Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Otaku’ Category

ウェブ忍者が失敗する : Dox-ing, Disinformation, and The Fifth Battlespace

leave a comment »

Digital Ninja Fail: ウェブ忍者が失敗する

The recent arrests of alleged key members of LulzSec and Anonymous have been called into question by the ‘Web Ninja’s‘, a group of would be hackers who have been ‘DOX-ing” the anonymous hierarchy for some time now. Yesterday, they posted the following on their page concerning the arrest of a man from the Shetland Islands who is purported to be ‘Topiary‘ by the Met and SOCA.

Now, this is a bold statement for anyone who really knows what they are doing in the intelligence analysis field. So, it is my supposition that these guys have no clue about what they are doing by making bold assertions like this. The data they have is tenuous at best and by making such bold statements, I have to wonder if indeed the so called ‘Ninja’s” themselves might not be a tool of anonymous to in fact sow that disinformation.

Here are the facts as I see them;

  • To date, the federal authorities have not questioned anyone who was DOX’d by the Ninja’s that I am aware of
  • The individuals who were DOX’d that were investigated by the authorities were in fact outed by LulzSec/Anonymous themselves
  • Adrian Chen has spoken to the person that the Ninja’s have fingered and claims that he (said person) went to the authorities himself. So far he is still not a suspect.

So, taking into account these facts, I would have to say that the Ninja’s have failed in their stated mission so far and I would suffice to say that if they are indeed a part of a disinformation campaign, then that too has failed. After all, the police seem to be ignoring the data put on the interent by the likes of the Ninja’s in favour of other tried and true tactics. The primary tactic as I see it, is grab one individual and then get them to roll over on their compatriots in the face of massive jail time.

This pretty much works all the time as we, as human beings, are most willing to sacrifice others for the self. In the case of the likes of LulzSec skiddies, I would have to say that the ages of the players, and their generational tendencies will allow them to cut deals pretty quickly. It’s my assessment that they are in it for the self gratification and lulz, not for the altruism that the LulzSec and Anonymous press releases have been trying to have one believe. My assumption is that if indeed the 19 year old guy they popped in Scotland is involved with LulzSec, and is in fact Topiary, he will roll over soon enough.

I also believe that these are all untrained operatives and they have made and will make more mistakes. I am pretty sure that the alleged “leaderless” group has leaders AND that unlike a true guerrilla warfare cell, will know the other players personal details. Essentially, they have had no compartmentalisation and they will all fall eventually though interrogation and deal making. As I said before, the insider threat to the organisation is key here, and it was this idea I think the Ninja’s had.. Well, at least that was the original idea of the Ninja Warrior. They were spies who infiltrated the ranks and destroyed from within.

So far with these guys.. Not so much.

Welcome To Spook World: Disinformation Campaigns and Intelligence Analysis

Now, on the whole disinformation thing, I know that the Lulz and Anonymous have said that they are using disinformation as well to try and create a smoke screen. Frankly, all of the intelligence out there that is open source is suspect. Maltego map’s of end user names as I have shown in the past can be useful in gathering intelligence… Sometimes. For the most part, if a user keeps using a screen name in many places and ties that name to real data, then they can be tracked, but, it takes a lot of analysis and data gathering to do it. Though, many of the foot soldiers within the Anon movement are young and foolish enough to just keep using the same screen names for everything so there is a higher likelihood that the data being pulled up on Maltego and with Google searches is solid enough to make some justified conclusions.

With the more experienced people though, there has been some forethought and they have protected their identities as best they could. What became their real downfall was that they could not rise above petty infighting and dox-ing each other. Thus you have the start of the potential domino effect on the core group as well as anyone who has any peripheral affiliation with the Lulz. Be assured, those who have been pinched are giving up as many names as possible as well as whatever is on their hard drives, Anon hacker manuals or not. All of these scenarios lead to the conclusion of more arrests by the authorities and even more skiddies getting into legal trouble around the globe. Meanwhile though, if the core group has been smart, then perhaps the leaders will skate for a time, using the masses as canon fodder.

Gee kids.. Did you know that you were all expendable?

