Hackers

Fascinating Greek parallel euro payment network nearly activated in crisis, after hacking into EU-controlled systems to clone tax IDs

It can't be emphasized enough that the global debt complex we are all trapped in is reproduced daily by sophisticated (and in many cases quite old & deteriorated) computers. There is no magic man behind the curtain, just a bunch of nasty computer systems whose authority is enforced by central banking authorities like the Troika, IMF, World Bank, Bank for International Settlements and the Federal Reserve System.

This is one of the biggest stories at this level I have seen in ages, perhaps ever. Fascinating story very worth reading: A secret lolcat team in Greece's finance ministry hacked into their own EU-controlled systems and had a parallel financial network ready to go, but it all got wound down. Apparently FM Varoufakis resigned as a result of the plan being halted - and overall it was a pretty cool plan under dire national circumstances of emergency survival vs austerity.

Varoufakis reveals cloak and dagger 'Plan B' for Greece, awaits treason charges - Telegraph;

VFakDrak_0.png

A secret cell at the Greek finance ministry hacked into the government computers and drew up elaborate plans for a system of parallel payments that could be switched from euros to the drachma at the "flick of a button" .

The revelations have caused a political storm in Greece and confirm just how close the country came to drastic measures before premier Alexis Tsipras gave in to demands from Europe's creditor powers, acknowledging that his own cabinet would not support such a dangerous confrontation.

Yanis Varoufakis, the former finance minister, told a group of investors in London that a five-man team under his control had been working for months on a contingency plan to create euro liquidity if the European Central Bank cut off emergency funding to the Greek financial system, as it in fact did after talks broke down and Syriza called a referendum.

People really need to pay more attention to the crappy computers running the whole financial system, see also very important here: Bank IT, Grexit, and Systemic Risk | naked capitalism - lots of gory details:

On the IT front, the challenge is vastly larger due to the state of financial firm IT systems. We intend to return to this topic, because we see bank IT systems as an unrecognized source of systemic risk. They are required to run to mission critical standards: enormous transaction volumes, extremely high demands for accuracy of end output, high uptimes. Yet the code base is an agglomeration, with many important operations relying in meaningful ways on legacy systems. Thus, as our expert with relevant experience stressed, changes that seem simple are anything but.

VaroufakisStare_0.pngThis is precisely why it is so important to understand these systems and come up with intermediate replacements, as your local version of the ECB is always waiting to make its next move for artificial austerity & assorted lethal games all taking place inside these computers…

More: Reports Of Secret Drachma Plots Leave Tsipras Facing Fresh Crisis | Zero Hedge, Syriza "Rebels" Planned To Ransack Greek Mint, Seize Cash Reserves, Arrest Central Bank Governor | Zero Hedge.

Varoufakis claims had approval to plan parallel banking system | News | ekathimerini.com

Former Finance Minister Yanis Varoufakis has claimed that he was authorized by Alexis Tsipras last December to look into a parallel payment system that would operate using wiretapped tax registration numbers (AFMs) and could eventually work as a parallel banking system, Kathimerini has learned.

In a teleconference call with members of international hedge funds that was allegedly coordinated by former British Chancellor of the Exchequer Norman Lamont, Varoufakis claimed to have been given the okay by Tsipras last December – a month before general elections that brought SYRIZA to power – to plan a payment system that could operate in euros but which could be changed into drachmas "overnight" if necessary, Kathimerini understands.

Varoufakis worked with a small team to prepare the plan, which would have required a staff of 1,000 to implement but did not get the final go-ahead from Tsipras to proceed, he said.

The call took place on July 16, more than a week after Varoufakis left his post as finance minister.

The plan would involve hijacking the AFMs of taxpayers and corporations by hacking into General Secretariat of Public Revenues website, Varoufakis told his interlocutors.This would allow the creation of a parallel system that could operate if banks were forced to close and which would allow payments to be made between third parties and the state and could eventually lead to the creation of a parallel banking system, he said.

As the general secretariat is a system that is monitored by Greece’s creditors and is therefore difficult to access, Varoufakis said he assigned a childhood friend of his, an information technology expert who became a professor at Columbia University, to hack into the system. A week after Varouakis took over the ministry, he said the friend telephoned him and said he had “control” of the hardware but not the software "which belongs to the troika."

….

"The prime minister before he became PM, before we won the election in January, had given me the green light to come up with a Plan B. And I assembled a very able team, a small team as it had to be because that had to be kept completely under wraps for obvious reasons. And we had been working since the end of December or beginning of January on creating one.

"What we planned to do was the following. There is the website of the tax office like there is in Britain and everywhere else, where citizens, taxpayers go into the website they use their tax file number and they transfer through web banking monies from the bank account to their tax file number so as to make payments on VAT, income tax and so on and so forth.

“We were planning to create, surreptitiously, reserve accounts attached to every tax file number, without telling anyone, just to have this system in a function under wraps. And, at the touch of a button, to allow us to give PIN numbers to tax file number holders, to taxpayers.

"That would have created a parallel banking system while the banks were shut as a result of the ECBs aggressive action to deny us some breathing space.

"This was very well developed and I think it would have made a very big difference because very soon we could have extended it, using apps on smartphones and it could become a functioning parallel system and of course this would be euro denominated but at the drop of a hat it could be converted to a new drachma.

"But let me tell you - and this is quite a fascinating story - what difficulties I faced. The General Secretary of Public Revenues within my ministry is controlled fully and directly by the troika. It was not under control of my ministry, of me as minister, it was controlled by Brussels.

Ok, so problem number one: The general secretary of information systems on the other hand was controlled by me, as minister. I appointed a good friend of mine, a childhood friend of mine who had become professor of IT at Columbia University in the States and so on. I put him in because I trusted him to develop this……


a week or so after we moved into the ministry, he calls me up and says to me: 'You know what? I control the machines, I control the hardware but I do not control the software. The software belongs to the troika controlled General Secretary of Public Revenues. What do I do?'

…..

"So we decided to hack into my ministry’s own software program in order to be able break it up to just copy just to copy the code of the tax systems website onto a large computer in his office so that he can work out how to design and implement this parallel payment system.

"And we were ready to get the green light from the PM when the banks closed in order to move into the General Secretariat of Public Revenues, which is not controlled by us but is controlled by Brussels, and to plug this laptop in and to energize the system.


Obviously it was a disappointment to many sane people that Syriza seems to have mostly folded to the Troika but perhaps the Secret Team tactic could be used when the next big one hits the fan and an entrapped debtor nation decides to quickly assert technical sovereignty.

But how to pull this again without tipping the hand? And could it be used again by Greece, now that the word is out? What will happen to Varoufakis' rather exposed techie friend, assuming it's accurate? A fascinating and very pertinent story, I can only hope gets dramatized in some fashion.

Get these computers because one way or another, they are definitely gonna getcha, getcha, getcha…


Update: worth pointing out the Federal Reserve drama over banks wanting their electronically created money kicked back from the Fed. Interesting because it unravels a 100-year-old pact between Congress and banks, as well as highlighting the bizarre secretive and lucrative bank membership in Fed regional entities. Great source of electronic "money" to put into the roads, Ace work whoever managed to slide this policy under the nose of the bank lobbyist fleet.

The Hill, 7/25/2015 - Banks revolt over plan to kill $17B Fed payout by Peter Schroeder

Industry lobbyists say they were blindsided by the inclusion of the provision, which would help policymakers cover the bill’s cost by cutting the regular dividend the Federal Reserve pays to its member banks.

