(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Ethics In Hacking and Dropping Code

leave a comment »

With the release of Autosploit, a tool for automatically scanning and exploiting hosts located via, a shit storm erupted on the ethics of releasing a tool like this. The problem has become just how easy it may now be to automate the attacks on vulnerable systems en masse that this tool could potentially provide. In an age where IoT devices as well as SCADA and ICS are sitting online in vulnerable states makes the possiblity of great damage to large networks more probable with such a tool. It also brings to the table the idea that the barrier to success on such attacks has been lowered to a new class of individuals with a limited knowledge base and creates an asymmetric threat model of a single individual able to wield greater attack capabilities with one tool.

Many arguments have been made on Twitter about the efficacy of releasing code like this but most have not focused on tools per se but instead on malcode or 0day’s. Now that there are bug bounty programs and companies that sell vulnerabilities we are living in a more dangerous time where the few with the money could buy exploits and do mass damage or commit mass surveillance and espionage. This also applies to countries willing to pay for 0day exploits to be in control of the attacks and have the upper hand. Think about that, our politics and our lives are at the mercy of code being sold to the highest bidder. We have weaponized code and tools made from it on a medium that was supposed to enlighten and bring us all together. Instead our baser nature has made the internet and everyone’s devices a tool for repression or subversion.

After the release of Autosploit, the hue and cry went up, and rightly it did. In a time where we have people releasing code and remarking “Let the world burn” I think it is time that we began to talk about the ethics of doing these things. Ethics kids is a philosophical discipline where you consider the moral responsibilities of what you do and the effects your actions could have. I think that too many people of a certain age group have had little to no training on ethics and this has helped to lead us to where we are today. In this specific case let’s talk about the ethics of releasing any code or tool that would lead to potential disastrous effect.

Many tools over the years have been dropped for free by hackers out there that could and were abused by others who downloaded and used them for their own desires. I have been exhorted to mention things like BackOrifice or L0phtcrack in the past and, well, there you go. Both tools were used for bad purposes as well as ostensibly good in the hands of penetration testers. Of course these were just placed on the net for free for anyone to have at first and this is where the quandary starts right? Did L0pht or CDC consider the potential damage that could be done with their tools? Did they put them out there with some self awareness that they may in fact be complicit in crimes because the tools that they created and distributed, for good or for ill, could be misused?

I point you all to Alfred Nobel, the inventor of Dynamite. He created a tool that would help in mining but in the end that tools devastating effects were used in other ways to hurt people and wage war. In an obituary that was accidentally run about him instead of his brother, he learned what the world perhaps thought of him regarding his invention. This bothered him so much that to atone for his actions he created the Nobel Prize to further science and other pursuits that do not further the harm of others. The idea that his inventions use for ill and how he would be perceived by history prompted his ethical response.

Today, we have people creating tools that could be misused and in some cases are for the sole purpose of misuse. The Autosploit tool may be a boon for some penetration testers, but the reality is that it is just another mass scan tool that seeks out vulnerable systems throughout the whole of the internet and loads the exploit potential to just break into them. This is not a refined tool for a scoped penetration test, this is a tool for mayhem. This is why I think others have made comments about the way it was released and the dangers in doing it so. The ethics though seem to have been glossed over concerning this release. What are the ethics of Autosploit’s creation and release on a Git repo? What is the morality behind doing so? Are there arguments for either of those or is it just another hacker saying; “Let the world burn” with no thought or accountability because it is the internet?

The problem we have today is that there are no ethical demands being placed on these coders and hackers. In fact, the whole notion of hacking has a very troubled side where illegal activities are the norm because the ethical and moral question of “should I do this” has not even been contemplated over the desire to know things. Sometimes I personally think that there is a fair bit of sociopathic behaviour in this community to begin with so that actually kind of aligns with the argument that ethics have not even been contemplated in some of these works. So as we move forward into a world of cyber warfare we have to care for the ethics and morality of what we do just as we have in all other forms of warfare in the civilized world.

While people like Katie Moussouris advocates for penetration testing tools being classified in ways that they are not declared illegal, we too have to look at the ethical concerns of the tools and how they are released to the world at large. Wassenar is a great idea but I feel that it is a myopic approach to larger issues in our ever more connected world. If you look at the actions of the Balkanization of the internet, you can see the actions of China and Russia joining together in a pact to repel the US hegemony in the internet you have to follow that all the way back to the tools that make such issues possible. The tools that you all create for hacking and exploitation that you should have some ethical concerns over when they are used perhaps in ways you did not intend.

Thus, take the ethical pause before you just dump them online …Unless all you care about is watching the world burn.