On another tac, I would like to speak about the potential of the disinformation campaigns being perpetrated by the authorities as well. Consider that the trained professionals out there who are hunting these characters (Topiary, Sabu, et al.) are also adept at using not only the technologies of the fifth battlespace, but also the training afforded them in ‘spook world’ This means disinformation campaigns, mole hunts, and insurgencies of their own, getting to the inner core of Anonymous and Lulz. Now, that there were six (alleged) lulzer’s it would be more difficult to do, especially if those LulzSec folks really do know one another (as they claim they do not, which, I just don’t buy.. Remember the compartmentalisation issue) The agent provocateur’s are out there I am sure and with each rung of the ladder, they get closer to the core group.

That is unless the core group falls apart on their own and DOX’s each other out. In the end, I am going to suggest that the authorities will use all of the tricks of the trade on the Anon/Lulz folks to bag them… And with concerted effort by government resources, they will get their men/women.

Untrained, Unruly, and Unprofessional Operators:

“Discretion is the better part of valour” as they say, and in the case of the Lulz and Anon crews, they seem to not have a clue. Perhaps the Lulz think that by being unruly and unpredictable to a certain amount, will be just the cover they need, but, I think that their lack of discretion will be their undoing as well as their hubris. Had many of these folks had some real training, they might have just stood down for a while (not just a week or so) after setting sail into the sunset.

As I have said before, it was a bad idea to recruit and have comm’s out in the open on IRC servers even if they had ‘invite only’ channels. As is being seen now, someone (jester perhaps) has taken down their servers again after other outages due to Ryan Cleary’s attack and pressure from the government on those connection sources that the Anon’s were using. I am sure the idea was to have a movement that could also serve as diversion for the core users as well as to LOIC, but this all failed in the end didn’t it? The LOIC is what has given the FBI the 1,000 IP addresses as a hit list, so to speak, that they are now using to collect people and charge them for the DD0S attacks.

Had these people been trained or not been so compulsive, they might have had more of a chance to keep this up for a much much longer time. As I write, the Lulz do continue, but they have slowed quite a bit since the arrests started again. This I think is because the cages are starting to get rattled and people are finally coming to the conclusion that some discretion is needed to not end up Bubba’s play pal in prison. It’s a learning curve, and likely going to be a painful one for the kiddies.

Unprofessional actions within this area of battle will end up with your being put in jail kids.

To end this section I would also like to add this thought. My assessment of the Lulz core group is this;

  • They were drunk on the power of their escapades
  • The more followers they had and more attention, the less risk averse they became
  • They seem to have compulsion disorders (don’t say it.. Aspergers!) that seem to not allow them to lay low (until now it seems)
  • The ego has eaten their id altogether
  • Base ages are within the teens with a couple over 20

Technical Issues Within The Fifth Battlespace:

Another BIG issue within this battlespace is the technology. The Anon’s and Lulz have been ascribing to the idea of “Proxies, we haz them! So we’re secure!” and to a certain extent they are right. There are always ways around that though and certainly leaks in data (such as the TOR leaks that have happened) that could lead someone to locate the end user behind the proxy, so they are not fool proof. Certainly not if the fool in question is some skiddie 12 year old using LOIC un-proxied and not obfuscated while they D0S Paypal.

The problem is that the technology could fail you as well as the untrained operative could make small and large mistakes that could lead authorities right back to their IP and home accts. On the other side of that equation is that when properly done, it is damn hard to prove a lot in hacking cases because of obfuscation, as well as mis-configured end systems that have been hit. I cannot tell you how many times I have seen incidents play out where the target systems had no logging on as well as being completely un-secured, thus leaving practically nothing for a forensics team to find and use.

Once again, this brings us back to the insider threat, whether they be the insider who decides to go turncoat, or, the agent provocateur (i.e. Jester and the Ninja’s as well as others from the authorities) who infiltrate the Lulz and then gut them from the inside. What it really boils all down to is that in the end, it will be the foibles of the Lulz core and the actions of spooks that will bring them down.. And I think they are learning that very fact now.

JIN; One Must Know The Enemies Mind To Be Victorious:

As a last note, I would like to say to the Ninja’s, you need to learn and practice your Kuji-in. It is obvious to me that you have failed on the ‘Jin’ (knowing the opponents mind) with your dox attempts. Until such time as I see people being hauled in that directly relate to your documents posted, then I am going to consider the following to be the case:

  1. DOX-ing is mostly useless and takes quite a bit of analysis before just releasing names
  2. The Feds are not taking your data as gospel, nor should the general public or media
  3. You yourselves may in fact be a tool of Anonymous/Lulz and as such, spewing disinformation
  4. You could be right, but by releasing it to the public at large, you are letting the Lulz know to destroy evidence and create obfuscation that will hinder arrests later.