One lobbyist went so far as to reread the Federal Reserve Act of 1913 after getting wind of the proposal to determine what was at stake.
“I think it took everyone by surprise,” said Paul Merski with the Independent Community Bankers of America. “There was no study of the issue, no hearings, no consultation with the Federal Reserve itself.”

“It came on very quickly,” said James Ballentine of the American Bankers Association, who said he first caught wind of the idea a little over a week ago. “It’s certainly a scramble.”

In a Congress where lawmakers are always hunting for politically palatable ways to raise revenue or cut costs to cover the expenses of additional legislation, the Fed provision was a novel, and rich, one. The proposal is estimated to raise $17 billion over the next decade, and is by far the richest “pay for” included in the bill.

Lobbyists said they were not aware of any previous time when lawmakers had attached the language to a piece of legislation, which would scrap a perk banks have come to expect for over a century.

When banks join the Federal Reserve system, they are required to buy stock in the central bank equal to 6 percent of their assets. However, that stock does not gain value and cannot be traded or sold, so to entice banks to participate, the Fed pays out a 6 percent dividend payment.

The Senate proposal says it would slash that “overly generous” payout to 1.5 percent for all banks with more than $1 billion in assets. While the summary language outlining the proposal said that change would only impact “large banks,” industry advocates argued that banks most would identify as small community shops could easily have assets in excess of that amount.

Banks are working to mobilize against the provision, even as lawmakers are pushing to pass a highway bill before program funding expires at the end of the month.

Merski said ICBA had launched a “nationwide grassroots effort,” enlisting its numerous member banks and bankers and told them to call Senate offices to oppose the provision.

And Ballentine said his group was engaged in a concerted education effort for members, outlining why the industry believes the policy change would be disruptive and has no place in highway legislation.

Five major industry groups also sent a letter to lawmakers blasting the provision, saying it “undermines a key agreement that has underpinned the United States banking system for 100 years.”

Senate Banking Committee Chairman Richard Shelby (R-Ala.) opposes the provision, and invited Fed Chairwoman Janet Yellen to opine on it when she appeared before his panel earlier this month.

She told lawmakers that if the dividend payment is reduced, some banks may not want to buy into the Fed.

“This is a change that likely would be a significant concern to the many small banks that receive the dividend,” she said.

Donald Kohn, the former vice chair of the Fed, told House lawmakers Wednesday that the proposal would be one directly felt by banks.

“Let’s recognize that by lowering it to, say, 1.5 percent on the proposal, in effect you are placing a tax on banks,” he told the House Financial Services Committee.

A review of previous policy proposals suggests that the idea may have first been thought up by House liberals. The 2014 budget proposal from the Congressional Progressive Caucus put forward the idea to raise revenue, and a CPC aide said he believed it was the first time someone in Congress proposed the idea. But the Senate highway bill apparently marks the first time members have actually placed it in actual legislation.

This all reminds me that the Federal Reserve Bank [Atlanta] branch in Miami would have some fascinating figures benefiting its busy member banks from the 1980s in the Iran Contra cocaine salad days, but that's another story... [Jeb Bush's angle in the Miami Dade Republican Party/Cartel days is treated in this hilarious Daily Beast limited hangout, spurring hope of awesome JebCokeCIA campaign stories (or videos?) yet to come.]

Barrett Brown Bonus Points; Listening for the Panaudicon; "Highlands Group" Pentagon incubator network for Intelligence kickstarts Google; Four Rogue Lords & UK Snoopers Charter

Roundup post. Barrett Now on the Hook for Stratfor My Post Cyberpunk Indentured Servitude - The Daily Beast [DailyBeast dropped the "you lost some rights" headline apparently as well]. Imprisoned journalist Barrett Brown gets his Declaration of Independence Back, but the +5 snark chainmail didn't do any good: cryptome.org/2015/01/brown-105.pdf

Federal sentencing agreements add and subtract points based on mysterious, occult rules derived from RolePlayingGames deep in the sweaty basement of the Federalist Society on the Yale campus.

201502010154.jpg

As you can see, both dexterity and Photoshop skilz qualify as "deadly skull" level 63 month sentence:

dnd-resume-1.jpg
Wait maybe this is actually the real one.

linkpastingpenalty.png

Yes "Unauthorized Access Devices" is hyperlinks.

via ( Clever: D&D Character Sheet Styled Resume | Geekologie & http://www.mmorpg-info.org/wp-content/uploads/2008/07/dd2.jpg )

Quinn Norton: We Should All Step Back from Security Journalism — The Message — Medium.

//////

Intelligence community incubated Google: A few pretty large chunks turned up with new work from Nafeez Ahmed via crowdfunding, focused on period around the time Google was developed at Stanford. One of the computer scientists involved disputes part of Ahmed's story (and prepended his PDF source at that URL w a new statement), but the overall scope of the Highlands Forum / Group, along with the CIA's In-Q-Tel venture capital development/incubator operations, reconfigures our understanding of intersecting tech and intelligence worlds.

SEE: HIGHLANDS GROUP - About

Highlands Group Overview The Highlands Group is an international consulting network that has been interestingly termed an "intellectual capital venture firm" with extensive experience assisting corporations, organizations, and government leaders frame issues and consider alternatives in the achievement of their objectives. The Highlands Group is a leader in helping clients to explore the edges for new ideas and approaches, create new networks, manage creativity, and succeed. The Highlands Group provides clients with a wide range of services, including: strategic planning, scenario creation and gaming for expanding global markets, and special events planning and assistance. The Highlands Group assists clients in identifying new technologies, ideas, and opportunities. Highlands draws on a network of subject matter experts and facilitates cross-disciplinary gatherings of creative thinkers, working with clients to build strategies for execution. We are a small and agile firm, supported by the strengths of a global network of experts, and provide our clients with personal involvement and dedication. The Highlands Group is headquartered in Washington, D.C. and Carmel Highlands, California, and is supported by a network of companies and independent researchers. It is truly a collaborative effort with great contributions from our sponsors; our Highlands Forum partners for the past ten years at SAIC; and the vast Highlands network of participants in the Highlands Forum, Singaporean Island Forum, the St. Michaels Forum, and the Information Engagement Forum.

Highlands Forum also has Thomas Barnett who provided crucial early post-9/11 backing for "core and gap" geopolitical dichotomy and 'rule setting' military hegemony quests within Pentagon circles. I read his book ages ago Thomas P.M. Barnett's Globlogization - The Pentagon's New Map: War & Peace in the 21st C. - it is important for understanding what framework got installed - as Ahmed digs up this was a transmission belt for Barnett and many others.

This gives earlier knowledge than the more wellknown roots of Google Earth as CIA's In-Q-Tel supported Keyhole -- they bought it partially from In-Q-Tel and turned in to Google Earth Enterprise as a platform for geospatial intelligence (GEO INT).

The powers that be have a strong interest in having one big Google (and Walmart, and foreign militant groups etc) - so it's no surprise that support among key figures - along with funding and special privileges, eventually contracts - to keep the tech scene consolidated.

INSURGE INTELLIGENCE, a new crowd-funded investigative journalism project, breaks the exclusive story of how the United States intelligence community funded, nurtured and incubated Google as part of a drive to dominate the world through control of information. Seed-funded by the NSA and CIA, Google was merely the first among a plethora of private sector start-ups co-opted by US intelligence to retain ‘information superiority.’