Written by Krypt3ia

2018/02/02 at 20:12

Posted in Infosec, Uncategorized

Industrial Society and Its Future (1995) & Our Socio-Technology Woes Today

with one comment

With Manhunt Unabomber on TV recently which I binged, I have been thinking about old Ted and his ideals behind the madness he was pushing. I would like to state up front that I do believe that Ted is clinically mentally ill and that manifested itself when he finally went into seclusion. What happened over the years that followed was an unbalanced reaction to ideas that have a core of truth though and many people actually see the same kernels of insight that I am going to talk about here. I have just finished re-reading the manifesto that he got the papers to publish under threat in 1995 and clipped some passages for you to see here without having to read the tome yourselves.

Where I want to direct this post though is about the problems we have today with technology that Ted seemed to foresee and also to extend a little further into the social issues that we have seen played out in our recent election cycle and the probable attacks on the one upcoming in 2018. Ted touched on some of the sociological and more human issues of technologies and systems in his manifesto but for the most part he was taking a very rigid stance that all technology is bad for human beings and the environment. He had some interesting ideas on sociology specifically on left wing and right wing personalities and ideals that, well, he get’s all wrong frankly, but I feel it is important to mention. Though he got it wrong and his opinions on motivations was, well, very 1950’s, you can see some of what he is talking about in what has been playing out with the alt-right movement.

Ted is misdiagnosing people’s motivations likely tinged with his own issues psychologically so his assessment is flawed. However, if you read above you can see something there if you align it to the alt-right today. They feel inferior in that they lack the power, or, lacked the power until Trump was put into power by their minority of thirty odd percent of the vote. Anyway, Ted goes on for a fair bit on this and I will not bore you with it as it is not overly germane to this post, but I thought you should at least get a glimpse here. Ted, you got leftists and right wing all wrong dude. Of course this was within the first pages of his manifesto and he really does not get to the technology part until section 114 or so where we want to be.

In 114 Ted starts to talk about “the system” which means all technologies to him I think, but if you look at it from the perspective of a political system as well, you can see something that maybe we all have felt. How many of you have thought about voting and come to the conclusion that your vote doesn’t count? I have, in fact in the last election I almost did not vote because I just felt that the system was rigged. In rigged I mean districts were gerrymandered, back door deals are all in play, and possibly even the election machines had been hacked because, as we all know in the security circle here, they are so weak in security mechanisms to be laughable to hack. In effect, these systems, both technological and rule based were inherently made untrustworthy by the system of politics. We have had our real autonomy and ability of action removed from us through the system and it’s rules …So why bother voting if it’s a foregone conclusion and there is no foreseeable change right?

Another area of thought that Ted writes about that seems to be a companion to the above section is once again your power is taken from you because the government or the system. In Ted’s mind it is the technology at the bottom of all this but here again he is making what I would consider more a political or societal argument. In that conservatives really want states rights over big government, I for one cannot extricate this paragraph from the notion today that the right wing would like to take away the power of the people locally as well as nation wide even with “small government” Honestly some of their thought processes are rife with cognitive dissonance but the goals seem to be “we are in control because we have the money and the power and you should just do what we say” Anyway, it is just another system and technology today only enhances the control as far as I can see. Of course we are also seeing that with things like Anonymous and the internet, the power can be interrupted with the application of the right technologies as well huh?

Here Ted is talking about the system taking over the individual to perpetuate the “system” and if you read this with an eye to today’s concerns over jobs and the rise of the Trumpists, you can see a parallel right? If the systems are now creating supply chains that are automated enough to not need human intervention for function, then we lose jobs right? Of course Trump really doesn’t cover this notion completely in favor of jingoism over borders and immigrants taking over our jobs but the real reality is that automation is doing this as well as tax games that move companies overseas. I sometimes wonder how the future will look if we do not educate our people better and these systems just function without the need for under educated workers, will we see more of this unrest that leads to another Trump?


If you have seen Manhunt Unabomber, then you will recognize the imagery that they used at the end concerning free will and systems of control. Ted takes it to the nth degree but the reality is that systems do control our actions but once again you have to accept that control and accede to it to be controlled. The very core of hackers and hacking is the notion that we can subvert the systems to make them do things they were not meant to do right? In the case of the stop light and the philosophical questions over being part of a system or controlled by one is very interesting. You all should ponder this as hackers and persons within a series of systems both technical and logical and consider your position here as well. I think we are at a cross roads here post 2016 and the use of technologies and systems of governance where one might feel like Ted a bit. What control do we really have when you could opt out of the system but the masses don’t? Look at what has happened when a small percentage of people in this country gamed the electoral system to elect Trump over the clear popular vote. The system has control over the lot of us and there isn’t very much we can do as we have seen if those in power, a small group, is in control of all our fates.

It makes one have thoughts about hacking systems… What does it mean? Can it be done? Should it?

