Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Narus STA 6400’ Category

JIHADI’S HOLD LEGION OF DOOM CON CALL!! WOULD YOU LIKE TO KNOW MORE?

with one comment

fednet

AZIJ XXRZ HMCKIDACVA GZ UZZW!

The Legion of DOOM!

Yesterday the camel’s back finally snapped in my head after reading a post on Harper’s Magazine entitled “Anatomy of an Al Qaeda Conference Call”  which the author called into question the whole story that was put out by the Washington Times and their “anonymous sources”  The paper claimed that Ayman Zawahiri and all the heads of the various jihadi splinter groups got onto their polycom phones and their SIP connections to have a “concall” as we say in business today.

You all may remember the heady headlines in the last couple weeks where the mass media picked up on this story and began scribbling away on how the so called jihadi “Legion of Doom” dialed in for a sooper sekret meeting to plan the end of our Western Civilization. Now, I am sure some of you out there have seen my screeds (140 chars at a time more so recently) on just how we get played too often by the media and the government on some things but this, this is just epic stupid here. If you or anyone you know believed any of this claptrap coming from the media please seek psychiatric attention post haste.

Let me tell you here and now and agreeing with the article cited above, that the “LOD” did not have a skype or asterisk call to plan our downfall. At the most they likely had a meeting of the minds in a chat room somewhere within the jihadist boards out there or had a server set up somewhere for them all to log into an encrypted chat. I lean towards the former and not the latter as they usually lack subtlety online. Though, given the revelations from Mssr “Snowman” I can see how the prudent Ayman would want this to be on it’s own server somewhere and for people to authenticate locally and encrypted on a system that does not keep logs… But I digress…

Suffice to say that a group of leaders and minions thereof got together for a chat on <REDACTED> and that they talked about plans and ideas (from hereon I am going to coin the term ideating) for the destruction of the West and the raising of a new global caliphate. Does that sound familiar to you all? Gee, I can’t seem to put my finger on where I have heard that one before. … So yeah, there was a meeting, there were minions, and there were plans but here’s the catch; NOTHING WAS SAID THAT ALLUDED TO A REAL PLAN! No, really, there wasn’t any solid evidence that prompted the closing of the embassies all over. It was a smoke and mirrors game and YOU all were the captive audience!

As you can see from the article cited there seems to be a lot amiss with all of this now that some reality has been injected into the media stream of derp. Why was this all brought to you in the way it was put out there by the media? Was it only the demented scribblings of one reporter seeking to make copy for his dying paper? Or was there more to it? Was there a greater plan at play here that would have the media be the shill to the duping of the public in order to make them see say, the NSA in a different light in these times of trouble for them?

Makes you wonder huh?

DISINFORMATON & OPSEC

So yeah, a story comes out and there are “sources” sooper sekret sources that are telling the reporter (exclusively *shudder with excitement*) that the Great Oz of the NSA has intercepted a LIVE call with the LOD and that it had scary scary portents for us all!

WE. ARE. DOOMED!

That the NSA had help prevent a major catastrophe from happening because they had the technology and the will to listen in on a conversation between some very bad dudes like Ayman and the new AQAP leaders plotting and planning our cumulative demise.

*SHUDDER*

The truth of the matter though is a bit different from the media spin and disinformation passed on by the so called “sources” however. The truth is this;

  • The “con call” never happened. There was no set of polycoms and Ayman is not a CEO of AQ.
  • The fact is that Ayman and many of the other “heads” of the LOD were not actually there typing. It was a series of minions!
  • The contents of the “chat” were not captured live. There was a transcript captured on a courier that the Yemeni got their hands on and passed it on to the Western IC. (So I have heard, there may in fact be a chance they captured the stream using this guys acct) the Yemeni that is, not so sure it was us.
  • As I understand it, there was nothing direct in this series of conversations that gave any solid INTEL/SIGINT that there was a credible threat to ANY embassies.

There you have it. This has been WHOLLY mis-represented to the Amurican people. The question I have is whether not there was an agenda here on the part of one of the three parties or more.

  • Right wing nutbag Eli Lake
  • The “anonymous sources of intel”
  • The “anonymous sources handlers”

These are the key players here that I would really like to get into the box and sweat for a while. After the madness was over and sanity let it’s light creep into the dialog, we began to see that these so called sources were no more or less better than “CURVEBALL” was during the run up to the Iraq war. In fact, I guess you could say they were less effective than old curveball because we did not actually go into another half baked war on bad intelligence this time did we?

Another question that should be asked here is why was this information leaked in this way to the press on an ongoing operation that I would say might be pretty sensitive. I mean, you have a channel into a chat room (or *cough* con call as the case may be har har) that you could exploit further and yet you decide to close all the embassies and leak the fact that you have closed said embassies because you intercepted their sooper sekret lines of communication?

*blink blink*

Holy what the Hell? What are you thinking POTUS and IC community? Oh, wait … Let me ideate on this a bit….

  • The intel community is in the dog house right now because of the SNOWMAN FILES yup yup
  • So a WIN would be very very good for PR wouldn’t it? I mean you don’t have to hire a PR firm to figure this one out right?
  • HOLY WIN WIN BATMAN! We tell them we foiled their plans using sooper sekret means that the public hates for infringing on their “so called” rights and we can win hearts and minds!

Could it be that simple?

All joking aside though, think about it. Why blow an operational means of watching how the bad guys are talking UNLESS it was never something you really had access to in the first place right? You could win all around here (though that seems to be backfiring) IF the Yemeni passed this along and it was after the fact then how better to make the AQ set abandon the channel by saying you had access to it?