The origins of this ingenious strategy trace back to a secret Pentagon-sponsored group, that for the last two decades has functioned as a bridge between the US government and elites across the business, industry, finance, corporate, and media sectors. The group has allowed some of the most powerful special interests in corporate America to systematically circumvent democratic accountability and the rule of law to influence government policies, as well as public opinion in the US and around the world. The results have been catastrophic: NSA mass surveillance, a permanent state of global

PART 1: How the CIA made Google — Medium

PART 2: Why Google made the NSA — Medium

There is plenty to go over here and many links - it is a lot of material to get through, but worth your time. See Clifton - CV - Technical Reports . The Anatomy of a Search Engine.

///////

Ubiquity of web enabled microphones: very much worth reading. If you don't know how the zeroday market works now especially. via https://panaudicon.wordpress.com/ - Jan 23 2015

Cross posted at Cryptome.org: On the Ubiquity of Web-enabled Microphones

Bruce Schneier (computer security expert, now also with the EFF) has remarked: "It's bad civic hygiene to build technologies that could someday be used to facilitate a police state. No matter what the eavesdroppers and censors say, these systems put us all at greater risk."

There are two elements of this emerging technology that prompt me to regard this as bad civic hygiene: the omnipresence of these microphones, and the increasing lack of technological constraint allowing their compromise by state and other actors.

When I say "increasing lack of technological constraint", I am referring to several things: the descriptions of actions by agencies such as NSA, GCHQ, and the FBI who are specifically targeting smartphones (e.g. Tailored Access Operations of NSA and Remote Operations Unit of FBI), the exploding grey market for zero-day vulnerabilities dominated by state actors (especially the United States), and the emerging market for contractors who are developing exploits and software tools which enable to these vulnerabilities to be efficiently utilized. (Vupen in France, Hacking Team in Italy, Endgame Systems in U.S., FinFisher in the U.K., etc.)

Zero-day vulnerabilities are essentially unintentional backdoors that are discovered in various software applications every year by hackers. There are hundreds of these things discovered every year, and they are an unavoidable by-product of the software development cycle. They are a special kind of software bug that can permit a third-party who knows about them to take over a person's device. Sort of like skeleton keys which allow entry into anyone's device that happens to use the operating system or application in which the vulnerability is discovered, and they permit various degrees of power over a person's device. Programmers create exploits known as "zero-day exploits" to make use of these vulnerabilities. A market has emerged whereby these exploits are sold to the highest bidders, which, unsurprisingly, happen to be state actors. An exploit for the iPhone's iOS was sold for $500,000 at one point to an unknown buyer -- the NSA perhaps, but every intelligence agency on the planet is willing to pay top dollar for these things. Parties are willing to pay much more if it seems the exploit is likely to go undetected for some time and if it provides a lot of power over the device (laptop, smartphone, or tablet). However, when a vulnerability is discovered "in the wild" and reported to the software company (as should be the case), the value drops to near zero very quickly as the software company develops a "patch" and sends out security updates to consumers. In any event, the result of these activities over just the past decade is that sophisticated intelligence agencies, and certainly the FBI and NSA, now possess a revolving set of skeleton keys that allow them to reach inside virtually anyone's device on the planet. They don't need a warrant to do this, and they don't need permission from the telecoms or software companies. They don't have to notify any third parties that this is happening. This is a HUGE amount of power for any state actor to have.

Federal law enforcement agencies like the FBI have been clamoring for mandatory backdoors into all these new web-based technologies, but there are fundamental technical issues with integrating a CALEA-type system with the internet (CALEA = Communications Assistance for Law Enforcement Act of 1994). Security experts are suggesting that the feds (including domestic agencies like the FBI) develop teams of hackers to perform wiretaps in the future. They are essentially recommending that the FBI develop their own Tailored Access Operations (an NSA hacking division). Installing a CALEA-type system will fundamentally weaken the security of the internet for everyone, they claim, and it's also not very practical because new technologies develop so rapidly. It will hinder innovation. (From later note: we now know the FBI has already developed their own hacking team with the Remote Operations Unit. Chris Soghoian, principal technologist with the ACLU, discovered the Remote Operations Unit through former contractors' CVs on LinkedIn and put the pieces together.)

See this paper for background:

https://www.cs.columbia.edu/~smb/papers/GoingBright.pdf

"Going Bright: Wiretapping without Weakening Communications Infrastructure" | Steven M. Bellovin, Matt Blaze, Sandy Clark, Susan Landau | IEEE Security & Privacy 11:1, Jan/Feb 2013

My comments on the authors' analysis in this paper: OK, fine, mandatory backdoors are unacceptable. But if the feds' teams of hackers develop the power to enact wiretaps and bugs without having to ask for third-party permission, that will facilitate intelligence laundering on a wide scale. Sure, the information/evidence can't be presented in court. But they are more than happy to find other ways to use the information. Numerous examples of this have cropped up in the past year in the press (e.g. Special Operations Division -- a joint operation between DEA, FBI, and NSA -- slides were released a few months after Snowden to the press in a leak, but they were not part of the Snowden dump. Agents are specifically instructed to "recreate" the trail of an investigation to hide the original sources. They are effectively removing any poisonous taint from illegal surveillance by fabricating an independent source and never revealing the original surveillance. I believe they are generally handling narcotics cases, and the ACLU and EFF filed an Amicus brief late last year in a case in SF court as a result of the slides, because they suspected illegal surveillance might be taking place and intelligence was being laundered -- see United States of America v. Diaz-Rivera -- a very recent case, not sure what the outcome was at the suppression hearing. Google: Special Operations Division) ….

The "recreated trails" are also known as "parallel construction." Also here a good solution for analog switch on the mics for cell phones & also antenna & GPS seems a very constructive idea. Good deal. SEE DEA and NSA Team Up to Share Intelligence, Leading to Secret Use of Surveillance in Ordinary Investigations | Electronic Frontier Foundation August 2013.

/////

Besides the NYC Homeland Security grant madness, there is naturally a Rainbow Family in Montana Homeland Security money story now too: Police Seek DHS Grant to Deal With "Extremist" Hippy Group Which Stresses 'Non-violence, Peace and Love' - via Paul Joseph Watson.

////////

Four Rogue Lords & UK Snoopers Charter: Shameless: rogue Lords sneak Snooper's Charter back in AGAIN - Boing Boing && Shameless: rogue Lords sneak Snooper's Charter back in AGAIN - Boing Boing

Backstories & Backbones; Security of US Emergency Alert System (EAS) is crap & spoof zombie apocalypses not very difficult apparently; #OpNSA NSA PRISM tunnel servers may be getting noticed; Joe Naccio & NSA revisited

Oh For Facks Sake. All this big government/police state techno-crap is so often easily hacked in some way, which means the Awesome Emergency Powers of Teh Govmints are easily subverted by the Baba Booey fans of the world, or zombie apocalypses as the case may be. Indeed quite possibly all this NSA crap is starting to get hacked (and not just by activists but cynical commercial weasels) and since it's all backdoored to everything and everyone's mom, everyone gets screwed. Well played. Truth tellers keep publishing before it's too late :/

Much of this is old news but why not batch some of it in one place?

On the newer lulz front at least some people are claiming to poke around including determining which servers run in-between points for PRISM mass surveillance for the NSA. And I don't know anything about these IOActive guys who posted on the EAS hack but they seem worth keeping an eye on….

Before the EAS info, here is a good place to look at alternative, well polished and much open source apps : https://prism-break.org/ - bookmark this and use it when setting up any new computer :)

Emergency Alert System Fail: Also covered in ars technica. See this video's crazy audio message for hacked Montana Emergency Alert System clip from this February: http://gawker.com/5983516/montana-tv-stations-emergency-alert-system-hac...

So more or less a main contractor mailed out the damn master login keys to their products controlling the national Emergency Alert System, exactly the opposite of what you're supposed to do.

