Archive for the ‘Wikileaks’ Category
Once again we find ourselves following the story of a new uber dump of data on a Friday (Fuck FBI Friday’s) as they have been dubbed by the skiddies. It seems that 4cid 8urn, C3r3al Kill3r, and Zer0C00l once again have failed to deliver the goods in their #antisec campaign with their ManTech dump. ManTech, for those who don’t know, is a company that handles defense and government security contracts for such things as secure networks etc. The skiddies decided to try and haxx0r the Gibson and get the goods on the bad bad men at ManTech.
Once again, they failed.
The files are mostly UNCLASS (kids, that means UN-CLASSIFIED mmkay?) with a few SBU (Sensitive but UNCLASSIFIED) as well. Many of the files are just documents of finances, bills, resume’s and email addresses that frankly you could get with a good Googling session. Again, we are not impressed by this crap Lulz skiddies. I have told you once, and now I till tell you again, you are failing to deliver anything of interest really.
Now, if you were real APT, then you would have used the data in the excel sheets to create some nice phishing exploits and then gone on to root some good shit. But no, you aren’t that advanced are you? You just want to do the quick hit and dump your ‘booty’ to collect the love from your adoring, albeit stupid, fans. I am sure some of them are at home now wanking off to the idea that you have really stuck it to ManTech and by proxy ‘the man’
Well, you haven’t.. Not so 3r337 as Raz0r and Bl4d3 say.
What you keep failing to understand are sever key things here:
- The good shit is in more protected systems, ya know, like the ones Manning had access to
- You have no idea what you are taking or what you are dumping! Bitch please, understand the classification markings!
- It’s only important to your ‘movement’ if the data actually uncovers bad behavior on the part of the government!
And it’s on that last point I want to harp a little more on. You guys say you are exposing fraud and devious behavior (other than your own subversive tendencies?) and yet, you keep missing the mark. There have been no cohesive plots outed by you other than Aaron and HB Gary’s little foray into creating 0day and programs for propaganda tools online.
Yay you!… ehhh… not so much.
You certainly did spank Aaron though, and for that my top hat and monocle are off to you. He rather deserved what he got for being so God damned stupid. However, you must all understand that these are the standard operating procedures in warfare (PSYOPS, INFOWAR, PROPAGANDA) every nation plays the game and its just the way of life. So, unless you get some real data of a plan to use this type of tech by the US on the US, (other than Rupert & Co.) Once again, I am not really so impressed.
Of course, you have to know that you are now the target of all of those tools right? Not only by the US, but other nations as I have mentioned before. Do you really think that you have not opened the door for other nation states to attack using your name? No one mentioned yet that you are now considered domestic terrorists and could even be considered non domestic after you get caught? You have opened Pandora’s box and all the bad shit is coming.. And much of it is going to be aimed straight at you.
The ironic thing is this.. You have delivered shit. It’s the idea and the cover you have given other nation states or individuals that is key here. You say you can’t arrest an idea… I say certainly not! BUT They can arrest YOU and then make that IDEA not so appealing to the other skiddies once your prosecutions begin on national TV.
So keep it up.. That hornets nest won’t spew hundreds of angry wasps…
WikiLeaks cables: Russia ‘was tracking killers of Alexander Litvinenko but UK warned it off’
Claim that British intelligence was incompetent will deepen diplomatic row sparked by move to deport MP’s Russian researcher
From the Guardian
Russia was tracking the assassins of dissident spy Alexander Litvinenkobefore he was poisoned but was warned off by Britain, which said the situation was “under control”, according to claims made in a leaked US diplomatic cable.
The secret memo, recording a 2006 meeting between an ex-CIA bureau chief and a former KGB officer, is set to reignite the diplomatic row surrounding Litvinenko’s unsolved murder that year, which many espionage experts have linked directly to the Kremlin.
The latest WikiLeaks release comes after relations between Moscow and London soured as a result of Britain’s decision to expel a Russian parliamentary researcher suspected of being a spy.
The memo, written by staff at the US embassy in Paris, records “an amicable 7 December dinner meeting with ambassador-at-large Henry Crumpton [and] Russian special presidential representative Anatoliy Safonov”, two weeks after Litvinenko’s death from polonium poisoning had triggered an international hunt for his killers.
