Archive for the ‘Panopticon’ Category
Leaderless Jihad and Open Source Jihad: A Marriage Made In Hell.
In 2013 I wrote about leaderless jihad and the “Stand Alone Complex” Now we are seeing this type of leaderless, “inspired by” thought virus playing itself out on the national stage. Last nights attack using a lorrie was something that was presaged by two issues of Inspire Magazine back in 2010 and 2014. There isn’t much to it really to gather some weapons, steal a truck, and then plow it into a crowd but it has taken this long for the insidious idea to take root in the collective unconscious of the would be jihadi’s. The days of a more rigid and trained “jihad” are being eclipsed by would be unbalanced individuals seeking attention and reinforcement of their sick ideas through the media, the internet, and our collective inability to look away from a tragic scene on a glowing screen.
2014 Inspire
2010 Inspire 2 “Ultimate Mowing Machine”
Soft targets were always the preferred avenue of attack but now they are becoming seen as a top priority for security forces since the attacks in France and other places like Bangladesh. While Dahka on the face of it had a contingent of more trained individuals the attack last night is as simplistic as they come. This is what is really scaring the populace and the security services because now it seems that the authors and actors of these acts are in fact just one guy and not a cabal that they could perhaps track using pervasive surveillance. A cell of one is hard to track and certainly if they self radicalize by just downloading Inspire magazine and watching YouTube, well, what can one do? There are no easy answers here in the world of detection and prevention.
So here we have it, I have been pointing this out for a while and at first it was AQAP trying to inspire “OSJ” or Open Source Jihad. Now Dabiq and Da’esh are carrying it on and furthering it with the media zeitgeist that ensues with each attack. The net effect here is that these people are selfradicalizing with the help of the media’s obsession on covering ad nauseum these acts. The pervasive hand wringing and talking heads only serve to whet the appetite of the would be jihobbyist into action. Forget the Inspire magazines and the videos, just watch CNN and that is enough it seems. This all is very much like the plot line to “The Laughing Man” arc of Ghost In The Shell. An act carried out on the media instilled others to carry out like acts to be on the media and further the idea(l) as well as serve as a means to self fulfil the actors need for attention and satisfaction.
This is pure psychology at work and there are a host of reasons and syndromes that could likely be pointed at to rationalize it’s happening. The fact of the matter is that now we are seeing it play out rather bloodily on the streets of the world in furtherance of an idea and ideal set that lends itself to the like minded.. Or should I say mentally ill? Yes, I would say mentally ill. These actors are acting out and likely have some borderline tendencies to start with. These people feel outcast in their societies or out of place within the societies they are living in as a second generation citizen. It is a complex thing to nail down and I suggest that anyone who might want to delve into it further read “Leaderless Jihad” by Marc Sageman.
We need a more nuanced approach to the GWOT and I am afraid we won’t get that…
K.
So here’s my thing….
VQX HWMVCUSE JQJFASSNTG QV! X HQ JD ISIAVVE!
Face it.. We are all PWND six ways to Sunday
Every frigging day we hear more and more about how the NSA has been emptying our lives of privacy and subverting the laws of this land and others with their machinations. It’s true, and I have been saying as much since the day Mr. Klein came out of his telco closet and talked about how the NARUS system had been plugged into the MAE West back in the day. We are all well and truly fucked if we want any kind of privacy today kids and we all need to just sit back and think about that.
*ponder ponder ponder*
Ok, I have thought about it and I have tried to think of any way to protect myself from the encroachment of the NSA and all the big and little sisters out there. I am absolutely flummoxed to come up with any cogent means to really and truly protect my communications. Short of having access to the NSA supercloud and some cryptographers I don’t think that we will not truly have any privacy anymore. If you place it on the net, or in the air. We have reached in my opinion the very real possibility of the N-Dystopia I have talked about before in the Great Cyber Game post.
As the pundits like Schneier and others groan on and on about how the NSA is doing all of this to us all I have increasingly felt the 5 stages of grief. I had the disbelief (ok not completely as you all know but the scope was incredible at each revelation) Then the anger came and washed over me, waves and waves of it as I saw the breadth and scope of the abuse. Soon though that anger went away and I was then feeling the bargaining phase begin. I started to bargain in my head with ideas that I could in fact create my own privacy with crypto and other OPSEC means. I thought I could just deny the government the data. I soon though began to understand that no matter what I did with the tools out there that it was likely they had already been back door’d. This came to be more than the case once the stories came out around how the NSA had been pressuring all kinds of tech companies to weaken standards or even build full back doors into their products under the guise of “National Security”
Over time the revelations have all lead to the inescapable truth that there is nothing really anyone can do to stop the nation state from mining our communications on a technological level. Once that had fully set in my mind the depression kicked in. Of late I have been more quiet online and more depressed about our current state as well as our future state with regard to surveillance and the cyberwarz. I came to the conclusion that no matter the railing and screaming I might do it would mean nothing to the rapidly approaching cyberpocalypse of our own creation arriving. ….In short, we can’t stop it and thus the last of the five stages for me has set in. I accept that there is nothing I can do, nay, nothing “we” can do to stop this short of a bloody coup on the government at large.
I now luxuriate in my apathy and were I to really care any more I would lose my fucking mind.
OPSEC! OPSEC! OPSEC!
Speaking of losing one’s mind.. Lately people all have been yelling that OPSEC is the only way! One (the gruqq) has been touting this and all kinds of counterintelligence as the panacea for the masses on these issues. Well, why? Why should we all have to be spies to just have a little privacy in our lives huh? I mean it’s one thing to be a shithead and just share every fucking stupid idea you have on FriendFace and Tweeter but really, if you can’t shut yourself up that is your problem right? No, I speak of the every day email to your mom telling her about your health status or maybe your decision to come out etc. Why should the government have the eminent domain digitally to look at all that shit now or later?
If you take measures to protect these transactions and those measures are already compromised by the government why then should you even attempt to protect them with overburdened measures such as OPSEC huh? I mean, really if you are that worried about that shit then go talk to someone personally huh? I know, quite the defeatist attitude I have there huh? The reality is that even though I claim not to be caring about it (re: apathy above) I actually do but I realize that we no longer have privacy even if we try to create it for ourselves with technical means. If the gov wants to see your shit they will make a way to do so without your knowing about it. I fully expect someday that they will just claim eminent domain over the internet completely.
Fuck OPSEC.. I want my government to do the right thing and not try to hide all their skirting of the law by making it classified and sending me an NSL that threatens to put me in jail for breaking the law.
Fuck this shit.
CYBERWARZ
Then we have the CYBERWARZ!! Oh yeah, the gubment, the military, and the private sector all have the CYBERWARZ fever. I cannot tell you how sick of that bullshit I am really. I am tired of all the hype and misdirection. Let me clear this up for you all right here and right now. THERE IS NO CYBERWAR! There is only snake oil and espionage. UNTIL such time as there is a full out kinetic war going on where systems have been destroyed or compromised just before tanks roll in or nukes hit us there is no cyberwar to speak of. There is only TALK OF cyber war.. Well more like masturbatory fantasies by the likes of Beitlich et al in reality. So back the fuck off of this shit mmkay? We do not live in the world of William Gibson and NO you are not Johnny Mnemonic ok!
Sick. And. Tired.
I really feel like that Shatner skit where he tells the Trekkies to get a life…
Awaiting the DERPOCALYPSE
All that is left for us all now is the DERPOCALYPSE. This is the end state of INFOSEC to me. We are all going to be co-opted into the cyberwarz and the privacy wars and none of us have a snowball’s chance in hell of doing anything productive with our lives. Some of us are breaking things because we love it. Others are trying to protect “ALL THE THINGS” from the breakers and the people who take their ideas and technologies and begin breaking all those things. It’s a vicious cycle of derp that really has no end. It’s an ouroboros of fail.
RAGE! RAGE! AGAINST THE DYING OF THE PRIVACY! is a nice sentiment but in reality we have no way to completely stop the juggernaut of the NSA and the government kids. We are all just pawns in a larger geopolitical game and we have to accept this. If we choose not to, and many have, then I suggest you gird your loins for the inevitable kick in the balls that you will receive from the government eventually. The same applies for all those companies out there aiding the government in their quest for the panopticon or the cyberwarz. Money talks and there is so much of it in this industry now that there is little to stop it’s abuse as well.