Clearly in the event of some adverse network screwing with things, it will probably be a mess. Let's say a Jimmy Carter tries to cut off SAIC and Blackwater, triggering an epic new Iran Contra type Ollie North conspiracy scene -- all these dumb horrible systems like the EAS DASDEC will behave horribly.

/////

http://www.ioactive.com/news-events/ioactive_uncovers_vulnerabilities_in...

Press contact:
Craig Brophy
Global PR Manager, IOActive, Inc.
E: PR@ioactive.com
T: +1 206 462 2291

Press Release

IOActive Uncovers Vulnerabilities in United States Emergency Alerting System

Digital Alerting Systems DASDEC application servers found to be vulnerable to remote attack

Seattle, WA July 8, 2013IOActive, Inc., a leading provider of application security, compliance and smart grid security services, today announced that is has discovered vulnerabilities in the Emergency Alerting System (EAS) which is widely used by TV and radio stations across the United States.

IOActive's principal research scientist, Mike Davis, uncovered the vulnerabilities in the digital alerting systems - DASDEC - application servers. The DASDEC receives and authenticates EAS messages. Once a station receives and authenticates the message, the DASDEC interrupts the broadcast and overlays the message onto the broadcast with the alert tone containing some information about the event. The affected devices are the DASDEC-I and DASDEC-II appliances.

“Earlier this year we were shown an example of an intrusion on the EAS when the Montana Television Network's regular programming was interrupted by news of a zombie apocalypse. Although there was no zombie apocalypse, it did highlight just how vulnerable the system is,” said Mike Davis, principal research scientist for IOActive. “These DASDEC application servers are currently shipped with their root privileged SSH key as part of the firmware update package. This key allows an attacker to remotely log on in over the Internet and can manipulate any system function. For example, they could disrupt a station's ability to transmit and could disseminate false emergency information. For any of these issues to be resolved, we believe that re-engineering needs to be done on the digital alerting system side and firmware updates to be pushed to all appliances.”

The EAS is designed to enable to the President of the United States to speak to US citizens within 10-minutes of a disaster occurring. In the past these alerts were passed from station to station using the Associate Press (AP) or United Press International (UPI) “wire services” which connected to television and radio stations around the US. Whenever the station received an authenticated Emergency Action Notification (EAN), the station would disrupt its current broadcast to deliver the message to the public. On Wednesday 26 June, the Cyber Emergency Response Team (CERT) published an advisory providing details of the vulnerability.

IOActive has also issued its own IOActive Labs Advisory outlining the affected products, the impact and the solution.

About IOActive
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specialisations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, aerospace, healthcare, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, BlueHat, CanSec, and WhatTheHack. For more information, visit www.ioactive.com.

////////////

http://ics-cert.us-cert.gov/advisories/ICSA-13-184-02

Advisory (ICSA-13-184-02)

Monroe Electronics DASDEC Compromised Root SSH Key

Original release date: July 03, 2013

OVERVIEW

This advisory provides mitigation details for a vulnerability that impacts the Monroe Electronics DASDEC.

Mike Davis, a researcher with IOActive, reported a compromised root SSH key vulnerability to CERT Coordination Center (CERT/CC). This vulnerability is in Monroe Electronics DASDEC‑I and DASDEC-II appliances. ICS-CERT coordinated with CERT/CC and Monroe Electronics to resolve the vulnerability. Monroe Electronics has produced an update that mitigates this vulnerability.

This vulnerability could be exploited remotely.

AFFECTED PRODUCTS

The following Monroe Electronics products are affected:

  • DASDEC-I
  • DASDEC-II

IMPACT

An attacker who exploits this vulnerability could gain root access to the device and affect the availability, integrity, and confidentiality of the system.

Impact to individual organizations depends on many factors that are unique to each organization. ICS‑CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.

BACKGROUND

Monroe Electronics is a US-based company that maintains offices and research facilities in Lyndonville, New York. Monroe Electronics develops and distributes worldwide electrostatic measuring instruments including electrostatic voltmeters, electrostatic field meters, coulomb meters, and resistivity meters.

The affected products, DASDEC-I and DASDEC-II are emergency alert system (EAS) encoder/decoder (endec) devices that are used to broadcast EAS messages over digital and analog channels. According to Monroe Electronics, DASDEC-I and DASDEC-II are deployed across broadcast radio and television in the communication sector. Monroe Electronics estimates that these products are used primarily in the United States.

VULNERABILITY CHARACTERIZATION

VULNERABILITY OVERVIEW

COMPROMISED ROOT SSH KEYhttp://cwe.mitre.org/data/definitions/321.html, Web site last accessed July 03, 2013." href="http://ics-cert.us-cert.gov/advisories/ICSA-13-184-02#footnotea_ixegenr" name="footnoterefa_ixegenr">a

DASDEC-I and DASDEC-II had publicly available firmware images for these devices that included a private SSH key that authorizes remote logins to the devices. For software versions prior to 2.0-2, where the default SSH keys have not already been changed, an attacker can then log into a device with root privileges.

CVE-2013-0137http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0137, Web site last accessed July 03, 2013." href="http://ics-cert.us-cert.gov/advisories/ICSA-13-184-02#footnoteb_ya73jua" name="footnoterefb_ya73jua">b has been assigned to this vulnerability. A CVSS v2 base score of 10.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:C/I:C/A:C).http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:C/I:C/A:C, Web site last accessed July 03, 2013." href="http://ics-cert.us-cert.gov/advisories/ICSA-13-184-02#footnotec_6n5eegx" name="footnoterefc_6n5eegx">c

VULNERABILITY DETAILS

EXPLOITABILITY

This vulnerability could be exploited remotely.

EXISTENCE OF EXPLOIT

No known public exploits specifically target this vulnerability.

DIFFICULTY

An attacker with a moderate skill level could exploit this vulnerability.

MITIGATION

Monroe Electronics has produced a software update, Version 2.0-2 that resolves this vulnerability. DASDEC users can obtain the DASDEC v2.0-2 software update and release notes by contacting support@digitalalertsystems.com.

ICS‑CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.

  • Minimize network exposure for all control system devices. Critical devices should not directly face the Internet.
  • Locate control system networks and remote devices behind firewalls, and isolate them from the business network.
  • When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPN is only as secure as the connected devices.

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT Web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.http://ics-cert.us-cert.gov/content/recommended-practices, Web site last accessed July 03, 2013." href="http://ics-cert.us-cert.gov/advisories/ICSA-13-184-02#footnoted_t8orqgw" name="footnoterefd_t8orqgw">d ICS‑CERT reminds organizations to perform proper impact analysis and risk assessment prior to taking defensive measures.

Additional mitigation guidance and recommended practices are publicly available in the ICS‑CERT Technical Information Paper, ICS-TIP-12-146-01B—Targeted Cyber Intrusion Detection and Mitigation Strategies,http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B, Web site last accessed July 03, 2013." href="http://ics-cert.us-cert.gov/advisories/ICSA-13-184-02#footnotee_wn76bab" name="footnoterefe_wn76bab">e that is available for download from the ICS-CERT Web page (http://ics-cert.us-cert.gov/).

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS‑CERT for tracking and correlation against other incidents.

///////////

http://www.kb.cert.org/vuls/id/662676

Vulnerability Note VU#662676

Digital Alert Systems DASDEC and Monroe Electronics R189 One-Net firmware exposes private root SSH key

Original Release date: 26 Jun 2013 | Last revised: 02 Jul 2013

Overview

Digital Alert Systems DASDEC and Monroe Electronics One-Net E189 Emergency Alert System (EAS) devices exposed a shared private root SSH key in publicly available firmware images. An attacker with SSH access to a device could use the key to log in with root privileges.