In 130 and 147 here we have an important point from 1995 kids about the uses of technology as a form of control. Take that paragraph in and think about where we are today and what we have seen since 2001. We have fetishized technology in the name of freedom today. We have autonomous drones, cameras, NSA systems that monitor everything, and lest we forget our own abdication of our personal information and privacy for the new shiny phone or application. Collectively we have allowed our own security and privacy to be degraded for shiny things. What’s even more interesting is that those in the know, the one’s who have the capabilities to secure their private information may never really be able to completely do so because the systems are so prevalent that our data is out there anyway, just one breach away from being publicly available for sale on the darknet. I have often had thoughts about just backing away from the technology, but then my lizard brain just says “you can do this, you can secure your shit with crypto and all the things”

That’s delusional thinking.

Look at what played out in 2016 and then try to convince yourself that you can control the system enough to be immune.

Geez I am starting to sound like Neo.

Anyway, all of this manifesto reading has given me perspective on things in 2018. Ted had some ideas that are valid but he was unstable and decided to act on them to save humanity in the wrong way. Frankly he should have just lived in that cabin and kept to himself and paid no attention to the outside world. This is the crux of the problem though, could he? It seems like he lived on the fringes of society and he knew he could not go full mountain man and live off the land so he did what he did. Herein lies the problem though for us all. Unless you have the wherewithal to live fully off the land then you have to deal with technology and society right? So here we are, how many of you out there could just walk into the woods and live? I find it funny that a lot of our zombie shows pretty much deal with this issue and we are eating it up. Deep down we all know that if society broke down and technology stopped, we would have to fight for everything to survive. Many of us wouldn’t be able to handle it and there would be a lot of attrition.

As we move forward with AI and more technologies that are supposed to make our lives easier, we are also infantilizing ourselves, separating ourselves from communities, and giving away certain aspects of ourselves to the machine. So I can understand some of what Ted was saying …I am just not mentally unstable enough to want to live in a shack and make little packages of explosives. I do however have my moments when I as; “What are we doing here?” I have written posts on Stratfor about hybrid warfare counter programs and honestly between the pervasiveness of the technology and the cognitive dissonance of those who use it I can see no good options for countering it. Is the answer then to just leave Twitter and Facebook? Is the answer to just not surf the net and read a book from a library? Or do you double down and work the system like a hacker and try to get some sanity?


Written by Krypt3ia

2018/01/31 at 14:12

The Post Conspiracy Age

leave a comment »

In last weeks episode of The X-Files, the whole notion of conspiracy theories, truth, and reality were amusingly deconstructed. The premise of the episode was put into one of the more amusing funny X-Files over the years but the core observations it made were something to think about outside of satire. The story line follows the idea that Mulder and Scully had a partner that neither can remember because he has been collectively erased from their memories by a “Dr. They” a hypnotist spooky doctor of some kind. The plot line slides along greased by all the conspiracies over the decades of the show concerning belief in cryptozoology and aliens while making the case that the human memory is not only fallible, but it is also highly manipulatable.

Throughout the story line the notion that people remember things differently per experience also is at play with the idea that forces are at possibly at work shaping the collective memory. One of the ideas they drag up is that of the Mandela effect, where people have varying memories of Mandela dying in prison as opposed to him being released in 2013. Of course Mulder offers the theory that these are often explained by parallel universes, but that is shot down by Scully and “Reggie” the alleged partner they cannot remember. I for one have heard of the Mandela effect but then Reggie says it is not the Mandela effect, it’s the Mengele effect. The Mengele effect as far as I can tell is just a plot device for this episode of the X-Files but the Mandela effect is another matter. It seems many who misremember go on to substantiate their own inability to remember things properly as an “effect” to save face.

“It’s the Mandela effect. When someone has a memory of something that’s not shared by the majority or the factual record. For instance, there are some people that have a memory of seeing a movie called Shazam starring Sinbad as an irrepressible genie. Even after it’s pointed out to them they’re probably thinking of a movie called Kazaam starring Shaquille O’Neil as an irrepressible genie. Especially because a movie named Shazam was never made.”
“But what if I don’t remember either movie?”
“You win!” – Mulder and Scully

Aside from the idea that there are Mandela effects, aliens, squatches, and government conspiracies, this episode focuses not on them for me as much as the methods these ideas are spread and the nature of just what is truth anymore. In a meeting near the end of the episode, Mulder meets the mysterious Dr. They, who is seen standing by a sculpture making the “tsk tsk” or naughty hand gesture that you see above. He starts off talking to Mulder about how the kids today have no idea what this means anymore and that we are living in a “Post conspiracy age” where nothing is real anymore anyway so conspiracies just mean nothing.

“They don’t care if the truth gets out. Because the public no longer knows what is meant by the truth.” – Dr. They

Basically They tells Mulder that none of his truth seeking matters anymore because we are in a post truth society. In effect, nothing can be true anymore because everyone just believes what they want to paying no never mind to facts and things that are known to have been truths. It was this scene of the episode that just hit home for me. In a time where social media has given rise to the common man’s ability to leverage their own cognitive dissonance as part of a larger machine of propaganda and psyops by nation states and corporate entities, nothing is real anymore. Even if you present people with facts and data, they can just discount it because of they now have an arcology of communities that they belong to which re-assure and amplify their own ideas whether or not they are patently wrong and provably so.