We are well and truly fucked.
So, if you too are feeling burned out by all of this take heart gentle reader. All you need do is just not care anymore. Come, join me in the pool of acceptance. Would you care for a lotus blossom perhaps? It’s all good once you have accepted the truth that there is nothing you can do and that if you do things that might secure you then you are now more of a target. So, do nothing…
Derp.
K.
Book Review: An Introduction to Cyber-Warfare: A Multidisciplinary Approach
IJPFRH CPAGP EIIL!
CYBER CYBER CYBER!
CYBER CYBER CYBER! or “CRY HAVOC AND LET SLIP THE DIGITAL DOGS OD CYBER WAR!”” is often what you hear from me in a mocking tone as I scan the internet and the news for the usual cyber-douchery. Well this time kids I am actually going to review a book that for once was not full of douchery! Instead it was filled with mostly good information and aimed at people who are not necessarily versed at all in the cyberz. I personally was surprised to find myself thinking that I would approve this for a syllabus (as it has been placed into one by someone I know and asked me to read this and comment)
The book really is a primer on IW (Information Warfare) and Cyber-Warfare (for lack of a better nomenclature for it) which many of you reading my blog might be way below your desired literacy level on the subjects. However, for the novice I would happily recommend that they read the book and then spend more time using ALL of the footnotes to go and read even more on the subject to get a grasp of the complexities here. In fact, I would go as far as to say to all of you out there that IF you are teaching this subject at all then you SHOULD use this book as a starting point.
I would also like to say that I would LOVE to start a kickstarter and get this book into the hands of each and every moron in Congress and the House. I would sit there and MAKE them read it in front of me *surely watching their lips move as they do so* There are too many people in positions of power making stupid decisions about this stuff when they haven’t a single clue. I guess the same could be said about the military folks as well. We have plenty of generals who have no idea either.. That’s just one man’s opinion though.
As we move further and further down the cyber-war road I think that books like this should be mandatory reading for all military personnel as well as college level courses in not only IW/INFOSEC but also political and affairs of state majors as well. We will only continue down this road it seems and it would be best for us all if the next wave of digital natives had a real grasp of the technologies as well as the political, logical, and tactical aspects of “Cyber”
I have broken down the book into rough chapters and subject areas as it is within the book (mostly) It really does cover more of the overall issues of cyber-warfare and methods used (not overly technical) The modus operandi so to speak of the actual events that have taken place are laid out in the book and give you a picture of the evolving of IW to what we see today as “cyber-warfare” I will comment on those sections on what I thought was good and what I thought was derpy of course, I mean would you all have it any other way?
IW (INFORMATION WARFARE) RUSSIA
The authors cover early IW with the Russian saga’s over Georgia and Estonia. There is a lot in there that perhaps even you out there might not know about the specifics of the incidents where Russia is “alleged” to have attacked both countries at different times with different goals and effects. Much of this also touches on the ideas of proxy organizations that may or may not be state run that were a part of the action as well as a good overview of what happened.
In the case of Georgia it went kinetic and this is the first real “cyber-warfare” incident in my mind as cyber-war goes. I say this because in my mind unless there is an actual kinetic portion to the fighting there is no “war” it is instead an “action” or “espionage” so in the case of tanks rolling in on Georgia we have a warfare scenario outright that was in tandem with IW/CW actions.
OUR CHINESE OVERLORDS
Ah Chairman Meow… What book on Cyber would be complete without our friends at the MSS 3rd Directorate huh? Well in the case of this primer it gets it right. It gets across not only that China has been hacking the living shit out of us but also WHY they are doing it! The book gives a base of information (lots of footnotes and links) to ancillary documentation that will explain the nature of Chinese thought on warfare and more to the point Cyber-Warfare. The Chinese have been working this angle (The Thousand Grains of Sand etc) for a long time now and there are more than a few treatises on it for you to read after finishing this book.
The big cases are in there as well as mention of the malware used, goals of the attacks and some of the key players. If you are out to start teaching about Chinese electronic/cyber/IW then this is a good place to start. Not too heavy but it gets the point across to those who are not so up to speed on the politics, the tech, or the stratagems involved.
ANONYMOUS/SEA/LULZSEC
Anonymous, as someone on my Twitter feed was just asking me as I was writing this piece, is also a part of this picture as well. The idea of asymmetric online warfare is really embodied by these groups. The book focuses more on Lulzsec and their 50 days of sailing but it doesn’t go too in depth with the derp. Suffice to say that all of them are indeed important to cyber-warfare as we know it and may in fact be the end model for all cyber-warfare. How so? Well, how better to have plausible denyability than to get a non state group to carry out your dirty war? Hell, for that matter how about just blame them and make it look like one of their ops huh?
Oddly enough just days ago Hammond wrote a piece saying this very thing. He intoned that the FBI via Sabu were manipulating the Anon’s into going after government targets. This is not beyond comprehension especially for places like China as well. So this is something to pay attention to. However, this book really did not take that issue on and I really wished that they had. Perhaps in the next updated edition guys?
THE GRID
OY VEY, the “GRID” this is one of the most derpy subjects usually in the media as well as the books/talks/material on cyber-warfare out there. In this case though I will allow what they wrote stand as a “so so” because they make no real claim to an actual apocalypse. Instead the book talks about the possible scenarios of how one could attack the grid. This book makes no claim that it would work but it is something to think about especially if you have an army of trained squirrels with routers strapped to their backs.
It is my belief that the system is too complex to have a systematic fail of apocalypse proportions and it always has been so. If the book talked about maybe creating a series of EMP devices placed at strategic high volume transformers then I would say they’d be on to something. However, that said, the use of a topological attack model was a good one from a logical perspective. They base most of this off of the Chinese grad students paper back years ago so your mileage may vary. So on this chapter I give it a 40% derp.
WHAT’S MISSING?
All in all I would have liked to have seen more in the political area concerning different countries thought patterns on IW/CW but hey, what can ya do eh? Additionally I think more could have been done on the ideas of offense vs. defense. Today I see a lot of derp around how the US has a GREAT OFFENSIVE CAPABILITY! Which for me and many of you out there I assume, leads me to the logical thought conclusion of “GREAT! We are totally offensive but our defense SUCKS!” So much for CYBER-MAD huh?
I would have also like to have seen more in the way of some game theory involved in the book as well concerning cyber-warfare. Some thought experiments would be helpful to lay out the problems within actually carrying out cyber-war as well as potential outcomes from doing so more along the lines of what I saw in the Global Cyber-Game.
OVERALL TAKE
Well, in the end I think it is a good start point for people to use this in their syllabus for teaching IW/CW today. It is a primer though and I would love to see not only this end up on the list but also the Global Cyber Game as well to round out the ideas here. To me it is more about “should we do this?” as opposed to “LETS FUCKING DO THIS!” as the effects of doing so are not necessarily known. Much of this territory is new and all too much of it is hyped up to the point of utter nonsense. This is the biggest problem we have though, this nonsense level with regard to the leaders of the land not knowing anything about it and then voting on things.
We need a more informed populace as well as government and I think this book would be a good start. So to the person who asked me to review this..
K.
Creating Your Own Privacy & ROI
img courtesy of XKCD http://xkcd.com/
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Preamble
With all the alleged revelations over the drift net surveillance happening to us all by the government I and others have been pondering the processes needed to protect one’s communications online and over the phone. Wired and other venues have put out reasonably ok articles on this but generally I think they have lacked on the ROI factor for the varying degree’s of surveillance that has been carried out for some time now, not just the NSA with PRISM. The immensity of it all I think can put one off on the idea of being able to keep their privacy especially given the pains that one must take to keep it on the nation state scale. However, there is much that could be done to have a modicum of privacy but one just has to understand the idea of OPSEC and have some technical base to work from in order to use the technologies such as TOR or CRYPTO in the first place. It is another thing altogether to keep that mindset every day and to understand the import of their use and the cause and effect that comes from failing to use them.