Right…

How better also to try and get a PR win by alluding (ok lying lying lying with pantalones on fire!) that you had compromised (you being the NSA and IC here) said channel! I guess overall the government thinks that the old axiom of “A sucker born every minute” still applies to wide scale manipulations of stories in the media to sway thought huh? Oh and by the way, if any of you out there think this is just too Machiavellian I point you to all those cables dropped by Wikileaks. Take a look at the duplicity factor going on in international realpolitik ok?

Political Wag The Dog

It seems after all once all the dust has settled that either one of two things happened here;

  1. Eli Lake did this on his own and played the system for hits on his paper’s page
  2. Eli Lake was either a witting or un-witting dupe in this plan to put out some disinformation in a synergistic attempt to make the IC and the government look good on terrorism in a time where their overreach has been exposed.

It’s “Wag The Dog” to me. Well, less the war in Albania right? I suggest you all out there take a more jaundiced eye to the news and certainly question ANYTHING coming from “ANONYMOUS SOURCES” on NATSEC issues. It is likely either they are leakers and about to be prosecuted, or there is a cabal at work and DISINFORMATION is at play using the mass media as the megaphone.

Sorry to sound so Alex Jones here but hell, even a clock is right twice a day.

K.

 

Creating Your Own Privacy & ROI

leave a comment »

img courtesy of XKCD http://xkcd.com/

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Preamble

With all the alleged revelations over the drift net surveillance happening to us all by the government I and others have been pondering the processes needed to protect one’s communications online and over the phone. Wired and other venues have put out reasonably ok articles on this but generally I think they have lacked on the ROI factor for the varying degree’s of surveillance that has been carried out for some time now, not just the NSA with PRISM. The immensity of it all I think can put one off on the idea of being able to keep their privacy especially given the pains that one must take to keep it on the nation state scale. However, there is much that could be done to have a modicum of privacy but one just has to understand the idea of OPSEC and have some technical base to work from in order to use the technologies such as TOR or CRYPTO in the first place. It is another thing altogether to keep that mindset every day and to understand the import of their use and the cause and effect that comes from failing to use them.

PRISM and NATION STATE SURVEILLANCE

As Ali (@packetknife) alluded to on the “Loopcast” recently with me, the idea that someone can completely deny the nation state program of surveillance is a tough one to swallow today. We all are connected to the net in some way whether it be your smartphone or some other connected device that we carry with us 24/7. In the case of the smart phone the utter and total pwn that goes on there is spectacular to think about. There is no need for tinfoil hat conspiracies about barcode tattoo’s on one’s neck here, all you really need is an iPhone and connectivity to know quite a bit about a person. This is why the metadata issue is a big one and people are seemingly unable to comprehend it. Let me clarify this for you all by also saying that not only are the calls to and from being easily monitored and mined (stored later for perusal when needed) by the NSA it seems, but also the GPS data as well. Remember the hubbub over the Apple collection of GPS data on the phones a couple years back? Remember the outrage on some parts over this? Well, now look at that in relations to how much of that data is accessible by the government too in this program. More to the point and this has not really been talked about, but are they correlating that data as well in the phone surveillance being carried out? My assumption is yes but like I said that seems to have been dwarfed and drowned out by the PRISM revelations.

Ok so now we are being data mined and correlated on the phone calls we make (metadata). Of who we are calling, how long we are talking, and when as well as  the GPS (location) as well?  All of that data is very informational about the habits of a person alone but start to analyze it from a personal and psychological perspective and you can build quite the dossier on someone without even having to listen to their conversations. Which I hasten to add that there are rumors of the caching of conversations generally not just under warrant from FISA. At this level, the nation state level of surveillance, one cannot hope to really be secure in their communications using technologies as they are because of the access the government has built for themselves post 9/11 with the Patriot Act as it’s fulcrum. Access mind you that we are giving them by proxy of the devices we buy and the services that provide the connection because without them we have no way to communicate other than in person or pen to paper with the post offices help right?

All of this though does not mean that the government is spying on you now. What it means though is that the legalities have been created or bent to the will of the government to have the illusion that the wholesale collection of all kinds of data for later use of anyone using these systems is legal. It also means that no matter the protestation of the government and the law enforcement bodies that they take all due care not to collect/use/surveill you vis a vis your data that there is a chance that someone within the system “could” and “might” do so outside of the rules and that is the problem here … Well other than the Constitutional, moral, and ethical issues that is. Just because it is against the rules does not mean someone won’t do it if they have the access. You know.. Like EJ Snowden having access to highly classified data that perhaps he shouldn’t have? Or furthermore the availability of Mr. Snowden being able to insert a USB drive into systems and siphon off said data to give to the press or anyone who’d listen right?

PRIVATE SECTOR or THE LITTLE SISTERS

Another issue that seems to be taking a back seat here is the notion of the Little Sisters to Big Brother. This idea springs from something I alluded to above in that the corporations that offer you the services (Gmail/ATT/Facebook etc) all collect data on you every minute of every day. They use this data for advertising, data mining, selling that data to other companies to form synergies on how to sell you on things etc. It is this practice of collecting all this data on us and our complicity in it that has given rise to the drift net approach that the government has taken with the surveillance programs like PRISM. The government is simply leveraging the capacities that are already there in the first place! You want to blame someone for this mess? Look in the mirror as you have allowed your data to be collected in the first place. YOU have placed your minute details out there on the internet to start with in email or posts to Twitter and Facebook for example. YOU are the culprit because you fail to understand OPSEC (Operational Security) and just scattered it on the net for anyone to see.

