Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Forensic Psychology’ Category

Anonymous vs. Anonymous: Enough Hubris To Go Around

leave a comment »

The nameless revolution that calls itself Anonymous may be about to have its own, online civil war.

A hacker startup calling itself Backtrace Security–made up of individuals who formerly counted themselves as part of Anonymous’ loose digital collective–announced plans Friday to publish identifying information on a handful of active members of Anonymous. According to one source within the Backtrace group, it will release the names and instant messaging logs of dozens of Anonymous hackers who took part in attacks onPayPal, Mastercard, the security firm HBGaryWestboro Baptist Church, and the Marine officials responsible for the detainment of WikiLeaks source Bradley Manning.

That spokesman, who goes by the name Hubris and calls himself BackTrace’s “director of psychological operations,” tells me that the group (Backtrace calls itself a company, but Hubris says it’s still in the process of incorporating) aims to put an end to Anonymous “in its current form.” That form, Hubris argues, is a betrayal of its roots: Fun-loving, often destructive nihilism, not the political hacktivism Anonymous has focused on for much of the past year. “[Anonymous] has truly become moralfags,” says Hubris, using the term for hackers who focus on political and moral causes instead of amoral pranks. “Anonymous has never been about revolutions. It’s not about the betterment of mankind. It’s the Internet hate machine, or that’s what it’s supposed to be.”

The rest is HERE

“Cyberdouchery” it’s a term coined within the last year as far as I know for snake oil or hype mongers within the Infosec community. I have to say that this alleged group of ex-anon’s kinda fits the term for me. Whether it’s the reason that they state of being tired of Anonymous’ being moral fags, or the idea that they just want to get back to their troll roots, I pretty much just think its a publicity stunt. Of course, the darker side of me could see the way to believing that this is just some sort of psyop by person/persons unknown to get a reaction out of Anonymous.

I have written in the past about the herd mentality as well as convergence theory where it regards Anonymous. In each of those scenarios though, there is the idea that there are leaders. No matter the number of times Anonymous may say they are leaderless, I say that this is just impossible from the point both of these theories take. Even if someone is a leader for a day or minute, there is a leader, and there are followers, either anointed by the pack or by themselves. There are also the minions that do the work, such as the mods and the managers of the servers and systems. Those too could be seen as leaders within the infrastructure too. Now it seems though, that this new group is going to attempt to name leaders by use of social engineering and data collection.

… And that is what Aaron Barr wanted to do.. Well sorta… Then he shot himself in the foot with his own machine gun of hubris.

All in all though, this looks to be on the face of it, just an attempt at #LULZ by these folks at Backtrace. The use of the crystal palace image alone screams nearly the same shrill tune as using too many numbers in one’s nickname in leet terms. If you look closely though, you will see that they also claim to offer services such as “Cyber Espionage” *blink* Not counter intelligence nor counter cyber espionage, but cyber espionage. Just as they also offer cyber warfare and a host of other hot terms with cyber in them. That just reeks of the cyberdouchery I spoke of at the top of the post. So, in reality I don’t take this all too seriously.

I guess we will just have to wait and see what develops with this insurance file and the alleged outing that will happen…

There will be #lulz

K.

The force with no name: By Antonia Zerbisias of The Star

leave a comment »

 

 

The force with no name


Anonymous: Headless, Herd Mentality, or Convergence Theory Driven Entity?

with 10 comments

In my last couple of posts I took a look at what has been going on with Anonymous and HBGary Federal. Within those posts, I began musing on just how decentralised Anonymous really is. By looking at the overall picture of how Anonymous seems to work on the face of it, you might think that they are just a fluctuating group of online personae who sign up for certain operations that they desire to devote time to. However, no matter how many times I look at the big picture, I still see an underlying structure(s) that potentially have more static features that can be analysed and thus, allows for the potential of there being pseudo-anonymity.

Now, this may rankle some within the anonymous camp and likely will cause some comments here but, this is something that interests me as well as really is an academic thought experiment as opposed to Aaron’s little projects. So, you anon’s out there, take this post and my musings as food for thought as you go on about your anonymous lulz. I am not searching you all out to “out” you, just looking at an interesting problem.

