Tag Archives: ESPIONAGE

Meet ‘Flame,’ The Massive Spy Malware Infiltrating Iranian Computers

Posted on by
Reply

Map showing the number and geographical location of Flame infections detected by Kaspersky Lab on customer machines. Courtesy of Kaspersky

A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation.

The malware, discovered by Russia-based antivirus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years.

Dubbed “Flame” by Kaspersky, the malicious code dwarfs Stuxnet in size — the groundbreaking infrastructure-sabotaging malware that is believed to have wreaked havoc on Iran’s nuclear program in 2009 and 2010. Although Flame has both a different purpose and composition than Stuxnet, and appears to have been written by different programmers, its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals — marking it as yet another tool in the growing arsenal of cyberweaponry.

The researchers say that Flame may be part of a parallel project created by contractors who were hired by the same nation-state team that was behind Stuxnet and its sister malware, DuQu.

“Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide,” said Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, in a statement. “The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country.”

Early analysis of Flame by the Lab indicates that it’s designed primarily to spy on the users of infected computers and steal data from them, including documents, recorded conversations and keystrokes. It also opens a backdoor to infected systems to allow the attackers to tweak the toolkit and add new functionality.

The malware, which is 20 megabytes when all of its modules are installed, contains multiple libraries, SQLite3 databases, various levels of encryption — some strong, some weak — and 20 plug-ins that can be swapped in and out to provide various functionality for the attackers. It even contains some code that is written in the LUA programming language — an uncommon choice for malware.

Kaspersky Lab is calling it “one of the most complex threats ever discovered.”

“It’s pretty fantastic and incredible in complexity,” said Alexander Gostev, chief security expert at Kaspersky Lab.
Continue reading

Meet ‘Flame,’ The Massive Spy Malware Infiltrating Iranian Computers

Posted on by
Reply

Map showing the number and geographical location of Flame infections detected by Kaspersky Lab on customer machines. Courtesy of Kaspersky

A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation.

The malware, discovered by Russia-based antivirus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years.

Dubbed “Flame” by Kaspersky, the malicious code dwarfs Stuxnet in size — the groundbreaking infrastructure-sabotaging malware that is believed to have wreaked havoc on Iran’s nuclear program in 2009 and 2010. Although Flame has both a different purpose and composition than Stuxnet, and appears to have been written by different programmers, its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals — marking it as yet another tool in the growing arsenal of cyberweaponry.

The researchers say that Flame may be part of a parallel project created by contractors who were hired by the same nation-state team that was behind Stuxnet and its sister malware, DuQu.

“Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide,” said Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, in a statement. “The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country.”

Early analysis of Flame by the Lab indicates that it’s designed primarily to spy on the users of infected computers and steal data from them, including documents, recorded conversations and keystrokes. It also opens a backdoor to infected systems to allow the attackers to tweak the toolkit and add new functionality.

The malware, which is 20 megabytes when all of its modules are installed, contains multiple libraries, SQLite3 databases, various levels of encryption — some strong, some weak — and 20 plug-ins that can be swapped in and out to provide various functionality for the attackers. It even contains some code that is written in the LUA programming language — an uncommon choice for malware.

Kaspersky Lab is calling it “one of the most complex threats ever discovered.”

“It’s pretty fantastic and incredible in complexity,” said Alexander Gostev, chief security expert at Kaspersky Lab.
Continue reading

Matt Edelstein and #StopRush Employed Brett Kimberlin’s Pal Neal Rauhauser As Their Private Investigator | The Trenches

Posted on by
Reply

The Trenches published a post yesterday containing various unedited excerpts from an illegally recorded phone call between Matt Edelstein, and a man still only known to us as “Randy” in the recording. In this post there  are a couple of excerpts wherein Matt discusses a private investigator that was employed to research Randy.

 

Remember how Matt forgot he already said who shared the information! “Comedy gold” as a certain “private investigator” likes to say. You’ll see that phrase again in the embedded document at the end of this piece.

 

We now have our answer about this mystery investigator. It’s Neal Rauhauser.

In another email tip to The Trenches, we obtained the following correspondence from the socialactionsteering@googlegroups.com groups at Google Groups. Social Action Steering? Sounds very Marxy, you Stop Rush buffoons.

Interesting. I’m mentioned again. Matt sure spends a lot of time talking about someone he deems irrelevant. The bold comments in the email are my emphasis.

On Sun, May 20, 2012 at 1:33 PM, Shoq value wrote:
Well here we go,

Randy has made another move (probably confirming that the leaked picture of “shoq” last night to Brooksbayne was the first move):

Julie just forwarded this to me. Now he’s reaching out to other progressives in our streams, trying to tarnish me and the stoprush effort by completing flipping reality, projecting everything we know about him onto me.

He probably chose laffy because he knows of our past differences and figured that was the best place to spread his toxic meme. What he doesn’t know is that Laffy already inquired with Krystal last week, and Krystal said “we don’t like or trust this guy,” or words to that effect.

Gottaff and I have had our issues in the past, but she’s a good progressive, and not a fool. She will probably see through this, based on what Krystal already forewarned her of (when Laffy wisely reached out to ask Krystal of clarification about Randy last week), and Julie explaining how we’ve already checked him out and virtually nothing he says is true.

Julie’s instinct was always that this guy was a right wing disrupter, and she may or may not have been right, but it’s clear he plans on trying to make trouble among progressives, and I assume Laffy and her friends would resist such nonsense, despite our personal dramas.