….In essence an arcology of echo chambers.

“Believe what you want to believe. That’s what everybody does nowadays anyways.” – Dr. They

As I watched that scene over again a few times it all hit home in a way that I had not overtly thought about in a while. We are living in an age of subtle Nihilism where nothing really exists or matters on a factual or truthful level. It’s all “Truthiness” as it was coined by Stephen Colbert. You choose the level of the truthiness and it’s content per your belief system and no one will be able to assail your notions because they are just wrong. In the X-Files episode the quote by Orwell was brought up twice of “He who controls the past controls the future.” which is then re-stated by They in the meeting scene with Mulder where he says that it was Orson Welles who said it. He is corrected by Mulder that it was Orwell, but basically They then says “for now” as if he is about to manipulate everyone’s memory to change that. It’s amusing as a scene but the reality is that with the facile minded and the misinformation of the internet and manipulative media, it is a possibility that it could become a reality where the masses believe it was in fact Orson instead of Orwell, and then it will be come de facto fact as someone edits the Wiki page and commits.

“We’re living in a post-cover-up, post-conspiracy age.” The “poco”

I was left thinking after this episode about the problems I had been mulling over concerning counter narratives and programs to fight active measures campaigns like the one that Russia carried out and is still carrying out on us. One could just buy into the idea that there is no real way to fight this because we have a system now that allows and perpetuates these echo chambers. Twitter is a steaming pile of minis-information and food pictures. Facebook, well, Facebook is another animal altogether and Zuck has recently doubled down on the problem by saying they plan on only having more inter-networked news being passed on by it’s users instead of real news service feeds. This will only lead to amplification of misinformation as those groups only echo those “truths” they want to believe as opposed to facts. It all makes one want to embrace Nihilism all the more and really believe in nothing at all because what can you believe in when everything is just opinion as fact?

Today we are bombarded with information that has been created, ,managed, or manipulated by the unseen hand of corporations, people, governments, and cabals if you want to believe that. It is up to the consumer to do the leg work and discover what is truth, but unfortunately for the masses it seems, the truth is just subject to their own cognitive dissonance. In 2018 we are about to embark on a new roller coaster of disinformation and active measures not only perpetrated by Russia and other actors, but ourselves. How do we really fight that power?


Written by Krypt3ia

2018/01/29 at 14:58

Pyongyang Radio 6400khZ V15: Numbers Broadcast May Have Been Book Code

with one comment

On April 27th 2017, just as a nuclear test was about to be performed in the hermit kingdom, the default numbers station in Pyongyang broadcast a series of numbers under the guise of it all being lesson plans for students in what they called their “remote education university for No. 27 expedition agents” This broadcast differed from other numbers broadcasts by DPRK but also by other countries that tend to use just discreet series of numbers and what most likely are one time pads. In the case of the April broadcast from DPRK though it would seem that they are maybe using what is called a “Book Code” method to send secret messages to their operatives in the field.

Now this would be an interesting turn of events if the North was using book code instead of randomly generated one time pads. The most important point of this is that if in fact they are using book code, then you could possibly get a copy of the book and follow along to decode the messages. As this so far, was a one time event, you have to wonder was this just something in a pinch, an emergency out of band broadcast? If it was this could be a fall back on coded messages and with the preamble by the announcer, it could have been. This is the first time I have heard a numbers station broadcast like this and my first thought was book code, but, others seem to think that this is just a re-mastering of the normal coded number sequences that you would usually hear out of a numbers station.

Screen Shot care of

As you can see from the screen shot above, the numbers stations site re-configured the numbers into just sequences. What if though, these were actual numbers of pages along with the words or letters (kanji in this case perhaps) within the text that could be taken down to form words? I have been looking at the number series and it is possible yet I cannot confirm this is the case. I mean after all, what book would this be? Would it be in Hanglo? Kanji characters or English text? For that matter any range of languages could comprise the text of the book used. Also, if you look at the page numbers and problem numbers, could this in fact be some IT problem book that has been turned into a code system?