With that said, lets move on to my theories.

Motivations, Drivers, Flocking, Herding, and Convergence Theory:

Before I go into the infrastructure of Anonymous as I see it, let me first go into the psychology behind the human side of Anonymous. This bears directly on the infrastructure due to the fact that humans online comprise the entity known as Anonymous. It is the psychology behind that human element, that give rise to the means by which they are carried out in a social media format. (i.e. the internet/IRC/Social media)

Human motivations can and are myriad, however, there are some basic desires that are fulfilled by action as a cohesive group. These desires or goals take shape in differing ways. In the case of Anonymous, they have aligned themselves with a “swarm” mentality, and I ascribed to that at first, but, after thinking about it quite a bit, I have come to the conclusion that a swarm does not really fit the patterns of behaviour exhibited by Anonymous. A swarm implies lack of thought and instead just reaction. The examples used before of bee’s or ants are good ones to use to show in fact, Anonymous does not resemble them. Instead, the Anon’s all have motivations as a whole and on their own individually that motivate them to act as they are. In this simple fact, the aspect of having self awareness and motives, shows that the allusion to swarming is a fallacy.

Instead, I propose that since humans are behind the actions of anonymous, and comprise its ranks, that other theories apply to them that come from a more humanistic approach, much of it being from psychology. The following theories apply as I see it.

From Wikipedia

Herd behavior in human societies
The philosophers Søren Kierkegaard and Friedrich Nietzsche were among the first to critique what they referred to as “the crowd” (Kierkegaard) and “herd morality” and the “herd instinct” (Nietzsche) in human society. Modern psychological and economic research has identified herd behavior in humans to explain the phenomena of large numbers of people acting in the same way at the same time. The British surgeon Wilfred Trotter popularized the “herd behavior” phrase in his book, Instincts of the Herd in Peace and War (1914). In The Theory of the Leisure Class, Thorstein Veblen explained economic behavior in terms of social influences such as “emulation,” where some members of a group mimic other members of higher status. In “The Metropolis and Mental Life” (1903), early sociologist George Simmel referred to the “impulse to sociability in man”, and sought to describe “the forms of association by which a mere sum of separate individuals are made into a ‘society’ “. Other social scientists explored behaviors related to herding, such as Freud (crowd psychology), Carl Jung (collective unconscious), and Gustave Le Bon (the popular mind). Swarm theory observed in non-human societies is a related concept and is being explored as it occurs in human society.

Information Cascade:

An information (or informational) cascade occurs when people observe the actions of others and then make the same choice that the others have made, independently of their own private information signals. Because it is usually sensible to do what other people are doing, the phenomenon is assumed to be the result of rational choice. Nevertheless, information cascades can sometimes lead to arbitrary or even erroneous decisions. The concept of information cascades is based on observational learning theory and was formally introduced in a 1992 article by Sushil Bikhchandani, David Hirshleifer, and Ivo Welch.[1] A less technical article was released by the authors in 1998.[2][3]

[4][5]

There are two key conditions in an information cascade model:
1. Sequential decisions with subsequent actors observing decisions (not information) of previous actors.
2. A limited action space (e.g. an adopt/reject decision).[6

Classical theories
The main idea of Sigmund Freud’s crowd behavior theory is that people who are in a crowd act differently towards people from those who are thinking individually. The minds of the group would merge to form a way of thinking. Each member’s enthusiasm would be increased as a result, and one becomes less aware of the true nature of one’s actions.
Le Bon’s idea that crowds foster anonymity and sometimes generate emotion has become something of a cliché. Yet it has been contested by some critics, such as Clark McPhail who points out that some studies show that “the madding crowd” does not take on a life of its own, apart from the thoughts and intentions of members. Norris Johnson, after investigating a panic at a 1979 Who concert concluded that the crowd was composed of many small groups of people mostly trying to help each other. However, ultimately, leaders themselves identify themselves to an idea.