So now what?

You can be sure he’s trying to plant this meme anywhere he can. If I go public on the blog, it reveals that one of the noisier stop rush workers was a plant or a flake. But do we really care? I am not sure. It depends on how it’s constructed. Is it worse to give them a few days of noise, or let this asshat create all kinds of disruption? It’s a jump ball.

I feel that if we don’t expose him, he’s only going to try to do more and more of this subterfuge.

I am CCing Neal Rauhauser on this letter. He knows these right wing operatives (which Randy may or may not be) better than most of us, and he may have some insight into which approach is best. He’s probably just a flake trying to repair his soiled rep now, but I admit there are a lot of things that support Julie’s theory that he’s trying to disrupt all of us as a professional mission. We need to know more about that “law firm” he seems comfortable associating with. Do they have a relationship to Radio Host mikeberry? I am still fairly sure that if Randy had a stealth agenda, it was to use StopRush to fake-attack Berry, thus building his national ID and rep. Kinda clever, actually. And this letter to laffy shows he’s far more duplicitous (and craftier) than his folksy voice and manner would indicate.

I figure I may just have my lawyer send this Laffy letter back to him, and ask for an explanation.

Thoughts?

PS
I especially enjoy the detail about Krystal stringing me along! Damn that woman :)

Well, well, well, CCing Neal Rauhauser about Randy? Krystal Ball, the MSNBC contributor, is clearly involved in this leftist cabal according to this email. And we can see that Matt is bent on “exposing” Randy. Also, Matt thinks this will all just blow over in a couple days. Still clinging to that theory, Edelstein? Maybe you were correct about your infiltrator being “far more duplicitous (and craftier) than his folksy voice and manner would indicate”. Lesson? Don’t underestimate Blue Dog Democrats.

 

Is this your best James Bond, Mr. Private Investigator? FFS! My mind’s eye just went blind…

 

What in the name of all that is holy is going on in this picture, Rauhauser? And why did you ever think that posting this online publicly would be a good idea? If you were going for that James Bond look, you missed the mark, brony.

<shudder>

Anyway, as you’ll see below, to Edelstein and his extremist pals, “exposing” Randy means that Neal Rauhauser and his friends will “dox” someone named Jason that they believe is their infiltrator Randy Hahn. Here Neal responds to Matt’s inquiry, and Matt forwards it along with his response back to Neal and the Marxy “Social Action Steering” Google group.

A fun little tête-à-tête amongst neo-Marxist activists.

——– Original Message ——–

Subject: Re: Confidential. Our eyes only
Date: Sun, 20 May 2012 14:04:53 -0400
From: Shoq value <shoqvalue@gmail.com>
To: neal rauhauser <nrauhauser@gmail.com>
CC: socialactionsteering <socialactionsteering@googlegroups.com>

Thanks Neal,

Are you saying that you have found a Randy Hahn who runs that organization? Or were you being facetious?  When will we know more from the lawyer? May we copy Laffy on this? Your call.

On 5/20/2012 1:58 PM, neal rauhauser wrote:

I heard of this guy maybe a week ago. Per my investigation:

   Texas Coalition Against the Death Penalty has never heard of him.

   Gulf Coast Planned Parenthood does not know him as a donor, nor has he been visible with any anti-abortion crazies.

   DeGeurin & Dickison is not a big firm and they are indeed on the 7th floor of 1018 Preston in Houston.  The 6th floor is another law firm and the office manager at D&D has been there twenty years, never heard of R.J. Taylor-Hahn, Randy Hahn, or any “The Press, LLC”.

   Randy Hahn, Houston coordinator for Moderation Management (drunks who aren’t yet ready to recover), 42 years old, and apparently living in his mother’s basement(?)

   Two bit grifter, ideological bent, snooping as best he can under his own name,  unaware of the hideous things that will lunge out of the shadows at him.

    D&D said they’d do a cease & desist letter to get him to stop mentioning their name and given the information he has collected on some of you a charge for identity theft might be just the thing – the firm does criminal work so they presumably know where to take this. I will check up on these things on Monday.

   I have been sorely tempted to point him out to various actors – a guy like this, he could really produce some high quality entertainment for 4chan, Something Awful, Encyclopedia Dramatica, etc.

Ah, yes. Observe Neal’s telltale style of indenting emails. Remember who else does this? He would be none other than the “Gaped Crusader” sockpuppet also involved in this drama. I’ll bet ten thousand bucks that it’s Neal. More on Gaped Crusader’s sockpuppetry soon. Patterico, is it time to start the Gaped Crusader exposé? I think it is.

The first line of Neal’s email demonstrates that he’s admitted to conducting an investigation.

Neal, you little weasel! Why are you spying on Americans on behalf of Stop Rush, an extreme leftist political organization bent on silencing conservative speech, with ties to Media Matters for America? Wait… you’re a former eco-leftist? How did you move from huffing ammonia and hugging trees to leftist propaganda and overall asshattery? I see your little grubby fingerprints everywhere on Twittergate, Weinergate, Swattergate, Twittergulag, Anonymous/AnonyOps, Occupy, and StopRush, Mr. Rauhauser. All this goofy chicanery attacking Americans’ First Amendment rights. Can there be anything more un-American than assaulting others’ First Amendment freedoms?