PRISM and NATION STATE SURVEILLANCE
As Ali (@packetknife) alluded to on the “Loopcast” recently with me, the idea that someone can completely deny the nation state program of surveillance is a tough one to swallow today. We all are connected to the net in some way whether it be your smartphone or some other connected device that we carry with us 24/7. In the case of the smart phone the utter and total pwn that goes on there is spectacular to think about. There is no need for tinfoil hat conspiracies about barcode tattoo’s on one’s neck here, all you really need is an iPhone and connectivity to know quite a bit about a person. This is why the metadata issue is a big one and people are seemingly unable to comprehend it. Let me clarify this for you all by also saying that not only are the calls to and from being easily monitored and mined (stored later for perusal when needed) by the NSA it seems, but also the GPS data as well. Remember the hubbub over the Apple collection of GPS data on the phones a couple years back? Remember the outrage on some parts over this? Well, now look at that in relations to how much of that data is accessible by the government too in this program. More to the point and this has not really been talked about, but are they correlating that data as well in the phone surveillance being carried out? My assumption is yes but like I said that seems to have been dwarfed and drowned out by the PRISM revelations.
Ok so now we are being data mined and correlated on the phone calls we make (metadata). Of who we are calling, how long we are talking, and when as well as the GPS (location) as well? All of that data is very informational about the habits of a person alone but start to analyze it from a personal and psychological perspective and you can build quite the dossier on someone without even having to listen to their conversations. Which I hasten to add that there are rumors of the caching of conversations generally not just under warrant from FISA. At this level, the nation state level of surveillance, one cannot hope to really be secure in their communications using technologies as they are because of the access the government has built for themselves post 9/11 with the Patriot Act as it’s fulcrum. Access mind you that we are giving them by proxy of the devices we buy and the services that provide the connection because without them we have no way to communicate other than in person or pen to paper with the post offices help right?
All of this though does not mean that the government is spying on you now. What it means though is that the legalities have been created or bent to the will of the government to have the illusion that the wholesale collection of all kinds of data for later use of anyone using these systems is legal. It also means that no matter the protestation of the government and the law enforcement bodies that they take all due care not to collect/use/surveill you vis a vis your data that there is a chance that someone within the system “could” and “might” do so outside of the rules and that is the problem here … Well other than the Constitutional, moral, and ethical issues that is. Just because it is against the rules does not mean someone won’t do it if they have the access. You know.. Like EJ Snowden having access to highly classified data that perhaps he shouldn’t have? Or furthermore the availability of Mr. Snowden being able to insert a USB drive into systems and siphon off said data to give to the press or anyone who’d listen right?
PRIVATE SECTOR or THE LITTLE SISTERS
Another issue that seems to be taking a back seat here is the notion of the Little Sisters to Big Brother. This idea springs from something I alluded to above in that the corporations that offer you the services (Gmail/ATT/Facebook etc) all collect data on you every minute of every day. They use this data for advertising, data mining, selling that data to other companies to form synergies on how to sell you on things etc. It is this practice of collecting all this data on us and our complicity in it that has given rise to the drift net approach that the government has taken with the surveillance programs like PRISM. The government is simply leveraging the capacities that are already there in the first place! You want to blame someone for this mess? Look in the mirror as you have allowed your data to be collected in the first place. YOU have placed your minute details out there on the internet to start with in email or posts to Twitter and Facebook for example. YOU are the culprit because you fail to understand OPSEC (Operational Security) and just scattered it on the net for anyone to see.
Of course other bits are more arcane. Cookies, tracking data within browsers and the like also give away much data on who you are, what you like, and allow the marketers to tailor ads for you when you go to sites that pay for the services. The aggregate of all of this data makes a digital portrait of you that unless you take pains to disallow the collection, will be sold and used by the corporations to package YOU as the commodity. I mean, how do you think Facebook works? It’s a social contract to connect to others and allow Facebook to make money off of your habits. Zucky is not in this to win a Nobel Peace Prize here ya know.
So when you think about all this surveillance going on please remember that you are complicit in it every time you surf the web, make a facebook post, a tweet, or send an email unencrypted (Google analytics kids) because they are all sifting that data to “get to know you better” *cough* It’s just a friends with benefits thing as the government see’s it being able to just hit them with an NSL and plant a server in the infrastructure to cull the data they want. As long as it doesn’t effect the bottom line (money) for them I suspect their worries about privacy are, well, pretty low on average. I mean after all you have already signed away your rights have you not? The little sisters are insidious and subtle and I am afraid they have already become metasticized within the society body.
The Only Privacy You Can Have Is That Which You Make Yourselves
“The only privacy that you have today is that which you make for yourself” is something I said a while back on a blog post or podcast and I still stand by it. It seems all the more relevant in the post Snowden world today. By creating privacy I mean leveraging technologies like encryption to keep your communications private and OPSEC to consider how you transmit information over the internet and telco. There are inherent problems though with all of these things as you can always make a mistake and end up leaking information either technically (an instance would be logging online with your own IP address to something) or process wise like putting your current location on Facebook and saying you’re on vacation for two weeks. It is all a matter of degree though and even if you are practicing OPSEC there are things outside of your control when the nation state is looking to spy on you. There are just no two ways about it, you can only fight the nation state so much with technology as they have more resources to defeat your measures eventually by end run or by brute force.
On the level of defeating the little sisters, well the same applies but with limitations. You can in fact surf the net on TOR with NOSCRIPT, cookies disallowed and on an inherently anonymized OS on a USB stick right? The little sisters can only do so much and they only interact when they see a profit in it. They after all are not looking to be voyeurs just for the fun of it. They want to sell you something or sell you as metadata right? However, if you start to anonymize yourself as much as you can and you are diligent about it you can stop the Little Sisters which in turn may minimize what the Big Brother can use too. The caveat is that you have to take pains to do this and you have to know what you are doing. There are no magic easy button offerings on the shelf that will hide you from them all and if you care then you will take the time to learn how to perform these measures.
ROI On Privacy
Finally, I would like to take stock of the fight here that you need to take on and what the ROI is for each adversary involved. In reality unless you go off the grid, change your identity and never touch another piece of technology ever again there is a high likelihood that your information will be tracked. One may in fact create a separate identity to pay bills with and use that one to surf online as well as other things but that is an extreme just like the idea of becoming a Luddite. There must be a middle road where you can feel that you are protecting a certain portion of your lives from the unblinking eye of the companies and governments that own or access the technologies that we use every day. You have to though, understand all of this and accept that in the end you may fail at keeping your privacy yours and yours alone. Come to grips with this and be smart and you can have a modicum of success if you are diligent.
A for instance of this ROI would be on the phones. If you TRULY want to be private then you have to lose your smartphone that you have billed to you and buy a burn phone. Cash is king and there is no information taken if you do it right. The unfortunate thing is that you then have to call only others who have the same burn phones out there without any metdata that ties it back to their real identities. You just try getting mom and dad to buy burn phones to talk to them on… It’s not that easy. So really, some of the ROI is minimized by the nuisance factor. The same can be said for the lay individual who is not going to go buy encryption products nor are they capable of installing a Linux system and running something like GPG. This is not going to work for everyone as well as not everyone is going to care about their privacy as the recent Pew poll showed where 56% of polled ok with surveillance program by NSA.
In the end it all comes back to the idea that you create your own privacy by your own actions. Do not trust that the government is going to protect your privacy and certainly don’t believe that the corporations will either. I mean, just look at how many spectacular fails there were on passwords that weren’t hashed or encrypted in any way by companies hacked by LulzSec. As well you should not trust the government, no matter how well intended, that they will be ABLE to protect your privacy as we have seen with recent events like Brad Manning’s theft of (S) data as well as now Snowden (TS/SCI) The actions of one person can be the downfall of every carefully crafted system.
So what is the ROI here? Well….
