on the grounds that they think it’s illegal, immoral, and against the tenets of the USA. While POTUS is right about how important these types of programs can be in the war on terror and the every day intelligence gathering that every country needs to survive, it should also be possible to have some level of oversight to disallow for abuses of power to happen and happen with great frequency due to over classification. These are fundamental changes that should occur but the reality is that the very nature of the work being done and the culture within it’s halls will stoip any real progress being made. In the end nothing will change and the NSA will continue to collect all the data it can like a giant hoover-matic for later sorting and use.

Having grown up in the era of Nixon though, and other revelations like Iran Contra, I for one not only know that these things will continue to happen but that they have in the past and should be in our collective consciousness. Unfortunately many do not remember and the only entree into such ideas may in fact be cinema… I leave you with this scene from “Three Day’s Of The Condor”

Not everything in cinema is just fantasy…

“scr hrw lgihr kzpzz cwl nci pjwt”

Written by Krypt3ia

2014/01/20 at 14:25