True to form, Neal closes his email with threats. Some of these leftists like to try to destroy people’s reputations using basic oppo research that’s been leveraged against politicians for decades (AKA “doxing”). Wait a minute… didn’t that burn notice about Randy Hahn end up on Pastebin? Doh, and they already deleted it! Feeling the heat, perckerwoods? Guess what?! I still have the text from that Pastebin. I’ve embedded it below.

An example of Neal’s “hideous things that will lunge out of the shadows at” Randy? You decide. See how the first couple lines are indented – that peculiar telling habit again. Note how they admit that they’re anonymous in this statement: “Ask not for whom Anonymous trolls, Jason XXXX XXXXXX, Legion trolls for thee”

Neal, since we all know that you are behind this, why are you and/or your friends still such peckerwoods? And why, as leftists, are y’all so damned homophobic? The “faggot” comment about Ali Akbar is a bit much, don’t you think, tolerant left? Look in the mirror and say hi to your Gaped Crusader persona for me. He’s up next.

Hell, and we’re not even to Occupy Wall Street yet, Neal (and in small part, Matt). This is going to be a blast for the next couple weeks. Just make some popcorn, sit back, relax, and enjoy us exposing you. Your “friends” keep rolling over on you, as evidenced by my overflowing email inbox. As Oscar Wilde once said (you leftists read him right? I’m really trying to connect with you here.), ”A true friend stabs you in the front.“ Whoa… since The Trenches have engaged your deception via our full-frontal tactics, does this mean that we’re all friends now?! Mind blown. AMIRIGHT?!

By the way Neal, do you also consider Van Jones a close friend, or is that just Matt’s description of Van? I’m very curious about your answer to that question.

Bellum Letale

via thetrenches.us

so glad to know SOmebody is FINALLY investigating this shit!

p.s. I told you so!

Next?

U.S. Government Software Creates ‘Fake People’ on Social Networks to Promote Propaganda

Posted on by
Reply

The US government is offering private intelligence companies contracts
to create software to manage “fake people” on social media sites and create
the illusion of consensus on controversial issues.

The contract calls for the development of “Persona Management Software”
which would help the user create and manage a variety of distinct fake
profiles online. The job listing was discussed in recently leaked emails
from the private security firm

HBGary after
an attack by internet activist last week.


Click here to view the government contract.

According to the contract, the software would,

“protect the identity of government
agencies” by employing a number of false signals to convince users that
the poster is in fact a real person.

A single user could manage unique background
information and status updates for up to 10 fake people from a single
computer.

The software enables the government to shield its identity through a number
of different methods including the ability to assign unique IP addresses to
each persona and the ability to make it appear as though the user is posting
from other locations around the world.

Included in HBGary’s leaked emails was a government proposal for the
government contract. The document describes how they would ‘friend’ real
people on
Facebook as a way to convey government
messages.

 

The document reads:

“Those names can be cross-referenced across
Facebook, Twitter, MySpace, and other social media services to collect
information on each individual. Once enough information is collected
this information can be used to gain access to these individuals social
circles.


Even the most restrictive and security conscious of persons can be
exploited. Through the targeting and information reconnaissance phase, a
person’s hometown and high school will be revealed. An adversary can
create a
classmates.com account at the same high
school and year and find out people you went to high school with that do
not have Facebook accounts, then create the account and send a friend
request.

 

Under the mutual friend decision, which is
where most people can be exploited, an adversary can look at a targets
friend list if it is exposed and find a targets most socially
promiscuous friends, the ones that have over 300-500 friends, friend
them to develop mutual friends before sending a friend request to the
target.

 

To that end friend’s accounts can be
compromised and used to post malicious material to a targets wall. When
choosing to participate in social media an individual is only as
protected as his/her weakest friend.”

Other documents in the leaked emails include
quotes from HBGary CEO Aaron Barr saying,

“There are a variety of social media tricks
we can use to add a level of realness to all fictitious personas…
Using hashtags and gaming some location based check-in services we can
make it appear as if a persona was actually at a conference and
introduce himself/herself to key individuals as part of the exercise, as
one example.”

Additional emails between HBGary employees,
usually originating from Barr, discuss the vulnerability social networking
causes.

One employee wrote,

“and now social networks are closing the gap
between attacker and victim, to the point I just found (via linked-in)
112 females, wives of service men, all stationed at Hurlbert Field FL –
in case you don’t know this is where the CIA flies all their “private”
airlines out of. What a damn joke – the U.S. is no longer the super
power in cyber, and probably won’t be in other areas soon.”

Barr also predicted a steady rise in clandestine
or secret government operations to stem the flow of sensitive information.

“I would say there is going to be a
resurgence of black ops in the coming year as decision makers settle
with our inadequacies… Critical infrastructure, finance, defense
industrial base, and government have rivers of unauthorized
communications flowing from them and there are no real efforts to stop
it.”

The creation of internet propaganda software is
only one of HBGary’s controversial activities.

 

According to

Wikileaks competitor and occasional collaborator

Cryptome.org, several other progressive organizations were
intended to be targeted including,

  • anti-war activist

  • anti-torture organizations

  • groups opposed to the US Chamber of
    Commerce

 

via bibliotecapleyades.net

no, really?

U.S. Government Software Creates ‘Fake People’ on Social Networks to Promote Propaganda

Posted on by
Reply

The US government is offering private intelligence companies contracts
to create software to manage “fake people” on social media sites and create
the illusion of consensus on controversial issues.