During the dinner, Crumpton, who ran the CIA’s Afghanistan operations before becoming the US ambassador for counter-terrorism, and Safonov, an ex-KGB colonel-general, discussed ways the two countries could work together to tackle terrorism. The memo records that “Safonov opened the meeting by expressing his appreciation for US/Russian co-operative efforts thus far. He cited the recent events in London – specifically the murder of a former Russian spy by exposure to radioactive agents – as evidence of how great the threat remained and how much more there was to do on the co-operative front.”
The memo contains an observation from US embassy officials that Safonov’s comments suggested Russia “was not involved in the killing, although Safonov did not offer any further explanation”.
The rest HERE:
With all of the raw data dumps from Wikileaks and the furor surrounding them in the press around the globe something important has been rarely pointed out. The important point is this: All intelligence, even observations in state cables like the ones Wikileaks is putting out there, need to be read by individuals trained to “analyze” what is said. This is often performed by any of the intelligence organs of the state and likely did get done when these were secret. Now of course, they are off of the reservation and in the open for everyone to read and make poor conclusions on.
In the above cable release we have what seems to be data that says our man in the UK Crumpton, met with and believed that the Russians had nothing to do with the murder of Alex Litvinenko. In fact, the information says that MI5 fucked the pooch and told the Russians to back off because they had it all in hand. While this may sound reasonable to some, it is of course not so much the assessment I would make after reading this cable, I mean, look at the source. A “former” KGB operations man is telling the Ambassador that the Russians had nothing to do with the killing of an ex KGB agent who poked his finger in the eye of not only the KGB, but also Putin? You mean to say that “nothing” is going to happen to someone who does that and then defects to the West?
Taken at face value, this cable may read to many out there as others did Litvinenko in and the Russians (who are always open and honest with us) had in no way anything to do with it either state sponsored or even Russian Mob related. In short, Pooty Poot was a huggy bear and we, the US and Russia were the best of friends. Perhaps though, it was just the stance at the time to blindly accept such data as the straight dope (Bush Era cooperation with Russia in the War on Terror) Or, perhaps the ambassador just put what “could” be said in this cable and then made a full and frank report in a more secure fashion back to Langley (which is what I lean toward)
Here’s the analysis as I see it from this cable:
1) The US and Russia were on better terms by 01 with Bush looking into Putin’s soul via his eyes. Why rock the boat here huh?
2) The turf of MI5 has been the equivalent of the “Year of the Spy” (1985) It has not been so active of a playing field since the cold war.
3) Politically, this was a hot potato. If the US pushed the issue and sided with Britain, it would cause more friction that the US did not want. This kind of killing had not been seen in the UK since 1978 and the Markov Affair.
The summary analysis per this cable: “There are doubts that the Russians did this, lets not push it” and if you remember now, the US did nothing really to push on the Litvinenko affair. There was no stern call out nor any back room dealing to get anyone on UK soil that they really wanted to talk to (Lugovoi) So, it went the way of the cold case really. Litvinenko’s wife is still trying to get the truth out but no one seems really interested in poking the “bear” to get the truth to be told.
So, the net result of this cable’s release? Well, I am sure that many people will read it and not be able to analyze it properly to see the truth of the matter. The same should be said about all of the cables being released by Wikileaks, an alleged news organization that fails to provide any context on the “reporting” they claim to be doing. Without analysis, you really don’t get the whole picture.
Well, it’s been an interesting week hasn’t it folks? We have Wikileaks leaking interesting if not, not earth shattering cables from US embassies around th globe. We have the US’ knee jerk reactions that are akin to a young girls naked photos being leaked on her Facebook page, crying foul and shaking their impotent fist at the “internets”. And we have a court jester who it seems, may have bitten off more than he could chew this time around and has gone into semi hiding post claiming a DoS that many in the security field feel was “weak” as one put it.