From now, we will send IT Basic Practice problems for Agents No. 27. Now, we will tell the number of problems. 823 pg No. 69 467 pg No. 92 957 pg No. 100 830 pg No. 07 694 pg No. 89 429 pg No. 95 916 pg No. 39 347 pg No. 48 684 pg No. 42 917 pg No. 41 754 pg No. 70 146 pg No. 23 883 pg No. 98 980 pg No. 43 672 pg No. 61 075 pg No. 25 2242 pg No. 47 412 pg No. 66 455 pg No. 39 813 pg No. 49 661 pg No. 89 582 pg No. 97 111 pg No. 75 470 pg No. 43 512 pg No. 49 287 pg No. 90 880 pg No. 64 044 pg No. 83 519 pg No. 56 907 pg No. 95 112 pg No. 11 275 pg No. 25 686 pg No. 72 086 pg No. 91 948 pg No. 21 173 pg No. 24 845 pg No. 31 844 pg No. 89 750 pg No. 08 611 pg No. 97 284 pg No. 02 190 pg No. 04 372 pg No. 53 116 pg No. 23 710 pg No. 17 339 pg No. 45 411 pg No. 78 775 pg No. 21 797 pg No. 51 378 pg No. 13 021 pg No. 55 812 pg No. 61 639 pg No. 43 926 pg No. 81 971 pg No. 100 763 pg No. 50 058 pg No. 92 662 pg No. 28 717 pg No. 94 339 pg No. 54 518 pg No. 68 167 pg No. 20 121 pg No. 92 220 pg No. 16 558 pg No. 95 738 pg No. 04 723 pg No. 87 599 pg No. 33 719 pg No. 19 862 pg No. 73 412 pg No. 57 166 pg No. 93 064 pg No. 85 971 pg No. 20 856 pg No. 90 581 pg No. 36 101 pg No. 82 477 pg No. 95 112 pg No. 89 132 pg No. 45 939 pg No. 64. We will repeat. (Same Numbers). That is all.

By looking at the colored text of the broadcast one has to wonder if this is a book with regular text or a math book as stated. So in the first it would be the 823rd letter? Or would it be the 823rd word? Even more mind bending could it be letters 8 and 23 on page 69? You see where I am going with that right? All of this came back to me as I was watching a recent Amazon prime video on Shakespeare’s folio and Kabbalah codes and word play that seem to exist within it that may have been a work of Francis Bacon and a second person. Either way, this is an interesting broadcast out of DPRK and I for one would like to ponder just what book this might be if indeed it is a book code…

Unless it is just a math problem set…

One of the other interesting tidbits here is that in the preamble they say these are IT (Information Technology) problems. Does this mean it is something along the lines of a book on CISSP? (in joke there folks!) but yeah, could be that or it could be something like a book on MCSE for all we know. The issue is to match the numbers of letters or words to pages in a book that each agent would be able to get in country and use for this purpose. If this is a book code, did the agents receive a book when the left? Was it sent to them later? Also, each book would have to be the EXACT copy, not iterations of a book in order for the code to work. There are a lot of questions still as usual with North Korea so one could just sit and ponder this for quite some time.

I went and started looking for books printed in DPRK but got no love. That it’s said to be IT, well, I have several boat anchors I can look at but in the end, without some more insight into the hermit kingdom’s methods here, you likely will just lose your mind trying to figure it out. So, if you have some time to waste, this could be a nice distraction but certainly stop before you get to the cliffs of insanity here.



UPDATE: I got a comment on this post from mrpnkt informing me of text books found on Red Star/DPRK Android tablets available in North Korea. The presentation at 34C3 can be seen here:

Basically they discovered that there are a metric ton of almost PDF files on the systems that the end users in DPRK can use to learn. These seem to be uniformly available and as such, they may in fact the the IT manuals discussed in the V15 broadcast last April. These guys actually have the files on a torrent to download and actually are asking for any help in discovering more about them. Thanks to Will Scott Gabe Edwards for this data. I am currently downloading the 4 gig of files to play with myself.

You can too now.


Written by Krypt3ia

2018/01/22 at 21:39

Posted in DPRK

2018: Active Measures and Hybrid Warfare Possibilities

with 2 comments

With 2018 just hours away I thought I would add to the cacophony of posts on what you might see in the year to come, but in my case this is the black swan edition of NATSEC for the new year. There will be in my opinion no way that the Russian’s up the ante on active measures and hybrid warfare on the United States in the next year especially since there will be elections for Congress. Elections that will likely lessen Russia’s grip on the country if the Democrats can actually be a majority and control the possible investigations that are ongoing today.

Of course even if there weren’t an election coming the Russians and possibly others would still continue to stoke the active measure fires because it serves their ultimate purpose of making the US inert politically on the world stage. The whole point of these actions is to divide us and to lessen our ability to counter Russia in their global machinations. Overall, it is likely to be a wild ride next year and this primer may help you comprehend what might actually be happening.


Active Measures Definition: (Russian: активные мероприятия) is a Soviet term for the actions of political warfare conducted by the Soviet and Russian security services (Cheka, OGPU, NKVD, KGB, FSB) to influence the course of world events, in addition to collecting intelligence and producing “politically correct” assessment of it.

Information Warfare Definition: Information warfare (IW) is a concept involving the battlespace use and management of information and communication technology in pursuit of a competitive advantage over an opponent.

Propaganda: Information, especially of a biased or misleading nature, used to promote or publicize a particular political cause or point of view.

Kompromat: kompromat. Literal meaning. compromising materials. In Russian politics, Kompromat, literally “compromising material”, is damaging information about a politician or other public figure used to create negative publicity, for blackmail, or for ensuring loyalty.