The contract calls for the development of “Persona Management Software”
which would help the user create and manage a variety of distinct fake
profiles online. The job listing was discussed in recently leaked emails
from the private security firm

HBGary after
an attack by internet activist last week.


Click here to view the government contract.

According to the contract, the software would,

“protect the identity of government
agencies” by employing a number of false signals to convince users that
the poster is in fact a real person.

A single user could manage unique background
information and status updates for up to 10 fake people from a single
computer.

The software enables the government to shield its identity through a number
of different methods including the ability to assign unique IP addresses to
each persona and the ability to make it appear as though the user is posting
from other locations around the world.

Included in HBGary’s leaked emails was a government proposal for the
government contract. The document describes how they would ‘friend’ real
people on
Facebook as a way to convey government
messages.

 

The document reads:

“Those names can be cross-referenced across
Facebook, Twitter, MySpace, and other social media services to collect
information on each individual. Once enough information is collected
this information can be used to gain access to these individuals social
circles.


Even the most restrictive and security conscious of persons can be
exploited. Through the targeting and information reconnaissance phase, a
person’s hometown and high school will be revealed. An adversary can
create a
classmates.com account at the same high
school and year and find out people you went to high school with that do
not have Facebook accounts, then create the account and send a friend
request.

 

Under the mutual friend decision, which is
where most people can be exploited, an adversary can look at a targets
friend list if it is exposed and find a targets most socially
promiscuous friends, the ones that have over 300-500 friends, friend
them to develop mutual friends before sending a friend request to the
target.

 

To that end friend’s accounts can be
compromised and used to post malicious material to a targets wall. When
choosing to participate in social media an individual is only as
protected as his/her weakest friend.”

Other documents in the leaked emails include
quotes from HBGary CEO Aaron Barr saying,

“There are a variety of social media tricks
we can use to add a level of realness to all fictitious personas…
Using hashtags and gaming some location based check-in services we can
make it appear as if a persona was actually at a conference and
introduce himself/herself to key individuals as part of the exercise, as
one example.”

Additional emails between HBGary employees,
usually originating from Barr, discuss the vulnerability social networking
causes.

One employee wrote,

“and now social networks are closing the gap
between attacker and victim, to the point I just found (via linked-in)
112 females, wives of service men, all stationed at Hurlbert Field FL –
in case you don’t know this is where the CIA flies all their “private”
airlines out of. What a damn joke – the U.S. is no longer the super
power in cyber, and probably won’t be in other areas soon.”

Barr also predicted a steady rise in clandestine
or secret government operations to stem the flow of sensitive information.

“I would say there is going to be a
resurgence of black ops in the coming year as decision makers settle
with our inadequacies… Critical infrastructure, finance, defense
industrial base, and government have rivers of unauthorized
communications flowing from them and there are no real efforts to stop
it.”

The creation of internet propaganda software is
only one of HBGary’s controversial activities.

 

According to

Wikileaks competitor and occasional collaborator

Cryptome.org, several other progressive organizations were
intended to be targeted including,

  • anti-war activist

  • anti-torture organizations

  • groups opposed to the US Chamber of
    Commerce

 

via bibliotecapleyades.net

no, really?

Are My “Friends” Even Real People? – Revealed That Air Force Ordered Software to Manage Army of Fake Virtual People

Posted on by
Reply

These days, with

Facebook and Twitter and social
media galore, it can be increasingly hard to tell who your “friends” are.

But after this, Internet users would be well advised to ask another question
entirely:

Are my “friends” even real people?

In the continuing saga of data security firm

HBGary, a new caveat has come to light:

not only did they plot to help destroy
secrets outlet
WikiLeaks and discredit progressive bloggers, they also
crafted detailed proposals for software that manages online “personas,”
allowing a single human to assume the identities of as many fake people
as they’d like.

The revelation was among those contained in the
company’s emails, which were dumped onto bittorrent networks after hackers
with cyber protest group “Anonymous” broke into their systems.

In another document unearthed by “Anonymous,” one of HBGary’s employees also
mentioned gaming geolocation services to make it appear as though selected
fake persons were at actual events.

“There are a variety of social media tricks
we can use to add a level of realness to all fictitious personas,” it
said.
 

 

Government involvement

Eerie as that may be, more perplexing, however, is a federal contract from
the 6th Contracting Squadron at MacDill Air Force Base, located
south of Tampa, Florida, that solicits providers of “persona management
software.”

While there are certainly legitimate applications for such software, such as
managing multiple “official” social media accounts from a single input, the
more nefarious potential is clear.

Unfortunately, the Air Force’s contract description doesn’t help dispel
suspicions. As the text explains, the software would require licenses for 50
users with 10 personas each, for a total of 500.

 

These personas would have
to be,

“replete with background, history,
supporting details, and cyber presences that are technically, culturally
and geographically consistent.”

It continues, noting the need for secure virtual
private networks that randomize the operator’s Internet protocol (IP)
address, making it impossible to detect that it’s a single person
orchestrating all these posts.

 

Another entry calls for static IP address
management for each persona, making it appear as though each fake person was
consistently accessing from the same computer each time.

The contract also sought methods to anonymously establish virtual private
servers with private hosting firms in specific geographic locations. This
would allow that server’s “geosite” to be integrated with their social media
profiles, effectively gaming geolocation services.

The Air Force added that the “place of performance” for the contract would
be at MacDill Air Force Base, along with Kabul, Afghanistan and Baghdad. The
contract was offered on June 22, 2010.