Ninja’s got results.. Not so much for ‘Web’ Ninjas. At least Jester, if his claims are true, is breaking their C&C channels lately.. Which has its own problematic issues.. Just like his meddling in the Jihadi area, but, that’s a story for another time.

K.

Aokigahara: “A Beautiful Place To Die”

leave a comment »

I came across a couple videos on YouTube ( vid 1 and vid 2) about Jukai (Aokigahara) the other day after I noticed a group of hits on my blog stats. I had done a post about the forest post seeing an episode of “Destination Truth” where the team from SCIFI went into the forest looking for ghosts.

Until that episode of the show I had never heard of Aokigahara, but the happenings there with all of the suicides made sense to me. The Japanese mindset that still persists today of “face” and honor re-enforces this suicidal tendency as well as the aesthetic that the Japanese have for death and it’s potential beauty.

Of course many of these people today are at their wits end and certainly not going there just out of a feeling of honor. Most are depressed, upset, and generally mentally ill. But, the “idea” of a beautiful, peaceful, and harmonious suicide seems to have taken root in the current Japanese psyche. Much of this stems from a book that I likely referenced before in my last post. The name of that book is Kuroi Jukai by Seichō Matsumoto, which has star crossed lovers taking their lives in the forest as a pastoral end.

Now, as you may know, the Japanese culture has a fairly violent and dark undercurrent as opposed to its rather placid exterior. The internal workings of the Japanese mind may in fact be a very dark place indeed. Of course the same can be said for many places including the US. So, lets just say that all humanity has this dark space, but, the Japanese kind of have made it an art.. Like Manga or Anime. This of course can be seen in their media like those mentioned or in movies like “Suicide Club” which I have referenced before.

I suppose though, that the overall feeling behind an honorable death is to give it some meaning. A death with meaning removes the randomness or meaninglessness of life altogether I suspect. The peacefulness and beauty aspects I have seen in the actions of the Samurai. A samurai commonly wrote a death poem before going into battle or committing Seppuku to give meaning to the death and to settle their mind as well as show their grace in the face of their demise. All of these things are seen as the duality of Zen Buddhism, the basis for the Samurai way that became Bushido.

Even a life-long prosperity is but one cup of sake;
A life of forty-nine years is passed in a dream;
I know not what life is, nor death.
Year in year out-all but a dream.
Both Heaven and Hell are left behind;
I stand in the moonlit dawn,
Free from clouds of attachment.

Uesugi Kenshin
1530-1578

In fact, I would not be surprised if I found through some digging, that there might indeed be some death poems found in Aokigahara.

Now, having delved somewhat into the mind set, lets look at the forest today and what seems to be playing out now. Since the SCIFI show, there has been an uptick in traffic that surrounds the forest and expeditions going there looking for a good fright. One of those sites is on funzu.com (WARNING IMAGES ARE SOMEWHAT DISTURBING) where my lead picture above comes from. It seems that on first blush, this picture and the others on the site may indeed show actual remains. However, I think I am somewhat incredulous about the hanging bodies.

My problem with the hanging photos is that they look to be staged and not real dead weight bodies on rope. In fact in one case the string looks too light to hold an adult body and in two of the others, the bodies are leaning/crouching and thus would not have been sufficient to actually kill someone who’s arms were not pinned behind them say.

Good try guys…

In fact, when you watch the YouTube video you will see the Danish guys saying that they think that some of the ropes etc that they are seeing are actually just props. I could see this being the case as people would like to draw attention to the forest and scare others. However, much of the errata that seems to be found on the ground if you look around actually seems to be personal effects of people who have just wandered into the trees looking to disappear.

It is little wonder that this place, a place thought to be haunted by demons, now is so charged with “ghost” activity, if there is any such thing. I suppose on the quantum level, I can grok the whole notion. Since matter and energy are interchangeable why not huh? It’s just rather hard to prove or disprove for that matter.

In any event, given the economic distress still ongoing in Japan, the insular nature of the current generation of Japanese, and the overall rigidity of their culture, I expect an uptick in suicides at Aokigahara in the foreseeable future.

CoB

Written by Krypt3ia

2010/03/01 at 01:49