Hybrid Warfare Definition: Hybrid warfare is a military strategy that blends conventional warfare, irregular warfare and cyberwarfare. … There are a variety of terms used to refer to the hybrid war concept: hybrid war, hybrid warfare, hybrid threat, or hybrid adversary (as well as non-linear war, non-traditional war or special war).

The Players:

I want you all to consider that it will not only be Russia playing “Patriot Games” *wink wink* with us all in 2018, but also the other players who likely will be part of the larger picture here. Russia is a given, but as we have seen of late, the GOP seems to be playing much of the same cards that the Russians have against us in the last couple years. The GOP has taken their playbook and augmented it with Trump’s particular brand of crazy as well. Ultimately we have gone through the looking glass because the Russian’s active measures worked. We are now in a “post truth” and “alternative facts” universe which has caused many unable to parse out the reality of things to just either shut down or buy into their narratives whole hog.

  • Russia: will continue to attack reality and cause more fissures within our people and our government.
  • GOP: Will adapt the Russian and Trumpian playbook as well. They have done plenty of dirty tricks in the past, but now, they are armed with a tactical info nuke.
  • Third Parties: China, Iran, others, all will have their reasons to continue and extend the fissures and use them to their advantage.

There are many players who may want to get in on this game to serve their own purposes. Remember this as you try to sort all of it out as it happens.


So I am going to throw out some scenarios or attack models here for you to consider. Some or all of these may happen in 2018. Maybe none will happen… Who am I trying to kid here! In any case, consider these as possible attacks and you may even see variations on these themes.

Sub Operations: HYBRID WAR

As we have seen a recent uptick in this activity already, and I am not sure of our SOSUS capabilities anymore, we have to consider that attacks may come from these little sub visits. Now, if you are up on your sub history, the Jimmy Carter (SSN-23) was one of the subs that tapped RU comms. As we have tapped post SORM traffic, the Russians are likely doing the same with the fiber that is on the bottom of the ocean as well. These kinds of listening operations are pretty standard, but consider now that the Russians have stepped this up might signal more possible scenarios. By shaping traffic, cutting traffic, or injecting things into it, the Russians could have quite the little advantage.

  • Subs intercepting (tapping) traffic
  • Subs ability to leave a dead mans switch or active kinetic measures to cut cable
  • Subs tapping allowing to add data to streams and or advance hacks

Hacks and Disinformation Operations: INFOWAR

The hack on the DNC servers was a pretty standard affair using phishing mails and then exploitation of the systems therein once they got a foothold. What data was exfiltrated though, and how it was parsed out and weaponized was the old new trick the US could not foresee evidently. The Russians have been carrying out this kind of warfare for years on Estonia and Ukraine as well as other countries that they feel the need to destabilize. We saw a fair amount of this in our election cycle in 2016 and you should expect more in 2018. In fact I would hazard to say that the operations are already in progress and data is being collected even as I type this.

  • Hacks on news systems
    • Insert fake stories to cause chaos and to delegitimize the org
    • Cause chaos and uncertainty (broadcast primarily but also news sites like CNN’s page)
  • Hacks on EAM systems (Emergency Action Message) There have been recent hacks on these systems by hackers but imagine a nation wide alert set by Russia?
    • Cause panic
    • Cause DoS on telco and other systems
    • Spur over action by government and populace
    • BGP re-routes
      • Ability to disrupt news
      • Ability to disrupt C&C
      • Ability to insert data into C&C
  • Leaks
    • More governmental leaks
    • Personal leaks (kompromat)
    • Leaks of doctored documents (Disinformation Operations)
  • Trolls armies
    • Twitter
    • Facebook
    • News sites
    • Comments sections
      • As we saw on the Net Neutrality comment site, these attacks can be leveraged against any public comment topic. So imagine it being used on the White House site (that is if the Trump admin hadn’t basically killed that function already)
    • Radio commenters
    • AM/SW radio broadcasts

HUMINT/Asset Recruitment

Ah yes, one of my favorite categories… As an old school guy who was around before the computer was so ubiquitous, this form of espionage was the thing. Of course the NSA had signals intel, radio, bugging, etc, but good old human assets can do quite a bit and should still be a thing. Today I would say that in tandem with the active measures attacks that we have seen and will see in 2018, you can count on more human assets being activated. These can be trolls that are real people who take on personae online as well as players within the system who have been recruited or turned.

  • Asset recruitment of GOP players
  • Asset recruitment of proxy group individuals
  • Kompromat use

Kinetic Attacks by Proxy Operations

Kinetic attacks are not as likely but given that things are getting out of hand, and may get even more out of control, I thought it prudent to add this. What I mean by kinetic attacks by proxies is simply that the actors could incite groups and individuals to violent action. We saw in 2017 the Nazi (alt-right) movement’s rise and in that, we saw violence perpetrated as well as at least one death by a Nazi running down a protester. This type of activity is standard operations really in the history of espionage and active measures both by Russia and by the US. If you doubt the US has done such things you should look up our interventions in South America in the past.