It was not clear exactly what the Air Force was doing with this software, or
even if it had been procured.
 

 


Manufacturing consent

Though many questions remain about how the military would apply such
technology, the reasonable fear should be perfectly clear.

 

Persona management software” can be used to
manipulate public opinion on key information, such as news reports. An
unlimited number of virtual “people” could be marshaled by only a few real
individuals, empowering them to create the illusion of consensus.

You could call it a virtual flash mob, or a digital “Brooks Brothers Riot,”
so to speak: compelling, but not nearly as spontaneous as it appears.

That’s precisely what got DailyKos blogger Happy Rockefeller in a snit: the
potential for military-run armies of fake people manipulating and, in some
cases, even manufacturing the appearance of public opinion.

“I don’t know about you, but it matters to
me what fellow progressives think,” the blogger wrote.

 

“I consider all
views. And if there appears to be a consensus that some reporter isn’t
credible, for example, or some candidate for congress in another state
can’t be trusted, I won’t base my entire judgment on it, but it carries
some weight.

“That’s me. I believe there are many people though who will base their
judgment on rumors and mob attacks. And for those people, a fake mob can
be really effective.”

It was Rockefeller who was first to highlight
the Air Force’s “persona” contract, which was

available on a public website.

A call to MacDill Air Force Base, requesting an explanation of the contract
and what this software might be used for, was answered by a public affairs
officer who promised a call-back.

 

No reply was received at time of this
story’s publication.

Other e-mails circulated by HBGary’s CEO illuminate highly personal data
about critics of the US Chamber of Commerce, including detailed information
about their spouses and children, as well as their locations and
professional links. The firm, it was revealed, was just one part of a group
called “Team Themis,” tasked by the Chamber to come up with strategies for
responding to progressive bloggers and others.

“Team Themis” also included a proposal to use malware hacks against
progressive organizations, and the submission of fake documents in an effort
to discredit established groups.

HBGary was also behind a plot by Bank of America to destroy WikiLeaks’
technology platform, other emails revealed. The company was humiliated by
members of “Anonymous” after CEO
Aaron Barr bragged that he’d “infiltrated”
the group.

A request for comment emailed to HBGary did not receive a reply.
 

 


Update – HBGary
Federal among bidders

A list of interested vendors responding to the Air Force contract for
“persona management software” included HBGary subsideary HBGary Federal,
further analysis of a government website has revealed.

Other companies that offered their services included,

  • Global Business Solutions and Associates
    LLC

  • Uk Plus Logistics, Ltd.

  • NevinTelecom

  • Bunker Communications

  • Planmatrix LLC

 

via bibliotecapleyades.net

Are My “Friends” Even Real People? – Revealed That Air Force Ordered Software to Manage Army of Fake Virtual People

Posted on by
Reply

These days, with

Facebook and Twitter and social
media galore, it can be increasingly hard to tell who your “friends” are.

But after this, Internet users would be well advised to ask another question
entirely:

Are my “friends” even real people?

In the continuing saga of data security firm

HBGary, a new caveat has come to light:

not only did they plot to help destroy
secrets outlet
WikiLeaks and discredit progressive bloggers, they also
crafted detailed proposals for software that manages online “personas,”
allowing a single human to assume the identities of as many fake people
as they’d like.

The revelation was among those contained in the
company’s emails, which were dumped onto bittorrent networks after hackers
with cyber protest group “Anonymous” broke into their systems.

In another document unearthed by “Anonymous,” one of HBGary’s employees also
mentioned gaming geolocation services to make it appear as though selected
fake persons were at actual events.

“There are a variety of social media tricks
we can use to add a level of realness to all fictitious personas,” it
said.
 

 

Government involvement

Eerie as that may be, more perplexing, however, is a federal contract from
the 6th Contracting Squadron at MacDill Air Force Base, located
south of Tampa, Florida, that solicits providers of “persona management
software.”

While there are certainly legitimate applications for such software, such as
managing multiple “official” social media accounts from a single input, the
more nefarious potential is clear.

Unfortunately, the Air Force’s contract description doesn’t help dispel
suspicions. As the text explains, the software would require licenses for 50
users with 10 personas each, for a total of 500.

 

These personas would have
to be,

“replete with background, history,
supporting details, and cyber presences that are technically, culturally
and geographically consistent.”

It continues, noting the need for secure virtual
private networks that randomize the operator’s Internet protocol (IP)
address, making it impossible to detect that it’s a single person
orchestrating all these posts.

 

Another entry calls for static IP address
management for each persona, making it appear as though each fake person was
consistently accessing from the same computer each time.

The contract also sought methods to anonymously establish virtual private
servers with private hosting firms in specific geographic locations. This
would allow that server’s “geosite” to be integrated with their social media
profiles, effectively gaming geolocation services.

The Air Force added that the “place of performance” for the contract would
be at MacDill Air Force Base, along with Kabul, Afghanistan and Baghdad. The
contract was offered on June 22, 2010.

It was not clear exactly what the Air Force was doing with this software, or
even if it had been procured.
 

 


Manufacturing consent

Though many questions remain about how the military would apply such
technology, the reasonable fear should be perfectly clear.

 

Persona management software” can be used to
manipulate public opinion on key information, such as news reports. An
unlimited number of virtual “people” could be marshaled by only a few real
individuals, empowering them to create the illusion of consensus.