So, lets cover my thoughts on the weeks events by the numbers…
1) Wikileaks and CableGate
Ahh, the infamous “CableGate” as the Wikileakers have named it for maximum effect. Cables that give the inside skinny on what people see as ambassadors and analysts in the foreign service of this country. After the dumps, I am still non plussed by the contents of the cables. Perhaps this is beacuse I read quite a bit and know people who have been in the service. Maybe its because the reality of the documents data is already common knowledge to those who pay attention to world affairs and read the news. Some of them though really do hold a few interesting gems on actions that we have taken with other countries that may seem to the layman, as being shifty or dirty.. But If you leave this country and actually work in others, you will see that sometimes you have to do things as it was once said before; “si fueris Rōmae, Rōmānō vīvitō mōre; si fueris alibī, vīvitō sicut ibi“
Is it so hard to believe that bribery is rampant in other countries such as Pakistan? Do you really think that Russians don’t hit the bottle really hard and then have gunplay as they make deals at weddings for territory and power? If any of you reading this blog are shocked and amazed by all this and that we as the United States have to placate these people with backdoor deals, then, well I just don’t know my audience, while you, the reader are exceedingly naive and should wake up to the realities of how the world works.
I’ll give you a hint right here, right now. There are no white knights, and Superman is a comic. “Truth, Justice, and the American Way” is just a saying that placates us to believe that we do things above board all of the time and as Dr. Gregory House says; “Everyone Lies” It’s just the reality kids. So, when the Wikileaks folks get their shorts in a bind over cables like these I tend to think that they are all Pollyana’s that don’t know what real criminality is because once again, these documents are not equivalent to the Pentagon Papers. Had Wikileaks dropped a bundle of docs that showed in clear and no uncertain terms that the WHIG, Cheney, and their ilk clearly fabricated every bit of data that they used to prod the US to invade Iraq, well, that would be another story.
But again.. We don’t have that do we? What we do have is some dirty laundry and that has tickled the fancies of us all because we abhor “secrets” Not so much that we hate them for their sake, but, that we want to know them! We are inquisitive and always love to be one up on the other guy. So after this big dump, where is the outrage? The protesting? The shoe banging by the UN and other nations that were promised?
Yep, no one really cares enough to say that these are all shocking and storm the government looking for redress. So, on that account I side with Jester and give it all a #FAIL Which brings me to the organization itself and its newfound pariah status. I will also go one step further and give a #FAIL to the United States of America’s efforts regarding Julian Assange, the INTERPOL’s new #1 bad guy.
2) Julian Assange:”No Glove, No Love Gate”
Julian Assange has issues I think. His issues stem from a great heaping load of hubris as well as ego, but, then there is the side of him that I think is just plain adolescent idealism. The idealism was what drove him to this model of Wikileaks, but soon enough, it was the ego and hubris that took over the drivers seat. What Wikileaks has become is more a terribly petulant child shrieking about not getting a lollipop than an organization attempting to change the world by “freeing the data”
The troubles that Wikileaks has had with attrition of staff recently shows that Assange has become drunk on the status of being able to poke at nations and get their ire. Its somewhat akin to a little brother taunting a big brother just for the attention that he craves.. Which reminds me of another party in this little passion play that I will speak of below. For now though, my focus is Julian and the United States of America’s play to have him become the next Osama Bin Laden.
The reaction from these dumps though on the part of the US Government have been poorly thought out at least on the face of it recently. By leveraging (assumed) the Swedish and other governments to put Assange on the “RED” list for INTERPOL, for alleged consensual sex sans condom (or perhaps rape, its fuzzy with all the reports out there as to what really happened) the US has only shown its weakest face. The charges are weak and the placement of someone being charged only with the crime cited, shows just how much the US would like to get their hands on Assange, but they know they don’t really have a case.
What’s more, these senators out there now calling for Assange and Wikileaks to be deemed a “Terrorist Organization” are just out of their minds to even attempt to propose such a thing. THIS shows though, just what Assange and others are alluding to when they say this government is corrupt and or over-reaching in secrecy, surveillance, and general use of chicanery.
And on that account, I am agreeing with Assange and Wikileaks. The us has in fact reacted like that big brother being taunted by the little one and is attempting to haul off and slug him without mom or dad seeing it. What’s worse is that I am sure the US is working on a plan to have Assange kept somewhere if not able to find a legal leg to stand on to bring him here to the states and put him on trial.
Of course there is the off chance that any country now might just be afraid enough of Assange as the titular head of the organization to not only allow the US to take him, but also for some, to just do away with him by having a “convenient accident” occur.