Theodor Adorno criticized the belief in a spontaneity of the masses: according to him, the masses were an artificial product of “administrated” modern life. The Ego of the bourgeois subject dissolved itself, giving way to the Id and the “de-psychologized” subject. Furthermore, the bond linking the masses to the leader through the spectacle, as fascism displayed in its public representations, is feigned:

“When the leaders become conscious of mass psychology and take it into their own hands, it ceases to exist in a certain sense. […] Just as little as people believe in the depth of their hearts that the Jews are the devil, do they completely believe in their leader. They do not really identify themselves with him but act this identification, perform their own enthusiasm, and thus participate in their leader’s performance. […] It is probably the suspicion of this fictitiousness of their own ‘group psychology’ which makes fascist crowds so merciless and unapproachable. If they would stop to reason for a second, the whole performance would go to pieces, and they would be left to panic.”[1]

Edward Bernays (1891–1995), nephew of psychoanalyst Sigmund Freud, was considered the father of the field of public relations. Bernays was one of the first to attempt to manipulate public opinion using the psychology of the subconscious. He felt this manipulation was necessary in society, which he felt was irrational and dangerous.

Convergence theory

Convergence theory holds that crowd behavior is not a product of the crowd itself, but is carried into the crowd by particular individuals. Thus, crowds amount to a convergence of like-minded individuals. In other words, while contagion theory states that crowds cause people to act in a certain way, convergence theory says the opposite: that people who wish to act in a certain way come together to form crowds. An example of convergence theory states that there is no homogeneous activity within a repetitive practice, sometimes observed when an immigrant population becomes common in a previously homogeneous area, and members of the existing community (apparently spontaneously) band together to threaten those trying to move into their neighborhoods. In such cases, convergence theorists contend, the crowd itself does not generate racial hatred or violence; rather, the hostility has been simmering for some time among many local people. A crowd then arises from convergence of people who oppose the presence of these neighbors. Convergence theory claims that crowd behavior as such is not irrational; rather, people in crowds express existing beliefs and values so that the mob reaction is the rational product of widespread popular feeling.

My money though is on Convergence Theory. While herd mentality works in many respects, the herd seems less actively motivating the outcome as it is reacting to external stimuli or a certain single entity moving them to “herd” in a specific direction. In Convergence Theory however, we have a more nuanced approach to understanding that like minded individuals congregate together socially and then as a crowd, act out on their collective consciousness. I believe that all of these behaviours and observations play a role in the macro-verse of Anonymous.

I also believe that at times, there are leaders who take up the issue that they feel needs redress and then start that herd moving toward a goal by beating the drum. Thus you have the chats and the boards where people take their digital soap boxes out and speak on the target, the reasons, and the method of attack. If the idea gets enough traction vis a vis the oration of the de facto leader at that time, then, a movement begins. Which brings me to the next topic.

Cells vs Spontaneous Headless Entities:

Anonymous has said many times and rather vociferously, that they are a headless organisation. I have always been of the opinion that no matter how many times they make that claim, it is functionally impossible. There will always be a core group of individuals that will be leading an operation. It is also the case that Anonymous is predicated on infrastructure that must be maintained. The IRC rooms, the servers, the web servers etc, all have people who operate them and manage them. In this respect, those persons would be the holders of the keys to the kingdom would they not? If a person in charge of such functions were to turn (or be turned) on the organisation, they could do massive damage to the org by being in charge of key assets.

I would further like to posit that for each “raiding party” as they may be called, would also have de facto leaders. An incidence of this can be seen in the WBC debacle in the response to WBC that claims 20 people had worked on the document. Those twenty people would nominally be leaders of that cell or operation by my accounts. So, to extend this further, for every operation there must be a division of roles and responsibilities doled out to function, it is just our nature to do this. If Anonymous were truly a chaotic system, nothing would get done effectively.

Cells however, also fit as an modus operandi for Anonymous. When I say cells I mean this from the perspective of cells in terrorism. Al Qaeda, as a functional operation has been winnowed down to the point of only being a titular entity in the jihadi movement. Due to the war on terror, AQ has shifted their operations from being rather linear to a cell mentality. All of the cells out there are pretty much self formed at present. The cells consist of like minded people who get subtle and not so subtle information/mandates from the AQ HQ via things like “Inspire Magazine” or the jihadist boards. The same can be applied to the structure of Anonymous. There are still those people who are making suggestions and or are outright perceived leaders, that can be singled out as targets of interest. This may not be the case every time, but, by using the information above on motivations and crowds, you can infer that it is the case more times than not.