Description

The Digital Alert Systems DASDEC-I and DASDEC-II and Monroe Electronics R189 One-Net/R189SE One-NetSE are Linux-based EAS encoder/decoder (ENDEC) devices that are used to broadcast EAS messages over digital and analog channels. IOActive has reported several security issues affecting these devices. The most severe of these issues is the public disclosure of the default private root SSH key. The less severe issues could also contribute to an attacker's ability to compromise a vulnerable device.

Compromised root SSH key (CVE-2013-0137)
Publicly available firmware images for these devices included a private root SSH key that was authorized to log in to the devices (CWE-798, CWE-321). The fingerprint for the compromised SSH key is 0c:89:49:f7:62:d2:98:f0:27:75:ad:e9:72:2c:68:c3. Although this key is not hard-coded, it may be impractical for less technical users to manually disable or change they key prior to firmware version 2.0-2.

Predictable session ID
IOActive reports that the administrative web server uses a predictable, monotonically increasing session ID. This finding is based on running the web server in a test environment. Testing on a variety of firmware versions on devices both at the factory and in the field, Monroe Electronics could not reproduce this finding.

Log information disclosure
Logs available via the web server provide a variety of information about the configuration, operation, and status of the device (CWE-532). Some of the log information is public and may be required by regulation.

Predictable password generation
The dasdec_mkuser script generates passwords in a deterministic way (CWE-341), however these passwords are not for administrative access, and the script is not used for general user account configuration.

Default password
Like many similar devices, the DASDEC and One-Net ENDECs use default administrative credentials. Some sites fail to change the default administrative password and allow unrestricted internet access.

Impact

An attacker with the private key and SSH access can log in to a device with root privileges.

Predictable session IDs could allow an attacker to take control of an existing administrative web session.

Predictable and unchanged default passwords can allow an attacker to log in to a device with root privileges. Devices exposed to the internet are at particularly high risk, for example, see Secure EAS Codecs Prevent Zombie Attacks and US-CERT Alert TA13-175A.

Logs may disclose configuration information that can benefit an attacker.

Solution

Apply an update

On April 24, 2013, Monroe Electronics and Digital Alert Systems released firmware version 2.0-2 that disables the compromised SSH key, provides a simplified user option to install new unique keys, and enforces a new password policy. Monroe Electronics has taken considerable effort to provide update information to DASDEC and One-NetSE users.

DASDEC users can obtain updated firmware and release notes by contacting <support@digitalalertsystems.com>. R189 One-Net users can contact <eas@monroe-electronics.com>.

Disable compromised SSH key

The compromised root SSH key should be disabled immediately, especially if the SSH service is exposed to untrusted networks such as the internet. If SSH connectivity is required, generate, install, and test new SSH keys before disabling the compromised key. The fingerprint for the compromised SSH key is 0c:89:49:f7:62:d2:98:f0:27:75:ad:e9:72:2c:68:c3.

Manually inspect SSH keys

To identify a compromised key, examine the authorized_keys file at /root/.ssh/authorized_keys2.dasdec and use the ssh-keygen command to show SSH key fingerprints. The following example shows the fingerprint for the compromised key:

$ ssh-keygen -l -f authorized_keys2.dasdec
1024 0c:89:49:f7:62:d2:98:f0:27:75:ad:e9:72:2c:68:c3 wood@endec1 (DSA)

Note that ssh-keygen only shows the fingerprint for the first key/line in the file. If authorized_keys2.dasdec contains multiple keys (multiple lines, one key per line), it will be necessary to extract each key (line) to a separate file and run the ssh-keygen command on each key/file. These shell scripts can be used to list and test multiple SSH keys in an authorized_keys file:

To generate new SSH keys, use ssh-kegen.

Restrict access

If for some reason you are not able to remove and replace the compromised SSH key, restrict access to the SSH service to highly trusted hosts and networks only. As a general good security practice, restrict access to all services to trusted hosts and networks.

Change default passwords

Change any default passwords, and do not deploy production systems without changing default passwords. Search engines like Shodan can index systems exposed to the internet and default passwords are usually documented and well-known. It is often trivial for an attacker to identify and access systems on the internet using default passwords.

/////

#OpNSA: Some infos has been coming out about possible probing into the NSA PRISM system. Here are copies of some pastebins about all this. Start here: https://twitter.com/Op_NSA . It is indeed branded Anonymous and they said that two anons got searched over the weekend. What's cooking? Will the now-more-infamous NSA Q Group catch these cats?

#OpNSA claiming to have doxed some NSA officials and posting their phone numbers on interwebs. Something big may be taking off here -- if it turns out to be a honeypot there still better be lulz!

statement here:

Twitter: http://www.twitter.com/op_nsa

IRC: https://webchat.anonops.com/?channels…

Transcript below:

Greetings Citizens of the World, we are Anonymous. It is understood that the recent exposé of the national security agency has angered you. Anger caused by the realization that your own elected representatives promised to vote for your best interests but changed their minds when the price was right, in favor of increased surveillance on your normal everyday life. You hate them for voting your freedom and privacy away, and you have every right to. There are those that say you have nothing to fear if you have nothing to hide, but these are the same people who won’t tell you any of their own personal information upon your request. Complacent cowards like these have made it easier for this enormous surveillance operation to come to fruition. Eventually enough legislation will pass in favor of the evolving police state that will make every citizen a potential terrorist by default, and the NSA is at the core of it all. But you wonder to yourself, what can be done about all of this injustice and corruption? The answer is simple. Raise your voice so loud that no one can ignore it. Create such an overwhelming public outcry that the government and the media will be forced to acknowledge the issue. We need to show those directly responsible for all of this that there will be consequences for betraying us, and it will be the last time they do. In accordance with this we will be initiating stage two of operation national security agency and releasing the personal information of one politician each week that slandered Edward Snowden as a criminal and was involved with supporting the NSA and PRISM. We will make visible to everyone the depth of their violations against our freedom, privacy and well-being. We will expose the precise amount of money it took for them to turn their backs on us and we will show them how it feels to have their privacy abused and their personal information mined, collected and analyzed. But we won’t stop there. Since this affects not just Americans but everyone around the world, it is only right that we give this information as much exposure as possible. Spam the emails of your local representatives voicing your opposition to these surveillance measures along with president obama. Spread flyers regarding the NSA’s data mining and organize protests to inform the public. We will all need to work together in spreading this information as far and wide as we can so that the world is fully aware of what has been orchestrated at their expense. We are all in this together and have an obligation to awaken the masses to see how their rights are being stripped away one by one leaving themselves, their friends, their family and their children vulnerable to government manipulation and control. This will spark an awakening that cannot be stopped.

We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.

This one is interesting, I don't know why anyone would trust any VPN in particular tho :/

/////

http://pastebin.com/BzN9aUkq By: luminary on Jun 29th, 2013 | OpNSA VPN services.

Want to defeat PRISM?

Do you like the idea of free internet usage?

Well here is a list of Virtual Private Network providers recommended by Anonymous.

These services claim explicitly in their Terms of Service that they don't keep connection

logs on their customers, though it's always best to do some SERIOUS digging into a company's

history before you commit your freedom.

If you don't plan on doing anything illegal and you're merely trying to avoid snoopers

or circumvent censorship, free VPNs will likely suffice, but if you're going for a more

shady flavor of activism, don't leave home without these.