NATION STATE:
Crypto and anonymized traffic online will minimize your footprint but eventually they will break you if they want to. You have to be exceptional to fight the nation state level of surveillance. As for the driftnet out there well, unless you go luddite they have a lot of data to sift and commingle. They have a pretty good picture of who you are and much of that comes from the little sisters. Your ROI here is minimal because they have the power and the thing you MUST remember is that CRYPTO IS YOUR FRIEND!! Encrypt sessions for chat and emails and you will leave them with the task of either having to break that crypto or hack your endpoint to see the plain text. Make them work for it. Otherwise you may as well just BCC the NSA.GOV on each and every email today it seems.
LITTLE SISTERS:
The little sisters though are another thing. You can in fact obscure a lot of what you do online and through telco but you have to be diligent. It means time and sometimes money (burn phones or laptops in some cases) to obfuscate as much as you can. The ROI here is that IF you take these pains you are then able to deny them easy access to your habits and patterns. If you start using crypto in sessions and in communications like emails then you will be also geometrically heightening your privacy status. But you have to do it.. AND that seems to be the hard part for many whether it is laziness or apathy I am not sure.
Privacy is what you make of it… He says as he hits enter on a public blog post!
K.
[Jmhhw Kutdegc ohl Vmgi Uizvsr pspmspw avuzyiw ypicl Qephcv Tmwfcj’a yere. Kutdegc plqfkw sd Vqklsn vcukipd.]
Polvc Ayzfiui: Elr npwr, xfslm’k Qephcv Tmwfcj…[tgsoq on i xspbsl ezmpc Auzlmr fom i tpely mbsvi. Uoftsgi rilvk xlc titviv rc mpga mr vua fs tydyzk] Li bcyaf’x wcsg bg lets u xswx.
Zwmpgt: [Ayzea saew] W’g agvvw, pob A hsl’h qwjo jmf npw kstslveirr.
Rckc Kspriv: Oi hm. [Gbwow e aoll] Fexgchid Wiailqlc Eeshkq.
Fmqvix: Sl. Cmi’lm lli eisa A liyf vzwexfwho gr xfs ibziv cbx wx qc nvivw.
Hmay Awjhsl: Bi, bzex’q hbm XFM. Us’lm fsx avuzlivcr zwj hsksmbag wsfpmappybwm.
Tmwfcj: Wz, M wcs. Swm nyqh idwvxffie yszcfhuwrxq. Gyb mt jpwyvvpc bwwbsxspg.
Xquo Kmfxwf: Rs, rvub’k xlc QCI. Oi tpcnmux ssf awnivlayvl’w gmagcfmgyhcwfw, ac hlg ls fpsus lli mhbmj jijzu’a ushcg. Qm’ji xfs awgh ksmm, Usvxw.
Pcazst: Esy, Q uer’r hytd css kbil e vczcmx xlyh ca…Vmgi.
Rckc Kspriv: Uleluy ggyv kwhl, uepj im il xlgg hcefip… [ucdww Fggbwh e jmzxmv tmcqy wx tensl] Uj. Fvgqy.
State Of Surveillance: PRISM & Other Driftnets
Zlx kpkmn qp hbx ieandl bh hi lxjywy kx hbxbr bcjzwgy, lhnzix, jczsll, tnp cxmmvzw, tzhmsmv eblxtsalsitx yitkjljm cxr mxbzgpwz, aagpe gvx gy xscftmep, yfk vh Cekkhrym urofe bsesw, icm athg wvtvclzy vtuec, kbxiuvmxk fd Icdv ik tfrgjtimosg, tuh uutdwwneadjq kmlivbuprl njo dftve fm tl axgvvalh, fhf dvy ixremfz wk zlbgnw yi do gybsep.
Revelations
Some of you out there may be shocked and dismayed that the NSA and the FBI as well as other “customers” in the IC world have been collecting vast amounts of data from sources like Verizon (telco) and Google (internet) sources. Others already knew this but perhaps did not understand the sheer scope of the hoovering that has been going on. Myself, well I have had an inkling since I read the manuals for the NARUS STA-6400 system back in 2003 I think it was. That system was the progenitor of what we are seeing now within not only PRISM but other as yet to be named projects. Suffice to say though that we are well and completely surveilled and we have ourselves to blame really. We elected these people into positions of power and we also have not taken enough steps to insure that our elected government is being ethical, moral, and legal in their actions.
These programs have been ongoing for some time now and it seems now they have become monsters that some even within the vast machine have decided are too big and too scary for the government to have control over without the public’s knowledge. Whoever leaked this information must have reached much the same conclusions that we all are now post the leaks that the government wields a set of tools that it should not be using without the approval of the governed who’s rights they are “encroaching” upon and for this I laud them. It is my personal feeling that the government and the LE as well as IC community have overstepped their bounds in this driftnet surveillance behemoth that they have built in the name of anti-terrorism. It is also my opinion that the number of plots allegedly broken up before going into action does not outweigh the constitutional rights that they are contravening to uncover and stop them.
Equivocations
Since the revelations on the wiretapping, metadata, and now internet content slurping we all have seen the reaction of the IC and the administration in response to them. What we have seen thus far has been a set of carefully worded speeches and ameliorating press releases hoping to quell our distrust in our leaders and these constitutionally questionable programs. The height of this for me was President Obama’s press meeting to address the issues where he uses language that basically says “ok yes you are right, your rights are being encroached upon but the benefits of this program outweigh your rights” This was a telling for me as the implication here is that the president, who is in fact alleged to be a constitutional scholar knows and admits that these programs are infringing on our fourth amendment right to privacy.
So what we have here is an administration that has not only carried on the programs and ideals of the previous piteously poor one but gone as far as to expand them for our “greater good” all the while increasing the classification of everything to protect their bad decisions from the public they claim to be protecting. This all may well have been done with good intentions but as “we the people” see it after the fact it comes off as overreach and Orwellian to say the least. In my world view having the power to do something is one thing if you have a sunlight policy that allows for some transparency but all of this is covered in a cloak of secrecy under the rubric that it is to protect us all from terrorism. While I can understand the need for operational security in anti-terrorism and intelligence work I cannot say that this data mining in the way it is being carried out outweighs the fundamental right to privacy that the Fourth Amendment affords all citizens. Furthermore all of the alleged oversight and controls that are in place over these programs may be best intentions but this is not to say that the programs cannot be abused or end run around by those in the chain of command to their own ends. Remember that it was Nixon who ordered the taps of enemies including the NSA as a means to that end until J. Edgar Hoover, out of a feeling of losing his own power, stopped the NSA by threatening to out the president and the program. So there is a history here to be cognizant of and that history is basically the aphorism; “Power corrupts and absolute power corrupts absolutely”
No matter the equivocations or couched and secretively worded explanations that this is all for “our good” the people have a right to reserve judgement as well as demand accounting on what is being done in their name by their duly elected government. The problems though for me are that all too many times the choices are classified, national security letters used to quash any resistance, and oversight by the people prevented with rhetoric over the greater good and this is wrong. The governed need to have a say in this and the government is not allowing that by classification and word play. Games of word semantics may be fun if it were just a game but when it comes to programs like PRISM it’s all really just sleight of hand and NLP to allow the government to do what it wants to, the most expedient thing, to protect the homeland (another nice NLP there by the way) from terror. I guess the question then becomes could this activity be carried out in a better and more transparent way that would still work against terrorism?
Hand Wringing
Look we know that communications are being watched. The terrorists know it too and have used tradecraft to protect their actions in the past. It’s really just common sense, so really do we need to keep it all a secret that we are collecting information? For that matter, do we need to really collect everything and sift through it to find that needle in the haystack as the press has been going on about? As I remember it the players have pretty much been known quantities even after the advent of the internet and the FISA court was a good tool in keeping the government on the straight and narrow with regard to taps and surveillance. In fact the FISA was set up to prevent another Nixon like abuse of the system. Now though it seems like the technology has outstripped the ability of a court like FISA to really watchdog the watchers and has become more of a lapdog than a pitbull. Remember that the FISA court was being end run quite a bit during the Bush administration because it held them up in their eyes. What then happened was the Patriot act and other mechanisms to make it easier for the LE’s and IC’s to just get what they wanted without a warrant, something we came to know as “warrantless wiretapping” or “roaming taps” where the FBI and others could just start surveillance without a warrant for up to 72 hours. It all began there really and down the primrose path we all went.