You could call it a virtual flash mob, or a digital “Brooks Brothers Riot,”
so to speak: compelling, but not nearly as spontaneous as it appears.

That’s precisely what got DailyKos blogger Happy Rockefeller in a snit: the
potential for military-run armies of fake people manipulating and, in some
cases, even manufacturing the appearance of public opinion.

“I don’t know about you, but it matters to
me what fellow progressives think,” the blogger wrote.

 

“I consider all
views. And if there appears to be a consensus that some reporter isn’t
credible, for example, or some candidate for congress in another state
can’t be trusted, I won’t base my entire judgment on it, but it carries
some weight.

“That’s me. I believe there are many people though who will base their
judgment on rumors and mob attacks. And for those people, a fake mob can
be really effective.”

It was Rockefeller who was first to highlight
the Air Force’s “persona” contract, which was

available on a public website.

A call to MacDill Air Force Base, requesting an explanation of the contract
and what this software might be used for, was answered by a public affairs
officer who promised a call-back.

 

No reply was received at time of this
story’s publication.

Other e-mails circulated by HBGary’s CEO illuminate highly personal data
about critics of the US Chamber of Commerce, including detailed information
about their spouses and children, as well as their locations and
professional links. The firm, it was revealed, was just one part of a group
called “Team Themis,” tasked by the Chamber to come up with strategies for
responding to progressive bloggers and others.

“Team Themis” also included a proposal to use malware hacks against
progressive organizations, and the submission of fake documents in an effort
to discredit established groups.

HBGary was also behind a plot by Bank of America to destroy WikiLeaks’
technology platform, other emails revealed. The company was humiliated by
members of “Anonymous” after CEO
Aaron Barr bragged that he’d “infiltrated”
the group.

A request for comment emailed to HBGary did not receive a reply.
 

 


Update – HBGary
Federal among bidders

A list of interested vendors responding to the Air Force contract for
“persona management software” included HBGary subsideary HBGary Federal,
further analysis of a government website has revealed.

Other companies that offered their services included,

  • Global Business Solutions and Associates
    LLC

  • Uk Plus Logistics, Ltd.

  • NevinTelecom

  • Bunker Communications

  • Planmatrix LLC

 

via bibliotecapleyades.net

Freed Indian admits he was a spy

Posted on by
Reply
Freed Indian admits he was a spy

Released Indian prisoner Kashmir Singh crosses the Pakistan-India international border at the Wagah border post

Mr Singh received a rapturous welcome on his return to India

An Indian man released from a Pakistani prison on Monday after spending 35 years on death row has admitted that he was a spy.

Kashmir Singh also criticised the Indian government which he said did nothing for him or his family while he was in jail.

He said he would not give details of his detention in case it jeopardised other Indians in jail in Pakistan.

He was sentenced to death in 1973, for spying in Pakistan.

‘Not a penny’

“I did the duties assigned to me as a spy,” Mr Singh said on Friday, the Press Trust of India (PTI) reports.

Kashmir Singh waves on the Indian border with Pakistan
In pictures: Home at last
A timeless love story

“After my arrest… successive (Indian) governments did nothing for me,” he told journalists in the city of Chandigarh. “The government after my arrest did not bother to spend a single penny for my family.”

Mr Singh appeared reluctant to give many details about his imprisonment although he did say he had been chained up for 17 years of his detention.

His release was spearheaded by Ansar Burney, a social worker and cabinet minister who tracks people lost in Pakistan’s jail system.

India and Pakistan have jailed hundreds of each other’s soldiers and civilians during times of hostility.

Pakistani officials said that while Mr Singh’s release was unconditional, they hoped it would lead to further prisoner exchanges.

‘Hell on earth’

Ansar Burney discovered Mr Singh on a recent trip to a jail in Lahore and persuaded Pakistan President Pervez Musharraf to revoke his death sentence and order his release.

Mr Singh was a former policeman who had become a trader in electronic goods.

He was arrested in the city of Rawalpindi in 1973 and convicted of spying.

Pakistan and India frequently arrest each other’s citizens, often accusing them of straying across the border – some are treated as spies.

Mr Burney is currently the government’s caretaker minister for human rights.

Mr Burney said last week that Mr Singh had been held in a condemned prisoner’s cell for most of the time since his conviction and had become mentally ill.

He said that he was first informed about the case several years ago by members of the Indian community in London.

But he was unable to locate Mr Singh, despite visiting more than 20 jails across the country in connection with his campaign for prison reforms and prisoners’ rights.

The minister said Mr Singh had not received a single visitor or seen the open sky and, like other condemned prisoners, was locked in an overcrowded cell for more than 23 hours a day, in conditions which the minister described as “hell on Earth”.

via news.bbc.co.uk

WikiLeaks Attacks Reveal Surprising, Avoidable Vulnerabilities | Threat Level | Wired.com

Posted on by
Reply

WikiLeaks Attacks Reveal Surprising, Avoidable Vulnerabilities

Some online service providers are in the cross hairs this week for allegedly
abandoning WikiLeaks after it published secret U.S. diplomatic cables and drew
retaliatory technical, political and legal attacks. But the secret-spilling
site’s woes may be attributable in part to its own technical and administrative
missteps as well as outside attempts at censorship.

Struggling with denial-of-service attacks on its servers earlier this week,
WikiLeaks moved to Amazon’s EC2 cloud-based data-storage service only to be
summarily booted off on Wednesday, ostensibly for violations of Amazon’s terms
of service. Then on Thursday its domain-name service provider, EveryDNS, stopped
resolving WikiLeaks.org, amid a new DoS attack apparently aimed at the DNS
provider.