Some secrets, as countries and people do the mental calculus for them, are worth the price of a life or lives. No matter the laws or executive orders…
Of course Wikileaks current data does not in the least constitute anything close to one of those secrets worth whacking him. So, the show will go on trying to get him into custody. He will be the martyr to his followers and I am sure that Wikileaks will become an even more powerful organization because of the poor handling of this case. In the end, the US will only ham-fistedly attempt to cover up the fact that the SIPRNET system was not being monitored as per policy and procedures mandated by the military and government. This allowed for a low level PFC analyst to steal nearly half a million documents from an alleged “secure system” This very same government that created the likes of the DHS and TSA to keep us all “safe” from terrorists. I guess they just took a cue from the Bush administration and thought that a banner saying “mission accomplished” was just as effective at ending a war as a banner that says “This system is protected and may be monitored” was to protecting secrets.
Hubris and the emperor has yet again been shown to have no clothes.
So, my suggestion to the US government and the military would be to actually clean up their act and perform the due diligence that they need to carry out to protect their “secrets” from being stolen so easily and forget about trying to “get” Mr. Assange for this. The damage has been done and unless you do a better job at protecting the assets you hold, then sure as shit, its going to happen again and the next time, it may be even worse.
3) The Wikileaks Zeitgeist and The Hacker Manifesto
Meanwhile, an interesting factional fracture has taken shape within the internet and specifically, the information security community. This has been something to watch on Twitter specifically as people on my #flist have been polarizing between saying much the same as me and others who are diametrically opposed to the government, secrecy, and the call for free access to information. Why this is so interesting to me is that many of these people who are on the feed are in fact workers within the information security industry. In short, those who are tasked with securing peoples information on a corporate and sometimes government scale.
“This is our world now. The world of the electron and the switch; the beauty of the baud. We exist without nationality, skin color, or religious bias. You wage wars, murder, cheat, lie to us and try to make us believe it’s for our own good, yet we’re the criminals. Yes, I am a criminal. My crime is that of curiosity. I am a hacker, and this is my manifesto.” Huh? Right? Manifesto? “You may stop me, but you can’t stop us all.”
The hacker Manifesto by The Mentor
The above quote seems to be the zeitgeist for many of the Wikileaks proponents. The information must be free and flowing. I am afraid that the reality is much different from this credo. Even more astonishing is that anyone who does actually work in the security industry would not have some pause about what Wikileaks is doing and perhaps take time to insure that it is indeed being taken to task for its aegis. It seems to me at this time, post the machinations on the part of the US to deny Wikileaks access to DNS, and site hosting, that the screeds are somewhat warranted, but still, they seem naive to me.
Then there is the thought that anyone who is working to secure people’s data (which are secrets or confidential) might be more scrutinized by anyone employing them “if” they are overly vocal in support of Wikileaks, a smart person might take the middle road on these things. Instead I see more wailing and moaning out there than I do calls for re-organization and rigor in what Wikileaks is doing. After all, it is pretty much singularly run by Mr. Assange, and you know my pov on his psyche.
I think that the security community needs to take up this issue and really hash it out. There are some big issues that need working out.
4) Staying Frosty? Really? Doesn’t seem so…
Lastly, lets take a look at the events surrounding Jester. You all know that I had my run in with him back last January. He DoS’d me a few times (not hard to do on a single IP running a low rent file server really) and made calls out to everyone that I was a terrorist sympathizer. It became clear to him that he had screwed up on that account because he did not do his homework and find out who I was and what I do.
We had words.
In the end, I am still here and still doing what I do. I have my reasons for my posts and for the work I do here as does Jester for what he does. However, I still feel that his methods are trivial in the fight against terror and his psyche is more that of a person with poor impulse control than any ex special forces operator that he would like you to believe he is. I think his motivation is more driven by a need for attention than it is for actual disruption and dismantling of terrorist networks online. You see, were he a real operator, then I think it would be much easier to make your hits even more ominous (were they not only for 30 minutes at a time) by saying nothing. This would leave it open for much speculation that the governments of the world are indeed carrying out the cyberwar. Instead, we have the legend of a lone patriot hacker saving us all from internet terror… But his services are not that unlike Domino’s Pizza: you can get it for 30 minutes or less and only with a couple of toppings.