Of course other bits are more arcane. Cookies, tracking data within browsers and the like also give away much data on who you are, what you like, and allow the marketers to tailor ads for you when you go to sites that pay for the services. The aggregate of all of this data makes a digital portrait of you that unless you take pains to disallow the collection, will be sold and used by the corporations to package YOU as the commodity. I mean, how do you think Facebook works? It’s a social contract to connect to others and allow Facebook to make money off of your habits. Zucky is not in this to win a Nobel Peace Prize here ya know.

So when you think about all this surveillance going on please remember that you are complicit in it every time you surf the web, make a facebook post, a tweet, or send an email unencrypted (Google analytics kids) because they are all sifting that data to “get to know you better” *cough* It’s just a friends with benefits thing as the government see’s it being able to just hit them with an NSL and plant a server in the infrastructure to cull the data they want. As long as it doesn’t effect the bottom line (money) for them I suspect their worries about privacy are, well, pretty low on average. I mean after all you have already signed away your rights have you not? The little sisters are insidious and subtle and I am afraid they have already become metasticized within the society body.

The Only Privacy You Can Have Is That Which You Make Yourselves

“The only privacy that you have today  is that which you make for yourself” is something I said a while back on a blog post or podcast and I still stand by it. It seems all the more relevant in the post Snowden world today. By creating privacy I mean leveraging technologies like encryption to keep your communications private and OPSEC to consider how you transmit information over the internet and telco. There are inherent problems though with all of these things as you can always make a mistake and end up leaking information either technically (an instance would be logging online with your own IP address to something) or process wise like putting your current location on Facebook and saying you’re on vacation for two weeks. It is all a matter of degree though and even if you are practicing OPSEC there are things outside of your control when the nation state is looking to spy on you. There are just no two ways about it, you can only fight the nation state so much with technology as they have more resources to defeat your measures eventually by end run or by brute force.

On the level of defeating the little sisters, well the same applies but with limitations. You can in fact surf the net on TOR with NOSCRIPT, cookies disallowed and on an inherently anonymized OS on a USB stick right? The little sisters can only do so much and they only interact when they see a profit in it. They after all are not looking to be voyeurs just for the fun of it. They want to sell you something or sell you as metadata right? However, if you start to anonymize yourself as much as you can and you are diligent about it you can stop the Little Sisters which in turn may minimize what the Big Brother can use too. The caveat is that you have to take pains to do this and you have to know what you are doing. There are no magic easy button offerings on the shelf that will hide you from them all and if you care then you will take the time to learn how to perform these measures.

ROI On Privacy

Finally, I would like to take stock of the fight here that you need to take on and what the ROI is for each adversary involved. In reality unless you go off the grid, change your identity and never touch another piece of technology ever again there is a high likelihood that your information will be tracked. One may in fact create a separate identity to pay bills with and use that one to surf online as well as other things but that is an extreme just like the idea of becoming a Luddite. There must be a middle road where you can feel that you are protecting a certain portion of your lives from the unblinking eye of the companies and governments that own or access the technologies that we use every day. You have to though, understand all of this and accept that in the end you may fail at keeping your privacy yours and yours alone. Come to grips with this and be smart and you can have a modicum of success if you are diligent.

A for instance of this ROI would be on the phones. If you TRULY want to be private then you have to lose your smartphone that you have billed to you and buy a burn phone. Cash is king and there is no information taken if you do it right. The unfortunate thing is that you then have to call only others who have the same burn phones out there without any metdata that ties it back to their real identities. You just try getting mom and dad to buy burn phones to talk to them on… It’s not that easy. So really, some of the ROI is minimized by the nuisance factor. The same can be said for the lay individual who is not going to go buy encryption products nor are they capable of installing a Linux system and running something like GPG. This is not going to work for everyone as well as not everyone is going to care about their privacy as the recent Pew poll showed where 56% of polled ok with surveillance program by NSA.

In the end it all comes back to the idea that you create your own privacy by your own actions. Do not trust that the government is going to protect your privacy and certainly don’t believe that the corporations will either. I mean, just look at how many spectacular fails there were on passwords that weren’t hashed or encrypted in any way by companies hacked by LulzSec. As well you should not trust the government, no matter how well intended, that they will be ABLE to protect your privacy as we have seen with recent events like Brad Manning’s theft of (S) data as well as now Snowden (TS/SCI) The actions of one person can be the downfall of every carefully crafted system.

So what is the ROI here? Well….

NATION STATE:

Crypto and anonymized traffic online will minimize your footprint but eventually they will break you if they want to. You have to be exceptional to fight the nation state level of surveillance. As for the driftnet out there well, unless you go luddite they have a lot of data to sift and commingle. They have a pretty good picture of who you are and much of that comes from the little sisters. Your ROI here is minimal because they have the power and the thing you MUST remember is that CRYPTO IS YOUR FRIEND!! Encrypt sessions for chat and emails and you will leave them with the task of either having to break that crypto or hack your endpoint to see the plain text. Make them work for it. Otherwise you may as well just BCC the NSA.GOV on each and every email today it seems.