Frankly the Congress in my eyes went along with all of this because of a couple reasons. The first reason was fear. The second reason was fear of not being re-elected. Both of these reasons are no good and completely spineless. What has happened is that we went from a country of checks and balances to a country with few of either because you can’t check or balance that which has been classified as secret can you? Of course I also blame the populace as well for not being engaged in their governance as well but in cases like this it is much more about things being done in secret and not about us being disinterested. The telling thing will be what happens from here. Will the populace demand some sort of accountability? Will there be a groundswell of support for measures to insure the government is not abusing this power they have in collecting all this data? Or will we all go back to sleep collectively and settle in to watch Survivor and probe our navels? Things will remain status quo unless the populace speaks up and does something about it and if they do not it is my opinion that we will keep sinking further into a surveillance state.
Anger
Anger is what we need now and it is anger we should be feeling over all of these revelations this past week. I want you all out there to take a long look back at our country’s actions and laws since 9/11 and think. Do you really want to be represented to the world by the actions of total information awareness and prevarications by John Yoo that torture is acceptable as a common practice? Do you really trust that the government, law enforcement, and the IC’s will not overstep even more and abuse the system in place today for their own needs? Finally, do you really think that your government and those within it are that altruistic as to be all shining versions of Mr. Smith? I really don’t believe that you all think that that is the case so why would you just lay there and allow all this to go on without at least some kind of sunlight policy allowing the governed to know what the government is doing in their name or more to the point to the governed?
As for me well, I am just a dark bastard as some have called me. You might read this and think well that’s just him, but, I implore you all out there to take a step back and look at our history and the nature of human nature and then decide. I think you will all come to the same conclusion that this is the wrong path to be on. No matter how many times the players may tell you that the game is played fairly and for your protection ask yourselves and them to tell you how many times it has foiled a plot and saved us from ruin. If they say “well we can’t because it’s classified” then I want you to see them in a pair of plaid pants and white belt with matching shoes trying to sell you a car …because that is what they are doing.
Get angry and demand some transparency. Keep your eye on them because in fact you cannot trust them. Given the power to do what they like they will do so especially if there are no repercussions as it’s all classified. Alternatively though and in reality all you can do today is use encryption and take care with your communications if you do not want Uncle Sam and his pals to know about them. As I see it now they have a complete backdoor into everything and people start to use more encryption I would expect crypto to become a munition again….
But that’s just the dark bastard in me I guess…
K.
Deep Throat: The Outer Edges
Jz etgstrj Wtmfvl! X lsg pmj lsgzlv fs!
SOURCES
The FBI surveillance of 2 months of the AP’s phone traffic reminded me much of the heady days when Nixon and Hoover cornered the market on domestic spying. Now this is not to say that I think the current White House administration is in fact as demented about surveillance as Hoover or Nixon but I do think that it has been feeling more insecure about it’s ability to govern the way it wants to because of leaking. Take from that statement what you may but let me further say that once you have the ability to do something you tend to rationalize about doing it if that thing is perceived at all to be wrong. In the case of grabbing two whole months of ALL of the traffic for AP to “investigate” leaks I think the FBI/DOJ/WH et al rationalized quite a bit to just go ahead and do it and the consequences as well as the law be damned.
In a world where Wikileaks has opened up the floodgates to all kinds of materials being leaked whether or not they are relevant to any wrongdoing, I am sure the governments of the world have shifted back to the cold war mentalities of protecting everything they can with classifications and more secrecy. The current environment has the government scared, the advocates rallying, and the leakers becoming more plentiful and the motives for leaking myriad. In many cases though the leak is more motivated by personal gains in esteem by others (perceived) and perhaps even financial at times for those who are getting paid for information. Once in a while though, you get the leak that would seem to be the right thing to do. This is the case where someone leaks the misdeeds of the government or a corporation for the good of the many. Unfortunately though, in the cases of the leaks of late, it has been more a prestige motive or a political motive than outrage at some wrong doing.
Either way however, the leaking seems to have prompted a response on the part of the government that would have been a justified “leak” had someone given it to the media. The wholesale surveillance and fishing expedition on reporters, news services, and in the end, leakers who may or may not have relationships with those reporters. Sources have always been a core to the news business and the constitutional protections on freedom of the press have been an integral part to our democracy. This move by the Obama administration and the DOJ/FBI not only seems to be quite the overreach but also a not so subtle warning to both leakers and the press that they are playing hard ball. It seems that journalism has become just another casualty of the surveillance culture that the government now has it’s finger on and control over.
It is thusly that I bring this topic to the blog in hopes to enlighten the reporters as well as the leakers out there on some OPSEC and Tradecraft that could make their leaking more secure even if the government decides that they should cull all of the media’s access for months if not years. All “sources” out there are now subject to having their anonymity blown by such action as the surveillance of the AP phone logs whether or not they are in fact leaking information that they shouldn’t be according to their employers or governments. If I were a source I would now certainly think twice about giving any information to anyone unless I had taken great pains to insure the transactions are secure if not in person and unseen like in the clip at the top of the page from “All The Presidents Men” Such interactions though all require a certain care that must be learned as they may not come as second nature to many unless you are just a paranoid to begin with. However, there are many technical countermeasures and tricks that one can learn if you look in the right places for the information.
SURVEILLANCE
Surveillance is as old as the hills but now it is augmented by so much digital methodology that it seems rather quaint at times to consider that someone may in fact be following you. Today one can carry out an effective surveillance on an unknowing target by merely booting up a program and connecting to a system that shows you the GPS coordinates of where you are. This is of course so readily available now because we all have taken to having our own personal GPS unit on us at all times in the form of a cell phone. Since we have made it so easy not only with GPS but also tweeting, Facebooking, Tumblr-ing, and generally streaming every second of our lives online (exceedingly poor opsec kids) it is surprising to me at least that we don’t see many more cases in the courts where freely given personal details online were the source of the probable cause to arrest someone if not the actual proof in a case of committing a crime. Basically we have given up much of our privacy already to little brother and sooner or later BIG BROTHER will re-legislate to allow themselves more access to the same streams. When this happens we need to all worry, but for now they will be happy to just secretly wiretap or to secretly subpoena your records and use them that way.
Still though, there are times when surveillance still means a guy with a camera or a team of people following you around. For those times I suggest that you start to learn countermeasures for surveillance. The book linked is a good start to understand not only surveillance techniques but also the direct actions you can take to defeat it. Of course once again I have to remind you that you need to have good OPSEC (Operational Security) and Tradecraft in the first place (like presence of mind to not have your phone with you and on for a GPS location lock) to also obfuscate your position and prevent being watched. Remember, if you don’t want to be compromised you have to be mindful of the threatscape. This of course also goes for the digital landscape as well, you have to know how to prevent data leakage in order to keep things secret.
TRADECRAFT
So you want to keep things a secret? Well then you have to learn how to take due care in everything you do. If you are looking to compartmentalize your life it can be done but you have to be mindful all the time of making slips that could unravel all your best laid plans. You need to study “Tradecraft” which is an espionage term and is not something that is just picked up, you have to practice it in order for it to work. If you want to leak information or you want to keep a a portion of your life secret then you need to learn from the links below to secure yourself. Online this means doing such simple things as using encryption on emails that you do not want Google or the DOJ to read or by using an encryption product on your phone or your chat sessions. What it comes down to is your security is what you make of it. If you do not do the work then you aren’t secure. Remember that all of your lives now are broadcast through internet, phones, cameras and the like and none of those things do you actually own, you pay for a service and the data you send is not really yours once you hit send in many cases.
What was once thought to be true, primarily that you have privacy in your effects and papers is no longer really the case where digital media is concerned. The courts have taken different approaches and interpretations on “papers and effects” where computers and the internet are concerned. One apt analogy is the old garbage on the sidewalk scenario. Once you put your garbage on the sidewalk for pickup it is no longer considered private. You are basically putting it out there for anyone to grab including the government or LEA’s. The same idea is being floated in the terms and agreements with digital media. If you send an email to someone is it really private? Does the carrier (Google say) have any mandate to consider your data private when it sits on their servers that they “rent” you? It’s their asset right? Unless you take pains to protect that email with encryption then you are just as much putting it on the sidewalk as the garbage according to some interpretations.