All of these accept Bitcoin, so that's a very helpful attribute. Bitcoin is a highly secure

payment method used if you don't want people to know who you are when you buy things over the internet.

BTGuard VPN

Private Internet Access VPN

Air VPN

PRQ VPN

Mullvad VPN

///////

http://pastebin.com/TpGTHDSy By: luminary on Jul 7th, 2013 | syntax: None | size: 2.45 KB | hits: 2,365 | expires: Never

PRETENTIOUS MINIATURE PRESS RELEASE:

Greetings, National "Security" Agency -- and our followers whom we love so much:

This may look like a small release, but it's actually huge. See, we hacked the NSA yet again because we just love doing that. These are DNS tunnels that are sending encrypted data to and from the PRISM databases. We have the IP's of those servers. If you crash these servers with DDoS, you literally render PRISM "broken". We are also planning to release some of that data (which we have access to) if we can decrypt it. So anyway. Hit these -- you hit PRISM. And die in the Matrix, you die in real life, etc etc.

SLIGHTLY TECHNICAL INFORMATION THAT MEANS NOTHING TO A LOT OF PEOPLE:

ns3-194.akamaiedge.net 56923 IN A 23.61.199.194

lar7.akamaiedge.net 64613 IN A 222.122.64.131

la11.akamaiedge.net 90000 IN A 213.254.238.131

lac1.akamaiedge.net 90000 IN A 193.108.88.1

la6.akamaiedge.net 70352 IN A 96.7.50.192

ns6-194.akamaiedge.net 90000 IN A 95.100.168.194

ns7-194.akamaiedge.net 90000 IN A 96.7.49.194

lar2.akamaiedge.net 84886 IN A 2.16.40.192

la1.akamaiedge.net 53942 IN A 184.26.161.192

lar6.akamaiedge.net 54809 IN A 195.59.44.137

la7.akamaiedge.net 39448 IN A 96.17.144.197

ns5-194.akamaiedge.net 35282 IN A 184.85.248.194

la3.akamaiedge.net 39672 IN A 96.7.251.131

Acquired by:

Restless

R00tsh3ll - @r00tsh3ll1 (twitter)

Intro Written and Info PASTED by:

Luminary - @aluminary (twitter)

PS:

There's TONS more information to release. We're going through some folders to see what we can and can't release before July 11th, 2013 (DDoS day). There's more to come. For those that have been asking for "proof of a hack", we're releasing some more as we go, but remember: this is the NSA. We have to be very careful about what goes public before we're done actually UTILIZING that information. For those that are understanding of this, you are the people that will receive the best information first! ^___^

//////

http://pastebin.com/X3siNZRC By: luminary on Jul 8th, 2013 | syntax: None | size: 3.64 KB | hits: 120 | expires: Never

Tor Tutorial

By: @aluminary

Greetings, faithful supporters of Anonymous and haters of PRISM. We are Anonymous, and for a moment, we're going to take time off from destroying things we don't like and teach you how to secure yourself and hide your identity while online. Naturally, this will be a benefit to you in the long run. Most people have no doubt heard of “TOR”, or “The Onion Router”. In basic terms, Tor is a routing network that sends all of your internet traffic through many different nodes all scattered about around the world. So imagine you've got a message you want to pass to a friend who's standing 100 meters from you. Whereas your standard internet traffic would be like walking over to your friend and handing him that note, Tor puts many different people between you two. So rather, in this situation, you'd hand the note to one of those people, they'd pass it to a random person, who'd pass that on, again and again until it gets to your friend. This allows the actual source of the traffic to be hidden after it comes through the exit node. Fortunately, Tor is very easy to acquire.

It can be downloaded from here: https://www.torproject.org/

For windows users, that download comes with the Tor browser bundle, which, when used, routes all of your traffic through a series of nodes as mentioned previously. Likely Linux users will know how to properly configure a client or program to use Tor, so we won't waste their time.

Once downloaded, that package will come with Vidalia Control Panel, an .exe file which acts as a sort of mothership. Once opened, a socks5 proxy server will begin running on local host. Your computer is the only computer on the network that will be able to use it unless others are also running Tor. The Tor browser will begin running on its own, so all you'll really need to do once in that browser is simply start searching away like a pro. If you want to verify your privacy because of paranoia, you can visit cmyip.com while using the Tor browser and be assured that your real IP is in fact hidden.

Tor itself is generally considered trust worthy. The thing is, even if nodes are run by undesirable parties, not only would said parties have to own that node, but they'd have to own the entire random path to... well... backtrace you. A downside of this entire thing, though, is that Tor is a high latency network. Because your traffic is being routed all around, it's also a bit slower. You will certainly notice slower internet speeds in applications using Tor (regular browsers not on the proxy won't be any slower). Then again, such a trivial matter is certainly worth the amount of protection Tor will offer you. Tor is a widely used and completely free project available at the aforementioned link.

Remember though, nobody is completely invincible. And human error can play into your traffic, or worse, your identity, being revealed. If, however, you take precautions to make sure Tor is operating and so forth, you will be fine. One more downside of Tor – that is one of the reasons a lot of us use VPN services – is that it's blocked in a lot of places. Because it's so easy and so anonymous, many websites, services, IRCs and networks will block Tor Exit Nodes to eliminate or crack down on abuse. In these cases, you'll probably need special permission to use the Tor server, as is the case with the AnonOps IRC network, which is one widely used meeting place for Anons.

Stay Anonymous. Stay safe.

Keep it up and defeat PRISM. Together, we are strong.

Together, we are Legion.

Twitter: https://twitter.com/op_nsa

IRC: webchat.anonops.com

channel: #opnsa.

^^You cannot use Tor with webchat. J/s

/////////////

Something ought to be said here ^ about the importance of other tracking links in browsers, time attacks, recent tor vulnerabilities that have come up etc. More caution and other layers are pretty surely necessary. Stuff like Ghostery to block various web tracker bugs for example.

A recent tor security example, you would need to keep javascript shut off to be safer from this, as but one example http://tedjonesweb.blogspot.com/2013/06/torbroker-security-vulnerability...

Another recent discussion http://seclists.org/fulldisclosure/2013/Jul/31

"I run 5 tor nodes. I can tell that 5 nodes on the network are save for me. Trust tor. I will not run dsniff or tcpdump. Its save. I will never abuse the logins you gave me for free. Afk now, that one guy is surfing on xhamster, nice video choice" -- "Alex"

Lol well put I suppose. Concise anyway.

Good tor network data source http://torstatus.blutmagie.de/

Router name agentAdrianLamo is doing well lol http://torstatus.blutmagie.de/router_detail.php?FP=ba7385668e2386246f2fb...

Tor vuln paper http://www.syverson.org/tor-vulnerabilities-iccs.pdf

http://www.blackhatlibrary.net/Tor

also for listserv activity https://lists.torproject.org/pipermail/tor-censorship-events/

Tor activity very much logged by NSA as shown recently http://nakedsecurity.sophos.com/2013/06/24/using-tor-and-other-means-to-...