While WikiLeaks was clearly targeted, its weak countermeasures drew criticism
from network engineers. They questioned its use of a free DNS service such as
EveryDNS, as well as other avoidable errors that seem to clash with WikiLeaks’
reputation as a tech-savvy and cautious enterprise hardened to withstand any
concerted technical attack on its systems.

“If they wanted to help users get past their DNS problems, they could tweet
for assistance, tweet their IP addy and ask to be re-tweeted, ask owners of
authorities to set up wikileaks.$FOO.com to ‘crowd source’ their name, etc.,” observed one
poster to the mailing list for the North American Network Operating Group.
“So at the very least, they are guilty of not being imaginative.”

“IMHO it is a gambit to ask for money,” wrote another.

WikiLeaks’ downtime was short-lived, with the site
announcing Friday on Twitter that it was operational on WikiLeaks.de,
WikiLeaks.fi, WikiLeaks.nl and WikiLeaks.ch — the country codes respectively for
Germany, Finland, the Netherlands and Switzerland. The scattering followed a
Thursday outage of WikiLeaks.org and the “Cablegate” subsite, that occurred when
EveryDNS cut off the secret-spilling site.

Unlike the incident this week in which Amazon unceremoniously booted
WikiLeaks from its servers, the latest outage appears to have had less to do
with censorship than with WikiLeaks’ inattention to the more-mundane side of
running an organization.

.sidebar-right ul li {list-style-type:none;}
–>More
WikiLeaks Cablegate Coverage

  • Russia’s
    Shadow War on Georgia, WikiLeaked     December 3, 2:16 PM

  • WikiLeak:
    Pakistanis ‘Sabotage’ U.S. Mercs, Gear, Diplos     December 2, 9:27
    PM

  • WikiLeaked
    Cable Confirms U.S.’ Secret Somalia Op     December 2, 2:44
    PM

  • WikiLeaks
    Hasn’t Broken U.S. Intelligence. Yet.     December 1, 6:42
    PM

  • Did
    North Korea Really Give Iran Mega-Missiles?     December 1, 1:11
    PM

  • PayPal Freezes
    WikiLeaks Account     December 4, 8:31 AM

  • WikiLeaks
    Attacks Reveal Surprising, Avoidable Vulnerabilities     December 4,
    12:02 AM

  • Lieberman Introduces
    Anti-WikiLeaks Legislation     December 2, 11:32 PM

  • Salaries of
    WikiLeaks Staffers to Be Revealed in New Report     December 1, 11:51
    PM

  • Interpol
    Issues ‘Red Notice’ for Arrest of WikiLeaks’ Julian Assange     November
    30, 10:42 PM

    • EveryDNS is a free, donation-supported service run by New Hampshire’s Dyn
    Inc. Like thousands of other DNS providers it does the small but crucial job of
    mapping a user-friendly internet domain name, like wired.com, to a numeric IP
    address that actually means something to the internet’s underlying
    infrastructure.

    It’s unclear why WikiLeaks went with a free provider, instead of paying for
    bulletproof DNS that could withstand attack. But according to EveryDNS, the
    distributed denial-of-service attacks that have been dogging WikiLeaks were
    threatening to overrun EveryDNS’s servers, which serve some 500,000 sites.

    The company responded by notifying WikiLeaks on Wednesday that it was going
    to drop the organization in 24 hours, according to a statement on EveryDNS’ website. It reached out to
    WikiLeaks on the e-mail address associated with the account, on Twitter, and
    even visited the group’s encrypted chat room to try and pass word to the
    staff.

    That should have been more than enough time for WikiLeaks to move its DNS.
    Instead, Thursday night, visitors could no longer reach WikiLeaks.org.

    “Any downtime of the wikileaks.org website has resulted from its failure to,
    with plentiful advance notice, use another DNS solution,” reads EveryDNS’s
    statement.

    Rather than tweeting the IP addresses of WikiLeaks hosts, which would allow
    visitors to continue to reach the site uninterrupted, WikiLeaks initially used
    the outage to encourage donations, tweeting instead: “WikiLeaks.org domain
    killed by US everydns.net after claimed mass attacks KEEP US STRONG
    https://donations.datacell.com/”.

    >

    And a follow-up tweet noted: “You can also easily support WikiLeaks via
    http://collateralmurder.com/en/support.html”.

    >

    WikiLeaks fans on Twitter discovered and circulated WikiLeaks’ working
    addresses on their own, until about three hours after the outage began, when the
    organization tweeted: “WIKILEAKS: Free speech has a number:
    http://88.80.13.160″.

    WikiLeaks followed that up by promoting WikiLeaks.ch as an alternative
    address, but that domain, too, turned out to be resolved by EveryDNS, which shut
    it down.

    WikiLeaks had the four regional domains working on Friday, resolving to hosts
    in Sweden and France. Domain-registration records show that WikiLeaks still has
    control of the WikiLeaks.org, but for whatever reason, the organization still
    has EveryDNS set as its name server for that domain.

    The incident isn’t the first time WikiLeaks has suffered from a bureaucratic
    snafu. On June 12, WikiLeaks’ secure submission page stopped working when the
    site failed to
    renew its SSL certificate    , a basic web protection that costs less than $30 a
    year and takes only hours to set up.