Overall, you need not be a leaker to take up these precautions and protect your privacy. This incident with the AP records though only shows you just how far a reach the DOJ is willing to take on records like these. Of course if you have been paying attention over the years since 9/11 you would know that many NSL’s (National Security Letters) were sent to the likes of Google and other places demanding end users records and forbidding the company any redress to tell the end user or to fight the demand because the request was considered “CLASSIFIED” by the government and law enforcement. So, if the government can just do that, classify it, and make it disappear what else are they likely to do when they want to have a looksee at your chat logs huh? The electronic spook genie is out of the bottle and running amok. It’s up to you to prevent it from running rough shod over you.
K.
Reading resources:
COUNTER SURVEILLANCE TECHNIQUES
BURN PHONES
FACE TO FACE MEETING OPERATIONAL SECURITY
BURN COMPUTERS/TABLETS
ALTERNATE IDENTITIES AND LEGENDS
OFF THE RECORD MESSAGING (OTR)
SILENT CIRCLE CELL AND MESSAGING CLIENT
The Digital Posse Comitatus: Or How Generals Obfuscate and Inveigle To Congress
Posse Comitatus
NSA, Black Chambers, and MAE’s with NARUS STA-6400’s
The recent article on wired.com about the Senate hearing with General Alexander (NSA) was an amusing. In it, they link to a video of the testimony before congress by Alexander on the issue of interception and surveillance of digital traffic in the US by the NSA and thusly, the DoD by way of alleged hardware and processes by NSA. This ability to do so has been around for some time in the digital age we live in now and really came out when Mark Klein came out of the closet on the NARUS system at the MAE he worked at. However, way before this, the CIA and other agencies had such things as “Black Chambers” to open your mail or to look at your faxes/cable traffic via back door deals with the companies that made those technologies available. So this is nothing new in theory, just the actual practice of it has changed through the nature of technologies.
So, when I see the General hemming and hawing, obfuscating and inveigling about “how” things are done with the FBI as the internal acting body for surveillance and investigation after filling out paperwork, I have to snort and say “Liar” Or at the very least “obfuscator” The truth of the matter is that the NSA has the capabilities and the hardware but there is supposed to be a firewall against all of this happening (though there have been other whistleblowers from NSA who say otherwise) but, post 9/11 the lines have blurred considerably at the order of GWB.
Post 9/11: Bush Opens The Floodgates
There are stories of a room full of alphabet agency heads with GW when he told them all of the old rules applied no more. Domestic surveillance and all of the old rules were being thrown out the window and from what I heard, they were all kinda aghast at hearing it. What GWB was open the floodgates to the world of warrantless wiretaps and surveillance culture we now have and diminished the lines between military and civilian agencies collection and alleged sharing of data. In the case of the NSA though, the abilities were always there to monitor the traffic of the US, remember, how much of the infrastructure is indeed here? No, the only firewall was a rule set that said “thou shalt not listen to these people” and that was it. Post 9/11 though, because the 19 hijackers were here, they decided that the needs of securing the nation, rested on that firewall being turned off.
So it was that it steadily has become easier for the FBI and others domestic and military, to use the technologies at the hand of NSA and others to monitor the digital infrastructure. Ostensibly at first there were to be FISA courts and warrants, but, over the years as you have seen in the news, such things have become less and less used and the system negated. In the case of FISA, the FBI used it less and less, and in the case of the NSA, well, they never needed it because there weren’t “technically” allowed to monitor US Citizens right? This is not to say that they are always doing such things, but, you know that some have and it depends on the cases that they are making.
Remember, all of this is ostensibly to protect the nation from another 9/11.. And that the masses today are more often than not, oblivious to the precedents being set. This does not mean too that the NSA is just abusing these capabilities all of the time, nor is the FBI, in asking NSA for such intercepts.. But… Who watches the watchers really? Oversight committees only see so much and for those of you who say it is inconceivable I shall point to earlier history with Nixon and others as proof that it is not. So, if you wish to believe that it is all for our own good, and that terrorists like you see on NCIS are all being caught by these means legally and with honor, so be it.
Just know that people are fallible and the processes are so loose now with secrecy levels as never before to make things that do happen, never see the light of day whether they were right or wrong in the end.
NSL Letters and Warrantless Wiretaps
Today we have Anonymous making the waters muddier than ever before as well as a myriad of other security nightmares going on. Much of what goes on that requires the FBI to look into it is indeed illegal actions on the part of individuals and groups. On the terrorism side for instance there are many alleged “lone wolves” out there, jihobbyists really, who are mentally unhinged enough to want to plan and act out that require surveillance. These types of activities require the laws we have in place and the NSL letters and FISA warrants kinda eventually went out the window because they were too slow for the feds allegedly. Just as well, there were issues with the warrants filled out being overly broad and not having sustainable reasons for their being sworn out. Was it just laziness on the part of the feds or did they just want to obfuscate because they “wanted” them to go through because had they filled them out right or at all, they would have been denied?
Today we have cases of warrant-less wiretapping going on as well as the recent warrant-less GPS issue that was overturned by the courts and thus the FBI had to turn off some number of GPS units in the field. But hell, really. what’s the point when your cell phone does all the GPS tracking for you huh? Everyone today pretty much has one that does it and it’s likely on because you are not thinking about the fact that you are tracking yourself every 8 seconds by just owning the damn thing and having it on. So, once again, it comes down to the grey areas here where privacy is really only what you make for yourselves. In the case of an NSL letter or a warrantless wiretap, well, you won’t know about it until you are van&d right?
Generally though, I do not believe that people are being unjustly convicted yet or being watched en mass.. However, the environment is ripe if you tweet something that gets someone’s attention right? It’s when I say this or think about this, is when I think of Nixon and the odious things he was doing with Hoover and the FBI as well as his CIA plumbers. Some may feel that this is the same feeling today that they are having where all of this is concerned.
Watching Alexander Dance Reminds Me Of That Scene In “Clear and Present Danger”
Going back to the testimony by General Alexander I find it particularly interesting that the senator brings up Posse Comitatus and Alexanders reaction to that. I had generally thought that Posse Comitatus was kinda dead anyway, but, it is an important question to ask now about the digital domain today. NSA has it’s civilian portion but generally it is a military arm run by a general. By asking about domestic surveillance, the senator is breaching an important question about how the military wants in on the digital battlespace and just where that will be fought. Can one, in the digital age insure that battles by the military will only be carried out in servers outside the continental United States? The short answer is no, and one has to argue then that the military could very well be fighting battles within the US (networks) and would this in fact contravene the Posse Comitatus act?
It’s an interesting puzzle to look at and I am thinking perhaps the Senate is beginning to have a light bulb go on over their collective heads about it. Though, it is my thinking that the general was not being as literal minded or truthful about the intricacies of what they were asking for an answer about. In my opinon he sidestepped it a bit and I am sure others out there will differ with my opinion. In my mind though, the crossing of the Posse Comitatus line where this type of intercepts are concerned was long ago broken by the administrations desire for “security”
Don’t get me wrong though, I agree, that there are times when this is quite necessary, but, there should be rules and processes.. Unfortunately in the case of the FISA court and FBI, we have seen where it was contravened repeatedly, so who’s to say that the NSA is any different? Overall though, the scene reminded me of “Clear and Present Danger” where Jack Ryan is asking for “training money” when in fact he has been set up and is actually getting money for Operation RECIPROCITY. It was at that time that the senator asks him if he’s telling the truth and that they had heard this all before during Viet Nam.
Where does the truth of it really lie? Will we ever know?
IT’S FUCKING BAMFORD YOU FUCKWITS!
In the end, it was an interesting little video and I really wished that the players could even get the little details right. For your edification Senators and General Alexander, the writer’s name is James BAMFORD I am pretty sure that Alexander has heard the name before and I think he kinda just got a giggle out of the cluelessness of the senator asking the question. Bamford though, does his research and he knows his shit, so, I will lean toward believing him over the testimony in this particular video. So NSA is building a new facility and some have pointed out that it could in fact enhance their abilities to surveil domestic actors or, just suck up the internet traffic as a whole. The likelihood is that the capability is there, but once again, the laws and the rules say that they cannot “use” such data.