Nick Re-Use as De-Anonymization:

Now, once you consider the motivations and the structures that are created or used, one must then consider how would someone go about trying to determine targets of interest. In the case of Anonymous this allusion had been made (poorly) by Aaron Barr. He went after certain parties that he claimed were in fact the core leaders of Anonymous. I can’t say that any of those names were in fact core leaders, however, I will say that the nicknames themselves could have been used to gain intelligence on said users and indeed prove their affiliation.

My premise is this;

1) The more unique a nick is the easier it is to track

2) Nickname re-use on other sites in tandem with uniqueness makes tracking and expanding on social connections easier

3) With the right foot-printing, one can potentially get enough information not only to see affiliations and actions, but also real names of individuals

So, if you are on the Anon boards and you re-use your nick, AND it is unique enough, I know that you can be tracked. Add to this the notion that you use your nick as an email address, then you are adding even more context for someone to search on and cogently put together patterns for recognition. So, the more data points, the more coherence to the picture if you see what I mean. By using tools like Maltego or even Palantir correctly, one can make those connections. In the hands of a trained analyst, the data can really show a person’s online personae and lead to enough data being revealed to have law enforcement breathing down your neck with warrants.

In looking at the Anon sites, one can see regular names turning up. Using Maltego on some of those names have also given returns that would be a good start on locating those people because the used the same nickname for other uses that are inherently insecure. Which is ironic as Anonymous is supposed to be just that. In fact, one can log onto their IRC session just as “anonymous18457” etc. I would do this every time I wanted to go onto their servers so as not to have too much residual data for someone to mine.

Aaron was right in that people are inherently lazy at times. We as a species are also ill equipped to delineate long term threats as opposed to near term. In most cases though, many of the Anon’s are in fact young and likely inured to the idea that the Internet is in fact an anonymous space.

It isn’t, unless you take pains to make it so.

Conclusion:

So there you have it. I have been pondering this for a little while now. I am sure there will be more as I think about it a bit. Aaron was a fool, but let me tell you, there are others out there in spook country who aren’t. These techniques are no secret nor are the theories of behaviour. These are common ideas that are used within the psyops realm and you, “anonymous” legions must take that into account. If the authorities cannot get the core members, they will eventually get round to going after the low hanging fruit.

However, with these techniques, even someone diligent about their anonymity can be defeated. Everyone makes mistakes…

Keep your wits about you.

K.

Gregory Evans: Psychological Profile of a Lackluster Conman

with 3 comments

Wow Mr Crabyolbastard, you failed the test just like I thought you would. This time you even got your wires all mixed up. You get a NO GO at this station. Sorry that you can’t play with the Big Boys without squeeling like a wild pig. Tut…Tut…Now What?

darby.chuck@yahoo.com
68.153.132.46

This crabbyolbastard guy has way too much time on his hands, but hey, he’s getting Greg more publicity. I tell you, Evans is probably the most popular guy in the cyber security industry! keep em talking Greg and continue to prove them wrong! Im rootin for ya!

…. And as for you, you crabby. old. bastard……. GET A LIFE!

dscraigen@gmail.com
68.153.132.46

Oh Greg, I have a life, and that life now includes removing you from the information security theater stage. You see, you came to me, not I to you in this matter, and well, you made a mistake in judgement with your “n01hack3r” thing. Greg, you pissed off the wrong people like I told you before, ya know, the aphorism about hackers being subtle and quick to temper? Well, you have more than a few out there in the “community” gunning for you now, and yet, you spend time on my blog reading it, looking up the big words on the “Googles” and responding via your cavalcade of BellSouth sip/adsl addresses claiming to be others while we know all along that its you. So this post has a couple of functions for me.. Let me lay them out for you.