  • Insert proxy actors to actualize physical attacks
  • Use groups like KKK and others to initiate more kinetic actions like bombings and confrontations
    • Cause over reaction on populace part
    • Cause over reaction by local and federal governments
      • Over reactions like martial law or other types of crack downs
      • Likely to cause further surveillance tactics and programs

Digital Attacks That Lead To Kinetic Results

And the attack du jour of late, the cyber attacks that cause kinetic effects! Honestly there is no evidence of there being a possible wide scale attack being carried out successfully on the US grid, but, there is always a chance. Of course smaller scale attacks in regions could be possible and carried out to great effect. The effect I speak of would be to perhaps hinder voting, but more so to sow chaos and uncertainty in the population. If you strike the right balance, you could even tailor an attack to lead people to a certain political actor as they run a narrative that gives assurance of reciprocity etc.

I know, now it’s sounding all Manchurian Candidate huh? Well, look at Trump and what happened and then think about it again. He has been pretty much using the Russians playbook that he was given by Putin so it’s not so inconceivable.

  • Power: Power goes down
  • Water: Water stops flowing or becomes tainted
  • Telco: Cells go down
  • Media: No news in an emergency with any of the other situations people will freak
  • Internet Infrastructure (as mentioned above in attacks on cables) No communications, freaking populace

Well, those are some of the scenarios I can foresee. I am sure there will be plenty of others that I could not even imagine today. Suffice to say that we will be under attack again with more vigor specifically by the Russians and the GOP in hopes that they will keep their seats. All of us just need to strap in for the Krazy Ivan to come. Just remember to be judicious in your consuming of media and always think before you freak.

Happy New Year!



Written by Krypt3ia

2017/12/29 at 22:19

Posted in .gov, 2018, Infowar

Your One Stop Shopping For A New Identity in the Darknet

leave a comment »


I was surfing the high digital seas of the darknet the other day and came across a couple sites that I thought were interesting and would share with you all. The first site is an emporium that sells a little of everything but mostly drugs but in their “forgeries and counterfeit” section I came across some goodies in their internal search engine. Primarily what I am going to bring you today kids is how you too can buy forged documents in the darknet to start a new life somewhere in the world. Watch now as I unfold to you this tale of tradecraft and OPSEC….

PSA: Ok ok, yeah buying this stuff in the darknet is likely to have one of three outcomes..

1) You pay and you get nothing.

2) You pay and you get arrested when you pick up the package.

3) You pay, you get the package, and then are arrested trying to use the documents.


Right, back to the whole buying fake documents and how to use them thing! So if you do want to have an alternate identification you can attempt to use the documents being sold in the darknet but you have to do your leg work too. See, if you want a real and lasting identity (other than your own) then you have to do this slowly and carefully. Much of this really relies on the quality of the documents as well as the backstopping you will need to do in order to have at least a chance of using them effectively. The first thing you will want to do is get an SSN that is clean and with the way things are now so interconnected, it may be harder today than it was in the almost recent past to get a clean one that is age appropriate to you.

Yes, they are tagged by age you know…

Used to be a day when you could go all “Day of the Jackal” and find someone who was approximately your age in a cemetery who had died young. You could then get the birth certificate (buy it) and then use that to start the process. Now, today that may be harder but if you are like me, it may be something that they did not digitize yet (old) so you could either get a new SSN card by paying for that one as well, with the birth cert and likely another ID like a drivers license (which you can purchase in the darknet too) and you have a real one. Or, you could get this person’s SSN number and just have that used on the fake card you want to buy in the darknet. Either way, you are backstopping the identity by doing this and thus may even pass a cursory investigation by the likes of the police.

An alternative to this would be to just pick someone out that you have their data and start there with their SSN on a new card along with a drivers license and such. It really depends on how deeply you want to go though. See, what is being sold on this particular site is really geared more to creating a quick ID to use for fraud (carding, creating new bank accounts, etc) which to me is less of a challenge than actually having a backstopped and living second identity that you can use to just disappear with if need be. But to have such a thing you have to maintain it all as well as get the right documentation and quality of product.

If you are going to create a second or even a tertiary identity then you will need all these kinds of documents as well as the odd ones shown above such as bills with your name and address on it to start accounts. Those accounts, should include a residence, an apartment say, and should be maintained with actual mail and traffic that can be actually verified as existing if you are going long term. Bank accounts with actual funds should be created as well as credit accounts that should be maintained and used to show a past history too. Basically you have to live that identity to some extent yourself to keep it alive and functional. I know, it’s a pain in the ass but if you want to really do it, well, you gotta have some responsibility here. This all would also include creating your own legend and potentially more paper trail such as some W2’s etc if you are going for the full Monty.

Some of you I can tell are thinking “fuck that” … Ok, well, up to you.