LITTLE SISTERS:

The little sisters though are another thing. You can in fact obscure a lot of what you do online and through telco but you have to be diligent. It means time and sometimes money (burn phones or laptops in some cases) to obfuscate as much as you can. The ROI here is that IF you take these pains you are then able to deny them easy access to your habits and patterns. If you start using crypto in sessions and in communications like emails then you will be also geometrically heightening your privacy status. But you have to do it.. AND that seems to be the hard part for many whether it is laziness or apathy I am not sure.

Privacy is what you make of it… He says as he hits enter on a public blog post!

K.

[Jmhhw Kutdegc ohl Vmgi Uizvsr pspmspw avuzyiw ypicl Qephcv Tmwfcj’a yere. Kutdegc plqfkw sd Vqklsn vcukipd.]
Polvc Ayzfiui: Elr npwr, xfslm’k Qephcv Tmwfcj…[tgsoq on i xspbsl ezmpc Auzlmr fom i tpely mbsvi. Uoftsgi rilvk xlc titviv rc mpga mr vua fs tydyzk] Li bcyaf’x wcsg bg lets u xswx.
Zwmpgt: [Ayzea saew] W’g agvvw, pob A hsl’h qwjo jmf npw kstslveirr.
Rckc Kspriv: Oi hm. [Gbwow e aoll] Fexgchid Wiailqlc Eeshkq.
Fmqvix: Sl. Cmi’lm lli eisa A liyf vzwexfwho gr xfs ibziv cbx wx qc nvivw.
Hmay Awjhsl: Bi, bzex’q hbm XFM. Us’lm fsx avuzlivcr zwj hsksmbag wsfpmappybwm.
Tmwfcj: Wz, M wcs. Swm nyqh idwvxffie yszcfhuwrxq. Gyb mt jpwyvvpc bwwbsxspg.
Xquo Kmfxwf: Rs, rvub’k xlc QCI. Oi tpcnmux ssf awnivlayvl’w gmagcfmgyhcwfw, ac hlg ls fpsus lli mhbmj jijzu’a ushcg. Qm’ji xfs awgh ksmm, Usvxw.
Pcazst: Esy, Q uer’r hytd css kbil e vczcmx xlyh ca…Vmgi.
Rckc Kspriv: Uleluy ggyv kwhl, uepj im il xlgg hcefip… [ucdww Fggbwh e jmzxmv tmcqy wx tensl] Uj. Fvgqy.

SPOOK COUNTRY 2011: HBGary, Palantir, and the CIRC

with 5 comments

 

The establishment of a Corporate Information

Reconnaissance Cell (CIRC) will provide Hunton &

Williams LLP with a full spectrum capability set to

collect, analyze, and affect adversarial entities and

networks of interest.

From: Team Themis pdf


CIRC: The New Private Intelligence Wing of (insert company name here)

The HBGary debacle is widening and the players are beginning to jump ship each day. The HBGary mother company is disavowing Aaron Barr and HBGary Federal today via twitter and press releases. However, if you look at the email spool that was leaked, you can see that they could have put a stop to Aaron’s game but failed to put the hammer down. I personally think that they all saw the risk, but they also saw the dollar signs, which in the end won the day.

What Aaron and HBGary/Palantir/Berico were offering was a new kind of intelligence gathering unit or “cell” as they called it in the pdf they shopped to Hunton & Williams LLP. Now, the idea and practice of private intelligence gathering has been around for a very long time, however, the stakes are changing today in the digital world. In the case of Hunton, they were looking for help at the behest of the likes of Bank of America to fight off Wikileaks… And when I say fight them off, it would seem more in the sense of an anything goes just short of “wet works” operations by what I see in the spool which is quite telling.

You see, Wikileaks has made claims that they have a certain 5 gig of data that belonged to a CEO of a bank. Suddenly BofA is all set to have Hunton work with the likes of Aaron Barr on a black project to combat Wikileaks. I guess the cat is out of the bag then isn’t it on just who’s data that is on that alleged hard drive huh? It would seem that someone lost an unencrypted drive or, someone inside the company had had enough and leaked the data to Wikileaks. Will we ever really know I wonder?

Either way, Barr et al, were ready to offer a new offering to Hunton and BofA, an intelligence red cell that could use the best of new technologies against Anonymous and Wikileaks. Now, the document says nothing about Anonymous nor Wikileaks, but the email spool does. This was the intent of the pitch and it was the desire of Hunton and BofA to make both Anonymous and Wikileaks go away, for surely if Wikileaks were attacked Anonymous would be the de facto response would they not?

A long time ago William Gibson predicted this kind of war of attrition online. His dystopian world included private intelligence firms as well as lone hackers out there “DataCowboy’s” running the gamut of corporate intelligence operations to outright theft of Pharma-Kombinat data. It seems that his prescient writings are coming into shape today as a reality in a way. With the advent of what Barr and company wanted to offer, they would be that new “cowboy” or digital Yakuza that would rid clients of pesky digital and real world problems through online investigation and manipulation.

In short, Hunton would have their very own C4I cell within their corporate walls to set against any problem they saw fit. Not only this, but had this sale been a go, then perhaps this would be a standard offering to every other company who could afford it. Can you imagine the bulk of corporations out tehre having their own internal intelligence and dirty tricks wings? Nixon, EH Hunt, and Liddy would all be proud. Though, Nixon and the plumbers would have LOVED to have the technology that Aaron has today, had they had it, they may in fact have been able to pull off that little black bag job on Democratic HQ without ever having to have stepped inside the Watergate

The Technology:

I previously wrote about the technology and methods that Aaron wanted to use/develop and what he was attempting to use on Anonymous as a group as the test case. The technology is based on frequency analysis, link connections, social networking, and a bit of manual investigation. However, it seemed to Aaron, that the bulk of the work would be on the technology side linking people together without really doing the grunt work. The grunt work would be actually conducting analysis of connections and the people who have made them. Their reasons for connections being really left out of the picture as well as the chance that many people within the mass lemming hoards of Anonymous are just click happy clueless folks.