Read between the lines on the testimony.. The tech is there.. It’s the rules that say they cannot use it.
Your mileage may vary on what you choose to believe the intent and the follow through is.
K
9/11/01 Ten Years Later: Thoughts On The War On Terror
9/11/11:
Recently, I found myself on NPR speaking about 9/11, ten years later and some of the experience has dulled to a point where I no longer feel like I have some sort of PTSD. However, in talking about it, I began to think about how things are going with the war on terror low these many years later. With the recent events of killing Osama Bin Laden, and the roll up of other key players (be they arrested or in many cases, killed by hellfire missiles shot from UAV’s) I have to say that I am feeling somewhat optimistic about the war on terror.. At least from the perspective of breaking AQ’s back so to speak.
We have seen over the past few years particularly, a movement (AQ) that has been foundering because of more than a few factors;
- The net is tightening around them, more countries are getting more agile at intelligence sharing
- Their aegis of caliphate and jihad is being dulled by the Arab Spring
- Their titular leader OBL is dead and their new leader is perceived as the old man who yells at you to get off the God Damn lawn by the foot soldiers
- They are having recruiting trouble because it is harder to get to their ‘training’ countries. This is due to much more monitoring on borders
- AQ as an organisation has been marginalised due to its own set of strict rules
- AQ has, once again, been marginalised or contained. Its message is more diluted as many spin off (splinter) orgs have formed
- The takfiri movement is failing, not too many takfir want to be shahid suicide bombers
- New converts are not finding themselves similarly motivated to become shahid for the movement by wearing the vest
- The online jihad has been foundering, they are not technically as adept as they would like to be and keep getting shut down
- Due to being shut down online much of the time, they are not able to recruit and ingrain the “jihad” mindset as easily
- Due to the jihad being online, the converts are not as controlled by management, and thus there is no re-enforcement of belief to make them act
So, in many ways, the war on terror has been effective in marginalising the AQ core, but, at the same time, new groups have popped up. Lone wolf attacks (radicalising online and acting) is the predominate way that AQ/AQAP have seen as the future of the Jihad. I have personally seen them grapple with not only the technology but also the propaganda war itself in their magazine “Inspire” They have been trying to figure out ways to propagandise, radicalise, and re-enforce the word of Jihad by keyboard as opposed to the Madrassa . This in particular is problematic for them as they are used to that madrassa method. By getting kids in the door at a young age, abusing them, and only teaching them the wrote recitation of the Koran in tandem with their particular spins on Jihad, had they created so many shahidi. It’s just not that simple online trying to reach out to more Western minds who have not been controlled in such a way.
Instead, what we have seen is an increasing number of mentally unstable individuals (Emerson Begolly, Malik Hassan, Richard Reid, etc) be drawn in by the propaganda online and then go on to commit “lone wolf” acts of terror. Frankly, these people are no more a real terrorist threat (these radicalised and mentally ill folks) than the average spree killer. However, since they hang their hat with the Jihad and AQ, then, they become more of a perceived threat to the masses.. Erroneously I think.
The Elephant With Its Trunk In Our Collective Coffee:
Reflecting on all of what I state above, I then find myself pondering the costs of those wins for us. Two wars ongoing for those 10 years, our nations economy failing rapidly from the outpouring of money into said wars (and of course all of the other malfeasance that happened with wall street, bankers, etc etc) that at present, just seem to have no end. Can we in fact do anything in Afghanistan substantively? Or, are we just the next country to fall into a morass and not heeded the history of the region as well as the immortal words of Vizzini in Princess Bride “never get involved in a land war in Asia” So many have failed at trying to tame the region and all have fallen to a tribal society that has not changed that much in a thousand years. Add to this that we have just come off looking like the new brute occupying their lands, and we have the trifecta of imminent failure.
Meanwhile, at home, we have, over these ten years, traded our freedoms for perceived security. There are so many arguments to be made here, but, I have to say that there have been excesses and misuse of power. Our government has become ungovernable and radicalised into three parties, and we the people have little say any more because corporations are now “people” according to the court system (just look up the idea of the ‘super pac’ *see Steven Colbert for more) We have indeed traded security for privacy and the right to be a part of how we are governed by our own apathy.
Frankly, its rather scary. Of course all of the losses to privacy can be directly attributed to 9/11 and the land grab after it within the intelligence collective and government’s desire to outsource those same collection means as well as war-fighting capacities (Xe aka Blackwater ring a bell?) I’m afraid that much has been done in the name of liberty and freedom that we as a people might not like so much. So it is kept from us by over classification and secrecy. The panoptacon has been built around us all and, like the frog in the pot, we just don’t feel the heat as we are too happily playing with our new iPhone.
Are we really more secure from these enhanced rights the government has? Or is it that we have prosecuted the war in a much better way intelligence wise as well as boots on the ground to stop these guys in country? It seems to me, that back in the day the NSA could do all of this type of surveillance on other countries and it was all good. Now, they see everything and have the right to work in the US…
So just how many of these terrorist arrests were made in the US?
How many US jihadi terrorists were caught by the FBI due to the enhanced continental powers granted?
Am I just missing all those headlines? Because I am not remembering too many plots being stopped here. So, yes, we have traded privacy for a perceived security by allowing the government carte blanche… And no, we are not better off for it.
Of course now with the advent of Anonymous and LulzSec, we have a new kind of terrorism (albeit one that has not been uttered yet or legislated into existence) Just how long will it be before we see this happen? All of it proves though, that there is no fool proof way to insure security. We, as a people need to understand this and come back to our collective senses. Look at Europe, specifically look at England..
Do you want a camera on every corner? (almost there)
How about shotgun mikes? (almost there too)
The infrastructure is being built around you fellow frogs… Time to talk to your legislators about this if it concerns you.
Looking Ahead:
As I see it, the days of AQ are starting to wane and the days of the crazy lone wolves is just the same as it was before. All the attempts at radicalising have failed really to raise an army. I think we are winning the overall battle against Jihad… But.. We are losing the battle for our own country. Ask yourself this though; “Once AQ and the like are gone, just who will all these methods and technologies be turned toward? With no major enemies to watch, will it all be decommissioned? Somehow I doubt that.
For every time someone mentions how Facebook is so perverse about personal privacy, please take a step back and think about the government under which you governed. With all of the morass we find ourselves in, and how much we complain collectively about it being the governments fault, please ponder that said same government has the technologies available to do whatever they like and then mark it secret. Never to see the light of day.
I do hope the war on terror ends, but I shudder to think about what will happen after it does.
K.
The Hidden Wiki: Between The Layers of The Onion Router Networks
Inside The Onion Darknet:
Someone recently pm’d me online and asked if I had ever heard of “The Hidden Wiki” They said that they could not believe what they were seeing because they had just perused an ad that purported to offer “hired killer” services. This person immediately thought it was just a trap or a joke, but, it turns out that hired killers are just the tip of the iceberg within the TOR arcology. The TOR network it seems has become the new ‘Darknet’ hiding sites within the onion router networks themselves, totally anonymous and offering every kind of illicit trade one could think of including pedophilia images. There are innocuous sites as well, but there seems to be quite a bit of content (links within the wiki and pastebin’s that offer up nasty things.
How, you might ask, is this possible? Well, it is because of the nature of TOR itself. The Onion Router Network was a project started by the navy to anonymize internet traffic. Once it was set loose to the masses, it was upgraded and brought to the masses as a means to surf the web anonymously. This is done by using a series of routers (which you can set up yourself on any machine with the software) to receive and direct traffic anywhere online without any kind of record where the traffic came from once entering the TOR node network. (see diagram)
Once inside the system, unless under specific circumstances, you cannot be tracked. There are methods to obtain a users real IP address but they are hard to implement. So, with that said, the TOR system seems to not only allow people to access content on the internet proper, but now a secondary internet has been created within the tor nodes themselves. It would seem that perhaps this secondary internet could either be a haven for good data, or bad.. And from what I have seen so far, its mostly bad. The illicit trade of pedophilia being the worst of that ilk and it would seem that the purveyors think that they can do so without any hindrance because it is on TOR.