Anyway, there is a lot to this that I am not going to lay it all out for you as that might be bad. Suffice to say that you get what you paid for in the darknet so be careful and remember Caveat Emptor. There are many places to buy this stuff but just as many that are either federal fronts or scammers looking to just take your bitcoin and run.

Be careful out there… and you never saw me.



PS.. If you are good at Graphic design you can likely just make some of this stuff yourself.

Just sayin.

Written by Krypt3ia

2017/12/15 at 20:59

The 2017 Krampus List!

leave a comment »


A personal note from Krampus

HELLO children, It’s that time of the year again where Uncle Krampus comes to from a long whiskey induced somnambulist coma to bring you all the beatings you all deserve! This year while I slept you all managed to continue to stoke the fuckery fires, so much so that Krampus feels a little singed from the white hot stupid you all have wrought. Whether it be the INFOSEC community at large or the government and corporate entities, you all have managed to fuck things up pretty god damned epically! So sit down and prepare for a CAT5 cat-o-nine cable flailing for your INFOSEC SINS!

I know I will enjoy it…

*Takes out flask and takes a long pull of 12 year old Whiskey*

Cheers fuckers!


Oh Uber, it seems when you are not fucking over your non employee “drivers” you found the time to cover up a hack and pay a ransom to boot! WOW you fuckers are a real bunch of assholes aren’t you!? Krampus has a special place in the DATA LAKE OF FIRE for you all to spend eternity in! I mean it takes a special kind of company and corporate governance to do all these things AND to steal IP from another company!!

WOW… Just WOW.

I suppose I may have to fight my cousin Lucifer to have custody of you but I think he will understand I have primacy on this one because INFOSEC.





HOLY FUCK you guys are going to the DATA LAKE OF FIRE too! What kind of special finishing school does the CEO have I wonder? YOU FUCKS ARE RESPONSIBLE FOR ALL OUR WOES TODAY!


An abattoir is too good for you you fucking asshats…


*squints and looks balefully*

The Department of Defense.. You do know that you are responsible for the “defense” of things right? WELL WHAT THE FUCK ARE YOU DOING PUTTING THE INTEL IN THE S3 BUCKET UNSECURED???


I am sure though the Russkies and the Chinese thank you for your “efforts” and laugh as they plumb the depths of the RED DISK




The “National Security Agency” … Krampus isn’t feeling too secure this year with all the shit you guys lost. I mean Krampus has watched in horror as your shit was used to attack EVERYONE because you were all too busy getting hard on’s and masturbating to pwning shit while NOT PAYING THE FUCK ATTENTION TO YOUR OWN SIX!




*peers at the Wikileaks VAULT 7*



Oh, and stop losing shit too! Do some counter intelligence shit guys!




Here’s where Krampus is gonna make the children in the community moan and wail… Giggity.


Right, ok, let Krampus get this straight.. You go to a security conference just to hang around the lobby because you couldn’t get a ticket and even if you did, the con sucks anyway but you wanna hang around the lobby and fuck around getting stupid drunk…


Look, if you want to go to a conference great. If you get bored, fine go hang out in the lobby or for fucks sake go explore the city you are in! But FOR FUCKS SAKE DON’T BUY A HOTEL ROOM AND AIRFARE TO JUST GO SIT IN A FUCKING LOBBY LIKE A HOOKER YOU IDIOTS!




It’s just sad…


Security Rock Stars…. You people are just fucking deluded. The height of this shit came this last summer I hear when someone got popped by the FBI and suddenly everyone was fighting “the man” because this guy couldn’t have done anything because he is an INTERNATIONAL SECURITY ROCK STAR HERO NEWLY MINTED!

Then you look into his history and you say one fucking word that maybe he did it and JESUS FUCK YOU ARE A BAD BAD PERSON AND OMG YOU SHOULD BE EXCOMMUNICATED!

Fuck you all.

Very much.



Krampus has a special place for all you fuckers. You know who you are…. And now so does the general public!



Krampus is watching you and all your little corporate friends who are gonna wreck Net Neutrality you fucks.

A reckoning will come.



So, lost that market share yet? Krampus can’t wait until you are finally caught “red handed” with data you guys were mining with your AV product in the Shadowbrokers shit.


Krampus has a special place in his BLACK BLACK HEART for you Twitter and especially you @Jack. Your fuckery around the whole POTUS account especially deserves a special room of ass poking with a rather large IoT dildo which has a special API to the internet for all the kids to control and abuse.

Fuck you.

Oh and for all the NAZI apologist shit too.




I hope those Hawaiian’s you are fucking out of their land rise up and slay you.


Krampus looks forward to the next breach report with you in it!

“Trusted source”



2FA or GTFO you idiots! COME ON!



Welp, that’s it kids… I am sure the lamentations from the community section will be sufficiently amusing. Krampus could have gone on more but really, there isn’t enough whiskey in the world to make that happen.

Till next year.


Written by Krypt3ia

2017/12/05 at 19:54

Posted in KRAMPUS