Nor did Aaron take into account the use of the same technologies out there to obfuscate identities and connections by those people who are capable, to completely elude his system altogether. These core people that he was looking to connect together as Anonymous, if indeed he is right, are tech savvy and certainly would take precautions. So, how is it that he thinks he will be able to use macroverse data to define a micro-verse problem? I am steadily coming to the conclusion that perhaps he was not looking to use that data to winnow it down to a few. Instead, through the emails, I believe he was just going to aggregate data from the clueless LOIC users and leverage that by giving the Feds easy pickings to investigate, arrest, and hopefully put the pressure on the core of Anonymous.

There was talk in the emails of using pressure points on people like the financial supporters of Wikileaks. This backs up the statement above because if people are using digital means to support Wikileaks or Anonymous they leave an easy enough trail to follow and aggregate. Those who are friending Facebook support pages for either entity and use real or pseudo real information consistently, you can easily track them. Eventually, you will get their real identities by sifting the data over time using a tool like Palantir, or for that matter Maltego.

The ANONYMOUS names file

This however, does not work on those who are net and security savvy.. AKA hackers. Aaron was too quick to make assumptions that the core of Anonymous weren’t indeed smart enough to cover their tracks and he paid the price as we have seen.

The upshot here and extending what I have said before.. A fool with a tool.. Is still a fool.

What is coming out though more each day, is that not only was Aaron and HBGary Fed offering Palantir, but they were also offering the potential for 0day technologies as a means to gather intelligence from those targets as well as use against them in various ways. This is one of the scarier things to come out of the emails. Here we have a company that is creating 0day for use by intelligence and government that is now potentially offering it to private corporations.

Truly, it’s black Ice… Hell, I wouldn’t be surprised if one of their 0day offerings wasn’t already called that.

The INFOSEC Community, HBGary, and Spook Country:

Since my last post was put on Infosecisland, I had some heated comments from folks who, like those commenting on the Ligattleaks events, have begun moralizing about right and wrong. Their perception is that this whole HBGary is an Infosec community issue, and in reality it isn’t. The Infosec community is just what the shortened name means, (information security) You all in the community are there to protect the data of the client. When you cross the line into intelligence gathering you go from a farily clear black and white, to a world of grays.

HBGary crossed into the gray areas long ago when they started the Fed practice and began working with the likes of the NSA/DOD/CIA etc. What the infosec community has to learn is that now the true nature of cyberwar is not just shutting down the grid and trying to destroy a country, but it also is the “Thousand Grains of Sand” approach to not only spying, but warfare in general. Information is the currency today as it ever was, it just so happens now that it is easier to get that information digitally by hacking into something as opposed to hiring a spy.

So, all of you CISSP’s out there fighting the good fight to make your company actually have policies and procedures, well, you also have to contend with the idea that you are now at war. It’s no longer just about the kiddies taking credit cards. It’s now about the Yakuza, the Russian Mob, and governments looking to steal your data or your access. Welcome to the new world of “spook country”

There is no black and white. There is only gray now.

The Morals:

And so it was, that I was getting lambasted on infosecisland for commenting that I could not really blame Anonymous for their actions completely against HBGary/Aaron. Know what? I still can’t really blame them. As an entity, Anonymous has fought the good fight on many occasions and increasingly they have been a part of the mix where the domino’s are finally falling all over the Middle East presently. Certain factions of the hacker community as well have been assisting when the comms in these countries have been stifled by the local repressive governments and dictators in an effort to control what the outside world see’s as well as its own people inside.

It is my belief that Anonymous does have its bad elements, but, given what I know and what I have seen, so does every group or government. Take a look at our own countries past with regard to the Middle East and the CIA’s machinations there. Instead of fighting for a truly democratic ideal, they have instead sided with the strong man in hopes of someday making that transition to a free society, but in the meantime, we have a malleable player in the region, like Mubarak.

So far, I don’t see Anonymous doing this. So, in my world of gray, until such time as Anonymous does something so unconscionable that it requires their destruction, I say let it ride. For those of your out there saying they are doing it for the power and their own ends, I point you in the direction of our government and say this; “Pot —> Kettle —> Black” Everyone does everything whether it be a single person or a government body out of a desired outcome for themselves. Its a simple fact.

Conlcusion:

We truly live in interesting times as the Chinese would curse us with. Today the technology and the creative ways to use it are outstripping the governments in ability to keep things secret. In the case of Anonymous and HBGary, we have seen just how far the company was willing to go to subvert the laws to effect the ends of their clients. The same can be said about the machinations of the government and the military in their ends. However, one has to look at those ends and the means to get them and judge just was it out of bounds. In the case of the Barr incident, we are seeing that true intelligence techniques of disinformation, psyops, and dirty tricks were on the table for a private company to use against private citizens throughout the globe.

The truth is that this has always been an offering… Just this time the technologies are different and more prevalent.

If you are online, and you do not take precautions to insure your privacy, then you lose. This is even more true today in the US as we see more and more bills and laws allowing the government and police to audit everything you do without the benefit of warrants and or by use of National Security Letters.