The Marketplace, A Digital Mos Eisley:
The Wiki offers many services, most of them seem to be driven by ‘Bitcoins’ and you can even find software to mine bitcoins as well as create them within this space. One has to wonder if you can really hire a hitman here or if this is just a BS post for the Lulz, but, other services seem straight forward and their sites are working. These services also include a wide spectrum of hacking as well as alleged DD0S/Botnet offerings as well. My first thoughts about all of this tended toward the idea that Anonymous must be like a kid in the candy store here, and then I began to search for them. It did not take me long to locate some sites that were ‘Anonymous’ themed as well as dumps of all the LulzSec hacks as well as a full mirror of Wikileaks dumps.
Here are just a few of the services offered in the Marketplace:
* Contract Killer - Kill your problem (snitch, paparazzo, rich husband, cop, judge, competition, etc). (Host: FH)
* BitPoker v1.93 - Poker (Bitcoin). (Host: FH)
* Buttery Bootlegging - Get any expensive item from major stores for a fraction of the price! (Host: FH)
* Stat ID's - Selling fake ID's.
* Bidcoin - Like Ebay. We increase the gross national product. (Host: FH)
* Video Poker - A casino that features "jacks or better" video poker. - DOWN 2011-08-07
* Cheap SWATTING Service - Calls in raids as pranks. (Host: FH)
* Data-Bay - Buy and sell files using digital currency.
* The Last Box - Assassination Market (Bitcoin). - DOWN 2011-08-07
* Pirax Web DDoS - Take out your enemies in seconds. (Host: FH)
* Hacking Services - Hacks IM and Social Nets, does DDoS, sells bank/credit/paypal accounts. Se Habla Espanol. (Host: FH)
* Email Hacker - Hacks emails (Bitcoin). (Host: FH)
* CC4ALL - Selling valid Credit-Cards. Most from Germany. (Host: FH)
* Slash'EM online - Super Lots'A Stuff Hack-Extended Magic tournament server (Bitcoin).
* Rent-a-Hacker - Pay a professional hacker to solve your problem, destroy your enemys. (Host: FH)
* BitPoker v2.0 - New version of poker (Bitcoin). (Host: FH)
* BacKopy - Sells game, software and movie discs (Bitcoin). (Neglected status note) - Broken 2011-08-07
* The Pirates Cove - Classifieds. (Host: FH)
* BitLotto - A lottery using Bitcoin. (Host: FH)
* Brimstone Entertainment - Escort Ads, Strippers, Adult Entertainers. (Host: FH)
* Red Dog Poker - Play a simple game of poker (Bitcoin).
* CouponaTOR - A service for getting retail coupons created (Bitcoin). (Host: FH)
* Virtual Thingies - Buy virtual goodies like premium accounts, usenet access or domains (Bitcoin). (Host: FH)
You can also get a range of services like chemicals to make as well as tutorials how to make and sell anabolic steroids not to mention pages and files on weapons and explosives. Anarchy it seems has found a new digital home. One wonders just how long it will be before the onion becomes a home for jihadi’s as well. I suppose if they aren’t already, it’s only a matter of time until they are hosting their own sites in here as well. The real problem is navigation though for anyone looking around. Which makes this all the better for those seeking to be anonymous and stealth. There are a couple of search engines on the wiki, but due to the nature of TOR, one has to list their site in order for it to be found, so, I assume there are many sites out there that are only known to a very select few.
Paedophiles LOVE Anonmymity:
Meanwhile, it seems that there may be a bit of a war going on between the paedo’s and the hackers within this space as well. This particular page on the hidden wiki had recently been hacked and taken down, but, within a day or so, it was back up online serving out links. The FBI is aware of this site and others that I passed along to them, but, they are once again hard pressed to do anything about it because of the nature of TOR. It would probably be a safe bet though, that they have been monitoring these sites for a little while as the agent I spoke with already knew about the hidden wiki and some of the links forwarded. I guess that things though, are steadily growing on the onion darknet so new stuff is being put out there all the time.
All in all though, this is just another battlefield that the authorities must learn to fight in. Personally, I am with HD Moore in thinking that there may be some way to put a stop to all this… But, when he posited the idea it was 2007. Its almost 2012 and we still have the problem. All I can really hope for is that the decent hacker types living within this liminal digital space will keep taking these sites down and making the paedo’s lives miserable in the meantime.
Anonymity For Better For Worse:
On the flip side of all this is the idea that we need to be able to be anonymous online. I agree with this, I mean, I use TOR every day, but, anonymity is a double edged sword. As you can see from everything above, that very same anonymity that is protecting those who need free speech, or other protections it can afford, are also faced with the darker side of the technology. This space still seems to be fairly new in the sense of services, chat boards, paste sites, and other more normal internet style applications, but, in the contained anonymity that the onion network is giving them, the end users just mostly seem to be using it all for darker purposes.
And this will make things more difficult for everyone else as governments seek to destroy the privacy as they see more of this type of activities going on to use as excuses to peer into them.
K.
Krypt3ia 
The DARKNET: Operation Legitimacy?
leave a comment »
gaiuaim ioi dui pln!
The DARKNETS…
The “Darknets” You’ve all heard of them. Some of you out there may have traversed their labyrinthine back alleys. However, have you ever thought that someday the darknet would be just as legitimate as the “clearnet” is today? With the recent bust of DPR and the Silk Road there has once again been great interest in the “Deep Web” and this interest was sparked once again for me too. It seems that the darknet is the new black once again and people are flocking to it just like onlookers at a traffic accident. Others though seem to be aiming to use the darknet technology (TOR and hidden services) to support free speech and to pass information as a legitimate whistle blower.
Still Mos Eisley but….
I loaded up TOR & Tails and took a trip once again into the digital Mos Eisley. It is still dark and full of crazy things and if you go there you too will see black market items, services like Assassinations for Bitcoins, and run of the mill blogs. You can (allegedly) buy just about any kind of drug in quantity just as easily as buying/mining bitcoins and paying for your drugs with them. All anonymously (once again allegedly as you can see from the DPR fiasco) via the Onion hidden services and backed by other services from anonymous email on TOR to bitcoin exchanges. However one can now see other sites out there that aren’t so black market oriented as well.
One such site is pictured above. The New Yorker decided post Ed Snowden’s revelations, that it was a good idea to put their new “secure dropbox” on the hidden services. This is a legit site that has been talked about on the clearnet as well as in the media a couple months ago. This is one of the first more legit sites I have seen out there that is offering a secure means to talk to reporters using the security that others on the darknets are using to carry out illegal activities. I have yet to really look at the site’s security but overall I see this one site being the key to showing others out there how the darknet can be used for something other than crime. Of course then again, if you ask the Obama Administration even this site could be considered illegal or an accessory to illegal leaking I guess. It’s really a matter of perspective.
Gentrification?
So what about other sites? What would you out there use the darknet for that is not “illicit” but requires some security and anonymity? I can foresee other sites popping up perhaps in the arena of free speech or even political movements that might like this model to pass their ideals on. I honestly think this is a turning point for the darknet. Of course this is all predicated on the darknet being “secure” after the revelations from the Snowden Archive of late. It seems the NSA is really trying pretty hard to de-anonymize anyone they want to and would love to have it just not anonymous at all. Well, let me re-phrase that.. Have them THINK it’s anonymous while it is not so much to the NSA.
Other sites out there include an online Koran as well as all kinds of other non criminal sites that are.. Well.. Kinda goofy or fringe. I think that perhaps now things might shift as the technology becomes easier to manage making it easier with global connectivity for us all to hang up a shingle in the darknet.
Time will tell though I guess…
K.
Rate this:
Written by Krypt3ia
2013/10/14 at 18:50
Posted in 1st Amendment, A New Paradigm, Anonymous, Commentary, Conspiracy Theory, Crypto, CUTOUTS, DARKNET, Digital Ecosystem, Disinformation, Game Theory, Infopocalypse, Insurgency, Panopticon