    And for years WikiLeaks promised would-be leakers that they’d enjoy the
    protection of strong journalist shield laws in Sweden, where WikiLeaks maintains
    some of its servers. It wasn’t until August of this year that it emerged that
    WikiLeaks hadn’t
    registered as a media outlet     in Sweden, and thus wasn’t protected.

    That latter disclosure sent founder Julian Assange to Stockholm in August in
    an effort to correct the oversight. His romantic entanglements on that trip led
    to an ongoing sex-crime investigation and the issuance this week of an Interpol “red
    notice”     putting Assange on the international police agency’s wanted
    list.

    Photo: Julian Assange
    Lily Mihalik/Wired.com

    Kevin
    Poulsen is a senior editor at Wired.com and editor of the award-winning Threat
    Level blog. His new book on cybercrime, KINGPIN, comes out February 22, 2011
    from Crown.
    Follow @kpoulsen on
    Twitter.

    Tags: ,

    via wired.com

    http://www.wired.com/threatlevel/2010/12/wikileaks-domain/

    CIA drew up ‘spy list’ – Americas, World – The Independent [SEE COMMENTS FOR DE-CODED TEXT]

    Posted on by
    1
    Sponsored Links

    ‘);
    google_ad_client = ‘ca-pub-5964551156905038’;
    if (ref_url.indexOf(“/arts-entertainment”) != -1) {
    google_ad_channel = ‘6756172661+4791354580’;
    } else if (ref_url.indexOf(“/environment”) != -1) {
    google_ad_channel = ‘6756172661+1107748553’;
    } else if (ref_url.indexOf(“/indybest”) != -1) {
    google_ad_channel = ‘6756172661+3474960607’;
    } else if (ref_url.indexOf(“/life-style”) != -1) {
    google_ad_channel = ‘6756172661+2301525710’;
    } else if (ref_url.indexOf(“/money”) != -1) {
    google_ad_channel = ‘6756172661+3913758598’;
    } else if (ref_url.indexOf(“/news”) != -1) {
    google_ad_channel = ‘6756172661+1985344535’;
    } else if (ref_url.indexOf(“/offers”) != -1) {
    google_ad_channel = ‘6756172661+4759364625’;
    } else if (ref_url.indexOf(“/opinion”) != -1) {
    google_ad_channel = ‘6756172661+6546546544’;
    } else if (ref_url.indexOf(“/sport”) != -1) {
    google_ad_channel = ‘6756172661+5668950562’;
    } else if (ref_url.indexOf(“/student”) != -1) {
    google_ad_channel = ‘6756172661+4306162616’;
    } else if (ref_url.indexOf(“/travel”) != -1) {
    google_ad_channel = ‘6756172661+9352556589’;
    } else {
    google_ad_channel = ‘6756172661’;
    }
    google_ad_output = ‘js’;
    google_max_num_ads = ‘4’;
    google_ad_type = ‘text’;
    google_image_size = ‘728×90’;
    google_feedback = ‘on’;
    }else {
    document.write(‘

    ‘);
    }

    ‘);
    } else {
    document.write(”);
    }

    5)
    $(“div.box”).removeAttr(“style”);
    }); });

    A wish list of information that the US State Department was
    asked to find out about on Ban Ki-moon, the general secretary of the United
    Nations, and was described as a “spy’s shopping list” was drawn up by the CIA,
    it was claimed. Information demanded by the list included data such as credit
    card numbers.

    The list is one of the most embarassing documents to emerge
    from the WikiLeaks saga and the Guardian newspaper now says it has evidence it
    was the brainchild of the CIA’s Humint – human intelligence – section.

    Related articles

    via independent.co.uk

    Sponsored LinksAds by Google

    Masters in Diplomacy

    Earn a Masters in DiplomacyOnline at Norwich University.

    www.Norwich.Edu/Diplomacy

    Sharp Solar Cells

    Leading the world with an energyconversion efficiency of 35.8%

    sharp-solar.com

    Susan Boyle – New Album

    “The Gift” is now available.Preview it here & download today!

    amazon.com/music

    Masters in Public Policy

    Earn a Master’s Degree in PublicPolicy Online at NEC. Free Brochure

    PublicPolicy.NEC.edu

    A wish list of information that the US State Department was asked to find out about on Ban Ki-moon, the general secretary of the United Nations, and was described as a “spy’s shopping list” was drawn up by the CIA, it was claimed. Information demanded by the list included data such as credit card numbers.

    The list is one of the most embarassing documents to emerge from the WikiLeaks saga and the Guardian newspaper now says it has evidence it was the brainchild of the CIA’s Humint – human intelligence – section.

    Related articles

    •Colonel condemns leaks about army in Afghanistan

    •WikiLeaks fights to stay online amid attacks

    •Putin accused of giving Berlusconi cut from energy deals

    •From top to bottom, how corruption infects Russia

    •Brown ‘lurches from disaster to disaster’, said ambassador

    •Jerome Taylor: Even without its founder, WikiLeaks will go on

    •Leading article: The Governor of the Bank of England should know his place

    •Net closes on Assange: arrest by British police expected in days

    •Key ally in Helmand privately criticised British policies

    •German anger over America’s ’15 per cent cut of Afghan aid’

    •British objections to spying flights were dismissed

    •Wikileaks round-up: Turkmenistan leader ‘vain and corrupt’

    •Letters: Wikileaks saga shows that no data is safe

    Search the news archive for more stories