The only privacy you truly have, is that which you make for yourself. Keep your wits about you.

K.

Napolitano: Internet Monitoring Needed to Fight Homegrown Terrorism

with one comment

fox news

Napolitano: Internet Monitoring Needed to Fight Homegrown Terrorism

Published June 18, 2010

|Associated Press

WASHINGTON — Fighting homegrown terrorism by monitoring Internet communications is a civil liberties trade-off the U.S. government must make to beef up national security, the nation’s homeland security chief said Friday.

As terrorists increasingly recruit U.S. citizens, the government needs to constantly balance Americans’ civil rights and privacy with the need to keep people safe, said Homeland Security Secretary Janet Napolitano.

But finding that balance has become more complex as homegrown terrorists have used the Internet to reach out to extremists abroad for inspiration and training. Those contacts have spurred a recent rash of U.S.-based terror plots and incidents.

“The First Amendment protects radical opinions, but we need the legal tools to do things like monitor the recruitment of terrorists via the Internet,” Napolitano told a gathering of the American Constitution Society for Law and Policy.

Napolitano’s comments suggest an effort by the Obama administration to reach out to its more liberal, Democratic constituencies to assuage fears that terrorist worries will lead to the erosion of civil rights.

The administration has faced a number of civil liberties and privacy challenges in recent months as it has tried to increase airport security by adding full-body scanners, or track suspected terrorists traveling into the United States from other countries.

“Her speech is sign of the maturing of the administration on this issue,” said Stewart Baker, former undersecretary for policy with the Department of Homeland Security. “They now appreciate the risks and the trade-offs much more clearly than when they first arrived, and to their credit, they’ve adjusted their preconceptions.”

Underscoring her comments are a number of recent terror attacks over the past year where legal U.S. residents such as Times Square bombing suspect Faisal Shahzad and accused Fort Hood, Texas, shooter Maj. Nidal Hasan, are believed to have been inspired by the Internet postings of violent Islamic extremists.

And the fact that these are U.S. citizens or legal residents raises many legal and constitutional questions.

Napolitano said it is wrong to believe that if security is embraced, liberty is sacrificed.

She added, “We can significantly advance security without having a deleterious impact on individual rights in most instances. At the same time, there are situations where trade-offs are inevitable.”

As an example, she noted the struggle to use full-body scanners at airports caused worries that they would invade people’s privacy.

The scanners are useful in identifying explosives or other nonmetal weapons that ordinary metal-detectors might miss — such as the explosives that authorities said were successfully brought on board the Detroit-bound airliner on Christmas Day by Nigerian Umar Farouk Abdulmutallab. He is accused of trying to detonate a bomb hidden in his underwear, but the explosives failed, and only burned Abdulmutallab.

U.S. officials, said Napolitano, have worked to institute a number of restrictions on the scanners’ use in order to minimize that. The scans cannot be saved or stored on the machines by the operator, and Transportation Security Agency workers can’t have phones or cameras that could capture the scan when near the machine

Umm Janet? Yeah, uh, do you have a clue? I didn’t think so.. Would you like to buy one? Look, we all know in the infosec field that you are basically trying to dress up a massive surveillance vacuum program to look all friendly like and harmless. Just how do you propose to “monitor” all these comm’s without just setting up a huge digital driftnet like the NARUS systems in the MAE’s?

We already monitor many of the jihadist websites and chat rooms etc now, so what else would you suggest we do to catch these guys? The only thing I can think of would be to have a searchable (on the fly) database of emails, chats, and all other communications online captured by something like the NARUS STA6400 or its progeny. Something that would just be doing a DPI type of inspection process of ALL traffic to flag for an analyst to look at and pass on.. Gee.. Where have I heard that before.. Hmm ECHELON perhaps? C’mon! This has been being done by the NSA for YEARS!

I have an idea.. Why don’t you call Fort Meade huh?

Here.. I have the phone number for you: 410-674-7170 Ask for DIRNSA.. Phonetically DUR-N-SA

Maybe they can lead you to understanding of the problem and the solution.. A solution they already have and I am sure are NOT willing to share with you.. But, you can at least try.

Frankly, I fear that you Janet, and the DHS, are clearly incompetent in the field of INFOSEC/HACKING/CYBERSEC as well as do not have a mandate, funding, nor staff to really deal with this issue properly. So, uhh yeah, why not just forget about it? Perhaps you should just leave it up to the NSA hmm?

Oh, and yeah, I am not “for” all of this hoovering of the internet’s traffic as a means to an end on “home grown” jihad. I am instead a realist and know that this is how it is. Of course there is an immense amount of data that is passing through the internet every second of every day, so not all of the bad guys can be caught. I also know that much of that data is in the clear and is in fact our every day email that could be spied upon and we have a real privacy issue here… But, what can I do about it huh?

Well, I can at least say that lets leave it to the professionals at the NSA and not in your completely incompetent hands at DHS.

Yours,

CoB

Written by Krypt3ia

2010/06/20 at 10:44

General Chilton: STRATCOM On CYBERWAR

leave a comment »

Gen Chilton

Gen Chilton

//BEGIN

General Kevin P Chilton: Commander of STRATCOM was on NPR the other day and I happen to catch only part of it. I went on down to the “Google” and came up with the audio at the npr.org site of course. Anyway, Chilton is rather frank in this interview about how we are lacking in many respects when it comes to the issue of “Cyberwar” In one particular question he answers the larger issues as they stand today;

BOWMAN: And increasingly so. This is from a speech you made back in February: In a cyberspace domain, here are some obvious things. We are under attack. We are behind. We are reactive. We are not proactive. How do you become proactive here?