Anyway it's just a normal hesitation in pointing out that Tor or given VPNs are not magically perfect for sure. There are merits to both technologies but magic boxes they are not! Of course one should assume the FBI is listening closely to IPs like webchat.anonops.com etc. 141.101.120.67 & 141.101.120.66

//////

For more on the Op_NSA situation check out

https://twitter.com/Op_NSA

https://twitter.com/aluminary

https://twitter.com/dickfacerax

///////

Email encryption in general:

For basics of encrypting email see Riseup.net: https://help.riseup.net/en/encrypting-email-with-thunderbird

Cryptome.org has had interesting stuff about PGP keys lately as well! http://cryptome.org/2013/07/mining-pgp-keyservers.htm & many posts on PGP keys registered to assorted federal departments! 2013-0744.htm 2013-0746.htm 2013-0741.htm etc

///////

More backstories and Backbones:

Here is a possible explanation of the Company A / B / C listings in the NSA Inspector General report. MCI, AT&T & Sprint:

Date: Wed, 03 Jul 2013 16:05:20 -0400
From: "James M. Atkinson" <jmatk[at]tscm.com>
Organization: Granite Island Group
To: TSCM-L Mailingin List <tscm-l2006[at]googlegroups.com>
Subject: Presidents Surveillance Program of 14 September 2001

On September 14, 2001 the NSA initiated a program on eavesdropping of all or the telephone and internet traffic of all U.S. Citizens, and concealed this quite unlawful program under many layers of secrecy, not because it as in the interests of national security, but rather to hide the violation of the Fourth Amendment.

These are the "initial three backbones" that the NSA tapped into (with the consent of the companies, each of whom gave the NSA full, unrestricted access):

The attached PDF file is a list of all of the funds spent by the program... do the math, and closely observe the date ranges (they perfectly match up, to the day with all of the dates in the Snowden document leaks).

MCI COMMUNICATIONS SERVICES INCORPORATED/MCI TELECOMMUNICATIONS CORPORATION
AMERICAN TELEPHONE & TELG COMPANY/AT&T
SPRINT COMMUNICATIONS COMPANY

In the IG report these aforementioned companies at listed at Company A, B, and C.

There are four additional companies (and others) to include Verizon, Nextel, Microsoft, Yahoo, Google, and so on.

See also procurement code: DAAB0701DH802 for Booze Allen Hamilton (Snowdens employer)

The project and procurement code as: DXXXXX01XXXXX

The program office as listed at:

2011 CRYSTAL DRIVE STE 911 (One Crystal Park Bldg "Crystal City 2" see also: http://cryptome.org/rummy-op2.htm)
ARLINGTON , VA , 22202-3732
USA

19.1 Billion Dollar Series of Contract initiated on the same day that the president authorized the Presidents Surveillance System for the NSA, and ending on the day it as shutdown.

Using a DUNS# of 790238638

The persons name under whom this was all listed is:

GRAFTON THOMAS BIGLOW
1312 Rhode Island Ave NW
Washington, DC 20005
(202) 483-8707

At the same address is:
Hope L Biglow

Grafton Bigelow is also listed at various addresses in:
414 Second
Cape May, NJ and West Cape May, NJ
(609) 884-4346

Plus several addresses in:
Hyattsville, MD
West Palm Beach, FL

But, the name Grafton Biglow also turns up:

FEDERAL PROCUREMENT DATA CENTER
7th & D Street SW, Room 5652
Washington, DC 20407
Director: Mr. Graffton Biglow
Fax: (202) 401-1546
Internet e-mail: grafton.biglow[at]gsa.gov

Curious coincidence.

Hopefully he had his own phone checked for bugs.

Maybe they can use the "Nuremberg defense"or claim "Befehl ist Befehl"

Very, very carefully look at the attached document, and take very deep and very slow breathes as you read it.

The bottom line is the Rainmaker system captured and indexed 1.17 racks per day of communications, bridging all major service providers, all fiber optic choke points, and eavesdropping mostly on U.S. Citizens (unlawfully) in what is called a "General Warrant" which is explicitly prohibited under U.S. Law.

The President of the United State is just a fucking moron, and utter and complete moron.

--- FUCK THE PIGS ---

-jma

--
James M. Atkinson. President and Sr. Engineer
"Leonardo da Vinci of Bug Sweeps and Spy Hunting"
http://www.linkedin.com/profile/view?id=15178662

Granite Island Group          http://www.tscm.com/
(978) 546-3803                jmatk[at]tscm.com
(978) 381-9111


Presidents-Spy-Program-Sept14-2001.pdf (342pp, 679KB)

/////////

The NSA Naccio Qwest case!

So there have been interesting developments. This bit about the contract hookups reminds me of Qwest's former CEO Joseph Naccio.

Here is what Naccio filed while fighting charges -- unlike virtually every white collar weasel ever, he ultimately got convicted of insider trading, no doubt with only the finest SIGINT available. Redacted PDF :: http://www.wired.com/images_blogs/threatlevel/files/512.pdf

http://www.denverpost.com/breakingnews/ci_22918125/former-qwest-ceo-joe-nacchio-moved-halfway-house - April 2013 he is getting out of jail soon with enormous fines as well. Many posts at Denver Post.

Nacchio, who turns 64 in June, was convicted in 2007 on 19 counts of illegal insider trading connected to his sale of $52 million in Qwest stock. A federal jury in Denver found that he sold the shares based on nonpublic information about the company's deteriorating financial condition.

Lucrative secret contracts indeedly doodley.

http://usatoday30.usatoday.com/news/washington/2006-05-10-nsa_x.htm 5-11-2006

The NSA, which needed Qwest's participation to completely cover the country, pushed back hard. ...

... the agency suggested that Qwest's foot-dragging might affect its ability to get future classified work with the government.

//////

Oct 15 2007: WSJ story: http://webcache.googleusercontent.com/search?q=cache:http://online.wsj.com/article/SB119240248793758652.html

Nacchio Alleges Reprisal

Qwest Ex-CEO Says Firm Denied Pacts After Spurning NSA

By

DIONNE SEARCEY

and

EVAN PEREZ

Contentions from former telecommunications executive Joseph Nacchio that the government retaliated against his company because he didn't comply with National Security Agency requests could add to the renewed debate over the NSA's secret surveillance of telephone records.

Once-classified documents that were unveiled in the insider-trading case of Mr. Nacchio, the former chief of Qwest Communications International Inc., Q +1.60% suggest the U.S. government didn't offer lucrative contracts to the company after Mr. Nacchio refused to cooperate with what the documents call "improper government requests" in February 2001. The documents, submitted as part of Mr. Nacchio's defense in the insider-trading case, don't elaborate on the government requests. Mr. Nacchio has said in the past he didn't comply when asked by the NSA for access to the private phone records of Qwest customers.

Mr. Nacchio in April was convicted in federal court in Denver of insider trading for selling $52 million of stock in the spring of 2001 as Qwest's outlook was deteriorating. He was sentenced to six years in prison but remains free pending his appeal. His attorneys suggested in pretrial filings that Mr. Nacchio believed the company was about to win secret government contracts that would keep it in the black, despite warnings from his executive team that the company was in financial trouble. The judge at his trial didn't allow much of the classified defense, and Mr. Nacchio's appeal disputes that decision. The latest revelations were in pretrial briefs filed months ago that were unsealed last week.

A spokesman for the Director of National Intelligence office, which oversees the NSA and other intelligence agencies, declined to comment on the allegations in the court filings.

The revelations emerge as the White House is in negotiations with Congress on long-term changes to the 1978 Foreign Intelligence Surveillance Act. Democrats, and some Republicans, in Congress are at odds with the Bush administration's demand that lawmakers preserve the secrecy of the NSA program by granting telecommunications companies immunity from lawsuits for any aid they gave to the government surveillance without a court order.

The administration has balked at giving Congress documents detailing the legal justifications for the NSA program, and says that the secrecy is necessary to protect national security.

Speaking on Fox News channel yesterday, House Majority Leader Steny Hoyer (D., Md.) restated his position that Democrats were willing to pass such immunity, if the administration turned over documents about the NSA program.