Now though, the stakes are higher as he has decided to up the ante and attack Wikileaks. Which, I think he has begun to now understand, that it may have been a tactical error in a number of ways. You see, at first he was just hitting undesirables, jihadist sites outside the country. Sure he was pissing off some in the intelligence community, but for the most part people ignored him because he was not performing any kind of substantive attacks that effected change. The jihadi’s kept on talking on the same sites that they mirrored. In fact, they moved on to other areas like YouTube and Facebook unabated and often completely in the open. The jihadists didn’t care, and thus his fame died down… Until he targeted Wikileaks.
Since his claimed attacks on WL, he has been in the news more and more. Of course the big question became was he the sole source of the attacks that ended up bringing a 10gig a second hose being aimed at the WL Cablegate site? Was there government involvement there? Was he actually capable without help in doing this kind of attack with his Xerxes product? Those were all the questions that were going through my mind and I am sure others within the security community. Well, here is one answer that I have dug up.
Jester and others had recently been talking about “server time” in the #jester IRC it is possible that the server time could be a source of the 10 gig per second data flow. I can foresee the installation of xerxes on more than one box and using the big pipe to do the hit. This is supposition on my part, but, he did indeed talk to Mach and rjacksix about a request in a chat transcript.
As stated by the media and certain security analysts when asked about the Jester attacks, the consensus was that Jester had not done a stellar job at bringing down Wikileaks and in fact, as I said before here, that the attack was “weak” So, was the 10 gig a combined effort on the part of the likes of “anonymous” or 4chan? We may never know.
Since the initial DD0S and claim by Jester there have been some interesting if not really odd events in the last week. The biggest of these being the tweet ostensibly by Jester that his house had been raided by the local PD and his equipment confiscated. Yet, he was still able to re-access the internet and create a brand new domain name “th3j35t3r.net” and twitter account @th3j3st3r from whatever resources he could get to get online. The new site at the new domain was a clone of his WordPress site and both it and the new twitter account began to post data BAU. Shortly thereafter though, the site and the twitter account began to speak of a “legal fund” that Jester had begun and in fact, that if he reached 10K of funds, he would port and release Xerxes to the public.
After two donations though (see picture at the top of page) one of them being from Tom Brennan ($100.00) from OWASP? and another for $50.00, the site was pulled down. The donations site was run through paypal and gofundme.com. Shortly after the take down, the domain began to forward to Jester’s original WordPress site. As this was happening, the original Jester twitter account made a statement that in fact the new site and twitter feed was an “imposter” and that he now had control of the situation. This begs some questions though as the domain suddenly and swiftly began to forward its DNS to Jester’s site. Just how did he gain control so quickly?
Or, was it under his control the whole time?
It’s my belief that Jester was in control the whole time, but as to his motivations in doing this? I have no real clue other than perhaps this was a false flag to get people off of the trail. I think that perhaps at this time, he began to realize that when Wikileaks moved their domain to Amazon, he was crossing a line he hadn’t before and committing a potential crime that the US law enforcement community would follow up on. Maybe he just lost his nerve a bit..
Perhaps, as I said before, his habits were actually starting to become his undoing… You see, his acolytes now might be his Achilles heel.
Jester has for some time now, hosted IRC channels in various places, but he had been frequenting #2600 #jester. In this channel he had conversations with people who drifted in and out. However, often he had a few key people he talked with.
One of them is @rjacksix
Robin Jackson (406) 422-4685 or 406-465-0354 Helena Montana
I know Robin from a rather bilious response on my blog as Jester was attacking me that said that I was a traitor blah blah blah. Rjacksix has been a chatty fellow and from his own accounts on the IRC and in other places, has claimed to know Jester well, has worked with him, and defends him when people dis his pal. The question I have is this.. Robin, are you in fact Jester? If not, then I am sure some people will be calling on you, if they haven’t already, asking just who he is. Several reporters and los federales have this data now too.. Perhaps you have gotten some calls recently? Like, say, Monday or Tuesday? Yeah…
Coincidentally, rjacksix and Jester have been missing from the IRC chat since Monday/Tuesday..
It was a critical mistake the attacks on Wikileaks, the attention is going to be trouble for you both, and now doubly so that one thing has happened. Someone, made the claim that they would port Xerxes and release it to the kiddies. You see guys, that right there is of MAJOR interest to the feds. They do not want this tool out in the open for anyone to use if they can avoid it… That is until they can come up with a means to combat the attack, which is already being worked on in certain quarters I am sure (pcaps in hand) So, the jig may be up either by your own hands Jester/Robin through this little stunt with the donation scheme. Even more so now that actual money was “donated” to the cause.