Gen. CHILTON: Well, there’s three things that we’re trying to change in the military – under STRATCOM leadership writ large. In all our services and the way we think about cyberspace, we’re trying to change the culture, the conduct and our capabilities.

Culture, of course, is probably one of the more difficult ones. You can’t just fix that with investment, but we’ve grown up with a culture, and I think it’s probably true in our personal lives, that cyberspace and our computers are just a convenience. They make life easier.

What the switch we have to make in the military is the realization that we’re dependent on cyberspace for military operations on air, land and sea and in space, and we cannot effectively conduct out operations in those areas without the cyberspace domain and our military networks.

So they’re not just a convenience, they’re a necessity, and that means when you have a problem there, the commander in charge of forces ought to be, whether he’s in charge of air, land or sea forces, ought to be very worried about his networks and paying attention to their health, are they defended properly, etcetera.

In the conduct area, we need to do a better job of training people to point out that anybody in the military who’s using a computer plugged into a military network is the same as a gate guard standing in front of a base, protecting the gate. And if they don’t do their job correctly, they can allow someone to intrude on those networks and steal information or interrupt operations.

So training is part of the conduct change, and then we have to hold people accountable. We haven’t done a very good job of that, in my view, for people who don’t follow the rules, because we haven’t seen it as being that big a deal. It is a big deal, and we know it will be in the future.

And then in a capability area, that’s investment in the technologies to make sure our military men and women have the same kind of technologies available that you can invest in to defend and protect your home computer, to include automatic connections to your Internet service provider that can push antivirus software to you as soon as it’s made available electronically, so you don’t have to go, as we often do in the military, machine to machine with a disk and upgrade the defenses on the computer.

So we need those capability and technology investments, as well.

So, there you have it.. We are not prepared and we are really quite dependant on the infrastructure and have plugged it into just about everything. In essence, all our eggs are in one privately held basket that could be attacked and used against us. Never mind that, the intelligence gathering that goes on today as well as theft is staggering because the ideals of security have not been an important thing to us as a nation or economy.

Additionally, he said one thing that really kinda freaked me out. They are still using SNEAKER NET! I am assuming that he is referring to the SCI areas, but, geez..  I guess that this should be a real wake up to those of you who read me and perhaps take what I say with a grain of salt, that I am telling it as it is kids. We are behind in a big way and we need to catch up quickly. Imagine if indeed we as a nation focused on the problem with the same technological knowhow and mandate from the powers that be that the NSA had in placing the NARUS systems into the internet backbone eh? We might have a chance…

Meanwhile, Chilton also makes it more accessible to the masses (with a question from the phone listeners) just how fragmented and likely not too easily fixable the whole cyber security initiative is. Remember all the stove piping being a key finding as to why 9/11 happened unbeknownst to our intelligence agencies? Yes, that same problem is what any “Cyber Tsar” will face once they take the job. A scrabbling for all the marbles or pieces of the pie will ensue and we, the people, will be left holding the digital bag.

Working in the defense industry, I see this every day when it comes to intrusions and issues of reporting intel back and forth. It’s gotten a little bit better of late, but it’s still a real pain in the ass and often, the reports come to us in a mostly useless form… That is unless you have SCI clearance and a “need to know” So really, they are mostly useless to someone actually doing forensics or incident response on systems perhaps infected with a 0-day worm from China.

Finally, Chilton does some talking about nuclear options and EMP attacks. He says that he would not remove any option from the President’s purview. Of course I kinda agree with that assessment, but, nuking a country over a cyber attack for me is a little excessive. However, the real use for all out cyber warfare would be to have them in tandem with physical, conventional attacks on the targets too. So in reality, if we can “attribute” the attacks to a certain country and are attacked physically, sure, the nuke option is a possible one. However, as the general says, attribution is near impossible… So really, it’s not going to happen that way. Certainly though, a combined cyber attack followed by an EMP to finish the job would be one hell of a digital apocalypse.

Imagine one day being sent back to the 19th century style of living. No cell phones, no internet, no TV, no power, no water….

Can you say pandemonium?

Sure there’s shielding, but that is only for the C&C.. What about the rest of the country huh?

So, in the end, we have another report, another bubbling of the idea that a cyber war is possible and we are not up to the challenge…

If you’re not a little freaked… Well, enjoy the apathy. So when I write about all of the issues about securing networks and having policies, this is the sum of what could happen if the country does not take all those little bits of security to heart.

EPIC FAIL

NPR Talk Of The Nation

//END

ALL ARE COOKIES BELONG TO US!

leave a comment »

A proposal to loosen restrictions on the use of tracking cookies by federal government websites should be carefully scrutinized so they don’t jeopardize the privacy of people who visit them, groups advocating civil liberties warned Monday.

The American Civil Liberties Union said the proposal (http://blog.ostp.gov/2009/07/24/cookiepolicy/), floated July 24 by the White House OMB, or Office of Management and Budget, was a “sea change” that could erode protections that for the past nine years have safeguarded the personal information of millions of people who visit federal websites.

“Without explaining this reversal of policy, the OMB is seeking to allow the mass collection of personal information of every user of a federal government website,” Michael Macleod-Ball, the acting director of the ACLU’s Washington legislative office, said in a statement. “Until the OMB answers the multitude of questions surrounding this policy shift, we will continue to raise our strenuous objections.”