1) I get under your skin.. I have a habit of doing that on this blog and well, I enjoy being the cause of your mental anguish. I intend to get further under your skin like an embedded tick. I plan on leaving you after this post with the nagging self doubt that haunts you in your silent spaces during the day. Think of me as your new personal Hannibal Lecter and you, you are my cell mate next door “Multiple Migs”

2) To outlay to the world in Neuro-Linguistic Programming, a picture of your inner workings, your fears, your failings, and generally, hasten you to your cataclysmic utter failure oncoming. All packaged up in a neatly ordered and well thought out analysis of you Greg.

So, lets get to it shall we? Oh, and Greg, when you respond, and I know you will, if you can’t follow the conversation even with my little links to help you with the big words, you will have to just move on over to the kids table, this is adult talk now.

Gregory,

I know where you are mentally right now. Your dreams of bling and cheap-n-easy young ladies are quickly becoming nothing but faded ambitions due to your age, your rapidly emptying bank accounts, and the light being shown on you as a charlatan and a con man. It must eat at you during the quiet moments all this failure, it haunts you I am sure. The reason why it does is not so much because you care at all for the shareholders of your company, but more so about your own dreams of self aggrandizement. Its all just a niggling feeling at the back of your mind and then you start to realize that soon, there will be nothing left and your charade will be completely exposed and it makes you break out in a cold sweat all alone at night doesn’t it?

And yet, instead of giving in and moving on to something else, you feel trapped and have to fight against the tide of reason. You strive on to show that you are really all those things that you claim to be, but know that you are not.

Successful

A knowledgeable man on subjects such as computer security

A pillar of the community

A God fearing and righteous man

A raconteur

Generally, a good guy

You must have those momentary pangs when you think of your mother, perhaps of your father, but I guess more about your mother, that she is proud of you. You know though, because you have lied and conned your way to where you are now that she likely is not. It is in these small moments when you are alone at night, that you realize that you are none of those things above. You look back at your life and you think about the places where you might have done things differently.. But, its too late now. This, this is the end of the line.

So it is, with each passing day post your being thrust into the light like a cockroach behind the fridge, your revenue stream being broken by the truths being told, that you increasingly see the only way to fight is to lie more, with more extravagance, and to use what little wits you have to attempt to sway the tide of press.

Yet again, at the end of each day, the failure comes to you at night like a specter doesn’t it Greg? Alone in your bed after all the gold digger girls have gone because you cannot afford them any more, it haunts you. You feel it though Greg, you can see the path to the pain’s release but you just aren’t man enough yet to take the path are you?

The path of admitting you are a failure. You had your time when you passed yourself off and bilked your friends, acquaintances, and shareholders, but those days are gone.

Painful isn’t it… No longer are you the big man Gregory…

Each day you are beset by the news on the internet. The truths being dug up about you and published. I assume the calls from your shareholders that you borrowed all that money from (600K+ last I looked) must be on their minds as you let it go to voicemail. Hard to avoid them too I suppose as you go out of the house or go into one of your marble gilded bathrooms. It must also haunt you, the knowledge that the people you thought you had hoodwinked now see the truths of it all.

Then the possible future teases into your mind. You could be going to jail again. This time, it may not be so short a stay and you know that you are going to have to nut up inside or be passed around for a pack of smokes. All those sticky painful incidents of being someone’s bitch inside must also go through you mind. One shudders to think.

So on you go, posting all kinds of press to make your “company” look better and try to resurrect it all. All in the hopes of those glory days of spending the capital that the shareholders give you for skyboxes, expensive cars, and coochie to impress all of those people you so want to be friends with.

The glitterati.

All the while though now, you know that this is not to be, and it pains you. After all, you are a prideful man aren’t you…

Sometimes though, you think about just disappearing… Starting over…. Perhaps you should.

Of course, then you’d be on the run from the charges surely to be filed. But, after all, you are better suited to running than you are to fighting. Cowardice seems to be your stock in trade. You make veiled threats through emails and you get hot quickly lately don’t you? It must be all the stress.

But you know, they (the security community and the authorities) will not go away…

Best to run Gregory… Before it all collapses in on itself further….

Listen to that niggling little voice Greg….

Written by Krypt3ia

2010/07/20 at 14:26