Oh well, Jester, you have the attention you have been seeking in spades. Your goal has been achieved for that. However, your techniques and your tool seem to have fizzled in really having great effect against either of your targets.
TANGOS NOT DOWN #FAIL
With all of the hullabaloo over the recent Wikileaks “Cablegate” dump, I felt the need to write my thoughts on the whole thing, including the elusive Mr. Assange. First off, I must preface that I am not opposed to a “Wikileaks” organization as it stands for shining sunlight on corrupt actions on the part of the government or corporations. However, my issue with the current system in place is that so far, none of the “leaks” put out really have anything to do with an overarching corruption on the part of any government or corporation. The net effect is that Wikileaks has failed to do anything but make itself a lightning rod for “alleged” corruption that when really looked at, fizzles into what seems more like self aggrandizement.
That aggrandizement would of course be the child of Mr. Assange himself would it not?
My impression of it all (after reading the docs including those recently posted) is that there are no earth shattering facts here. Nothing that has anyone at the UN or any other body banging their shoe against the desk and asking for redress. Nothing like that at all. In fact, these cables of late have been more revealing in an embarrassing way than they have been in any kind of criminal or secret revealing way. I ask you, who did not believe that China hacked Google? I mean that particular elephant has not only been in the room for a long time, but it has been sitting naked spread eagle for all to see.. If one knew where to look or just perhaps used Occam’s Razor as a litmus test of the truth of it all.
Nope, none of these alleged mind blowing cables did anything of the sort. No one I am sure who has half a brain is saying;
“INCONCEIVABLE!! YOU MEAN THERE WERE DIRTY DEALS BETWEEN COUNTRIES TO SMUGGLE WEAPONS AND DRUGS!?”
Or, for that matter, that Ambassadors would be asked to gather as much HUMINT as possible by being close to other state actors at the annual soirée’s that they attend? C’mon people, wake up and smell the diplomacy two step! This isn’t rocket science here, each country, each actor, each individual has their agenda’s and will do what they can to get their way. Just because people are not sitting down and trying to be all cuddly about it means that anyone is any more or less corrupt in doing it.
Human nature is human nature.
So once again, I say that nothing here is worthy of a Daniel Ellesberg moment.. Unlike what Assange would like you to believe. Sure some of this stuff is embarrassing and yeah, SECSTATE had to make some calls, but overall I don’t see this as overly damaging. After all, only 5% of the docs were even marked (S) here. I mean, you get the same kinds of data by doing specific Google searches if the servers have been mis-configured or people are playing fast and loose with the documents online. What is more embarrassing is that the likes of PFC Manning could in fact take 250K of documents so easily and NOT be noticed or blocked by the security measures in place. Perhaps the measures really weren’t in place huh? Now that would be a real slap in the face to us all.
Like some have put it on the internet.. This is the TMZ of leaks.
So why are you doing all of this Julian? Do you really require all of the attention? Is this why much of your staff quit recently? One wonders… C’mon, tell us all about it.
I am sure you won’t, you will just go on playing martyr/Jesus/world savior won’t you? How does it feel though to be wanted enough for some to actually call for your “group” to be re-classified as a terrorist organization? Of course I think that is the silliest thing I have heard in some time and the senator who uttered it needs a good dope slap, but, it must make you not only cream in your egotistic shorts,but also perhaps instill a sliver of fear too? Maybe that turns you on even more?
… And “meh” is really all I have to say for you. Nothing you have done is so epically stunning. All the press is just that, whoring press, and they will follow the story as long as it can get any air. Now that you blew your wad of oh so secret documents, what are you to do now to keep in the spotlight I wonder? I mean, Manning is in the pokey and gee, I don’t see a landslide more documents coming your way..
Whatever shall you do? You need the limelight.
I wonder, will you escalate? Will you do just about anything to keep the whoring mass media eye on you?
Personally, unless you get something worthy of the idea, I suggest you lay this vorpal sword down Alice.. Cuz the Jabberwocky has no secrets that you can access and slay it with.