Under current rules, federal agencies are prohibited from using cookies and similar tracking technologies unless there is a “compelling need” and the agency head has approved their use. Under the new rules, the OMB would adopt a three-tier approach that would permit tracking under different circumstances. They include:

  • Single-session technologies, which track users over a single session and do not maintain tracking data over multiple sessions or visits;
  • Multi-session technologies for use in analytics, which track users over multiple sessions purely to gather data to analyze web traffic statistics; and
  • Multi-session technologies for use as persistent identifiers, which track users over multiple visits with the intent of remembering data, settings, or preferences unique to that visitor for purposes beyond what is needed for web analytics.

“The goal of this review is to develop a new policy that allows the Federal Government to continue to protect the privacy of people who visit Federal websites while, at the same time, making these websites more user-friendly, providing better customer service, and allowing for enhanced web analytics,” federal CIO Vivek Kundra and Michael Fitzpatrick, associate administrator of the OMB Office of Information and Regulatory Affairs, wrote.

Full Article:

My take:

Riiight, it’s just a means to an end to “serve” you better. Somehow I am somewhat incredulous about this little paradigm shift on the Feds part. Add this to DPI (Deep Packet Inspection) that they would like carried out more often (please remember those NARUS STA 6400’s in those closets at ATT and other networks) and you have quite the hoover capabilities to see not only what, but where the average user is going using those cookies.

All the better to serve you!

Given that Big O’ doesn’t want to shed light on those little projects that the last admin set up with regards to all the surveillance, I see this only as a furthering of it…

The only security one has is that which they make themselves…

Hey, I have an idea.. How about all you Fed guys look into not publishing data that should not be available on those servers so people don’t Gooogle it? Hmm? Might be a good idea yeah?

Meh.

//

Written by Krypt3ia

2009/08/11 at 12:42

WSJ: Nokia, Siemens Help Iran Spy on Internet Users OH NOH’s

leave a comment »

How do you say “Operation Pinwale” in Farsi?

According to a somewhat confusing Wall Street Journal story, Iran has adopted NSA-like techniques and installed equipment on its national telecommunication network last year that allows it to spy on the online activities and correspondence — including the content of e-mail and VoIP phone calls — of its internet users.

Nokia Siemens Networks, a joint venture between Germany’s Siemens and Finland’s Nokia, installed the monitoring equipment late last year in Iran’s government-controlled telecom network, Telecommunication Infrastructure Co., but authorities only recently engaged its full capabilities in response to recent protests that have broken out in the country over its presidential election.

The equipment allows the state to conduct deep-packet inspection, which sifts through data as it flows through a network searching for keywords in the content of e-mail and voice transmissions. According to the Journal, Iran seems to be doing this for the entire country from a single choke point. “Seems,” because although the Journal states that Nokia Siemens installed the equipment and that signs indicate the country is conducting deep-packet inspection, the paper also says “it couldn’t be determined whether the equipment from Nokia Siemens Networks is used specifically for deep packet inspection.”

Although the Journal has published questionable “spying” stories in the past, we’re willing to go with them on this one.

It’s previously been reported that Iran was blocking access to some web sites for people inside the country as protesters took to the streets and the internet to dispute the results of the country’s recent presidential election.

But sources told the Journal that the government’s activities have gone beyond censorship to massive spying. They say the deep-packet inspection, which deconstructs data in transit then reconstructs it, could be responsible for network activity in Iran having recently slowed to less than a tenth of its regular speed. The slowdown could be caused by the inspection at a single point, rather than at numerous network points, as China reportedly does it.

A brochure promoting the equipment sold to Iran says the technology allows for “the monitoring and interception of all types of voice and data communication on all networks.”

A spokesman for Nokia Siemens Networks defended the sale of the equipment to Iran suggesting that the company provided the technology with the idea that it would be used for “lawful intercept,” such as combating terrorism, child pornography, drug trafficking and other criminal activity. Equipment installed for law enforcement purposes, however, can easily be used for spying as well.

“If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them,” the spokesman told the Journal.

He added that the company “does have a choice about whether to do business in any country” but said, “We believe providing people, wherever they are, with the ability to communicate is preferable to leaving them without the choice to be heard.”

In March, the company sold off its monitoring technology to a German investment firm.

First: ‌عمل‌، ‌عملکرد، بهره‌برد‌ار‌ى‌ سنجاق‌، پايه‌ سنجاقى و‌ال‌، نهنگ‌، ‌عظيم‌ ‌الجثه‌، نهنگ‌ صيد کردن‌، قيطس

Give or take…
Second, well, no shit huh? Since they could not actually kill the internet access there in Iran, nor actually keep up with the flood of twitters going to numerous proxy sites, I guess the next best thing would be to “NARUS STA 6400” the masses huh? Ok, sure, they may be doing this but I don’t see this as being the real extent of the efforts long term goal. Just wait til people start disappearing in the intervening days and weeks.

Now, last night I heard this story also on NPR, the “All Tech Considered” piece went on to infer (ok actually stated) that the Iranians are “injecting” disinformation using DPI… really now? I just don’t think that’s the case. It would be easier to set up a series of agent provocateurs with cell access and acl’s to allow “them” to carry out disinformation campaigns?

Oh well, I am sure that ATT will soon be asked to help out.. Maybe NARUS too. Once they get the buttplugs into the back door ol’ Mahmouhd will be very happy. I mean, isn’t this just the pot calling the kettle black a bit?

CoB




Written by Krypt3ia

2009/06/23 at 14:26