Write to Dionne Searcey at dionne.searcey@wsj.com and Evan Perez at evan.perez@wsj.com

///////////

The Daily Caller is trying to get this narrative bounced again: http://dailycaller.com/2013/06/13/jailed-qwest-ceo-claimed-that-nsa-retaliated-because-he-wouldnt-participate-in-spy-program/

CBS news in 2009: http://www.cbsnews.com/2100-250_162-1616326.html

Naccio's argument was not allowed in open court. Of course that Denver judge also had the NSA all over his phone too I would hazard to guess.

But who cares what the NSA does to judge's phones anyway? (see NSA whistleblower Russ Tice specifying NSA space asset surveillance vs Justice Alito for example)

Don't forget Israel re NSA contractors: read up on James Bamford on Israeli contractors & the NSA: http://www.wired.com/threatlevel/2012/04/shady-companies-nsa/ . A few salient snippets on the pervasive role of the spinoff companies of Israel's NSA equivalent, Unit 8200:

Like Narus, Verint was founded by in Israel by Israelis, including Jacob “Kobi” Alexander, a former Israeli intelligence officer. Some 800 employees work for Verint, including 350 who are based in Israel, primarily working in research and development and operations, according to the Jerusalem Post. Among its products is STAR-GATE, which according to the company’s sales literature, lets “service providers … access communications on virtually any type of network, retain communication data for as long as required, and query and deliver content and data …” and was “[d]esigned to manage vast numbers of targets, concurrent sessions, call data records, and communications.”

In a rare and candid admission to Forbes, Retired Brig. Gen. Hanan Gefen, a former commander of the highly secret Unit 8200, Israel’s NSA, noted his former organization’s influence on Comverse, which owns Verint, as well as other Israeli companies that dominate the U.S. eavesdropping and surveillance market. “Take NICE, Comverse and Check Point for example, three of the largest high-tech companies, which were all directly influenced by 8200 technology,” said Gefen. “Check Point was founded by Unit alumni. Comverse’s main product, the Logger, is based on the Unit’s technology.”

According to a former chief of Unit 8200, both the veterans of the group and much of the high-tech intelligence equipment they developed are now employed in high-tech firms around the world. “Cautious estimates indicate that in the past few years,” he told a reporter for the Israeli newspaper Ha’artez in 2000, “Unit 8200 veterans have set up some 30 to 40 high-tech companies, including 5 to 10 that were floated on Wall Street.” Referred to only as “Brigadier General B,” he added, “This correlation between serving in the intelligence Unit 8200 and starting successful high-tech companies is not coincidental: Many of the technologies in use around the world and developed in Israel were originally military technologies and were developed and improved by Unit veterans.”

Equally troubling is the issue of corruption. Kobi Alexander, the founder and former chairman of Verint, is now a fugitive, wanted by the FBI on nearly three dozen charges of fraud, theft, lying, bribery, money laundering and other crimes. And two of his top associates at Comverse, Chief Financial Officer David Kreinberg and former General Counsel William F. Sorin, were also indicted in the scheme and later pleaded guilty, with both serving time in prison and paying millions of dollars in fines and penalties.

Anyway that's enough stuff for now. Figure better to get a hard reference of it for those interested!

Mysterious Parastoo apparent Iranian hacker group claims UAV flight inside USA; Redhack Turkish hackers on the Move, accused "cyber terrorist organization"

A few linxors on hacker stories both Turkish and Iranian. Pretty mysterious, not sure what to make out of it… Another post via Cryptome.

SOURCE: Parastoo Claims Launch of Second UAV in US

FOR IMMEDIATE RELEASE
FROM : PARASTOO
TO : DOD
RE : http://en.wikipedia.org/wiki/Iran_Air_Flight_655
HANDLE: OP655, PRE-RELEASE

PARASTOO IS SPEAKING. 

YOU NEED TO BE INFORMED THAT WE HAVE SUCCESSFULLY LAUNCHED A SECOND 
UAV FLIGHT ON U.S SOIL. THE RESULTS OF THIS OP WILL BE PUBLISHED 
TIMELY AFTER OUR RELEASE REGARDING THE JFK OP, DURING THE UPCOMING 
SO-CALLED GENEVA-2. OP655 TOOK PLACE OVER A DESERTED AREA IN 
MARYLAND, FAR FROM CIVIL OR MILITARY BASES FOR THE PURPOSE OF THIS 
DEMO.

BOTH UAV USED IN THESE OPS ARE MADE IN U.S POWERED BY iDIRECT SYSTEM, 
WHICH WE MENTIONED IN OUR PREVIOUS MESSAGES. U.S NAVY USS VINCENNESE 
WAS INSIDE IRANIAN TERRITORY WHEN FIRED MISSILE TO A CIVILIAN PLANE 
RESULT IN 299 DEATH AMONG THEM 66 CHILDREN. LATER, THE CAPTAIN 
RECEIVED A MEDAL FOR HIS HEROIC OPERATION. 

TO HONOR THAT EVENT WITH A PROPER MEDAL BASED ON OUR STANDARDS, OP655 
FULL RELEASE WILL HAVE A BONUS: TECHNICAL DETAILS OF RQ-170. 

BESIDES THE GENEVA-2, WE HAVE SET DATES FOR FUTURE RELEASES ACCORDING 
TO A LIST OF DATES IMPORTANT RESISTANT FIGURES HAVE BEEN TARGETED AND 
ASSASSINATED BY THE ONLY REGIME WHO GET TO ENJOY A 6-DECADES DURABLE 
"LICENSE TO KILL" [1] WHILE SUCKING UP FINANCIAL BLOOD OUT OF U.S 
CITIZENS [2], WHO HAVE TO DEAL WITH THEIR OWN HONORABLE MEDAL 
CARRYING OFFICIALS LIKE JAMES CLAPPER WHO JUST EMBARRASSED HIMSELF 
ONCE AGAIN [3].

WHILE YOU ARE ENJOYING WATCHING A BIT OF UAV FUN FLYING OVER MONSTER 
FLEETS [4] WE WOULD LIKE TO REMIND YOU NO MATTER WHERE YOU ARE,EVEN 
INSIDE PROTECTED CUBES IN MARYLAND OR THE MOST NUCLEAR-POWER 
DEPENDENT AREA -- VIRGINIA, YOU ARE NOT ANONYMOUS. EXPECT US.

03 JULY 2013
P.

1:http://www.telegraph.co.uk/news/worldnews/middleeast/israel/
7254807/Mossads-licence-to-kill.html

2:http://www.spacedaily.com/reports/Israel_seeks_5B_in_US_loans_
to_buy_arms_999.html

3:http://www.techdirt.com/articles/20130701/12494623683/james-
clapper-admits-he-lied-to-congress-even-his-excuse-is-
misleading.shtml

4:http://f.lui.li/get_680_c87d.html

And via here: f.lui.li/get_680_c87d.html loaded this video, looks like a UAV watching an aircraft carrier apparently.

In late November 2012: Anti-Israel hackers leak nuclear watchdog email addresses • The Register

Troll-Hackers? Is This Nuclear Agency Under Cyber Threat by Familiar Iranian Hacker Group? | SiliconANGLE

The Hacker News - Security in a Serious way: Parastoo - Hackers break into International Atomic Energy Agency servers - The Hacker News

Full release from 25 Nov 2012: Parastoo Hacks IAEA && PARASTOO - 1 - Pastebin.com

Feb 26 2013: Parastoo claims hack of contractor linked to nuclear data | Washington Free Beacon: "Parastoo also stole more than 450,000 credit card records from some of IHS’s largest commercial clients, including Pepsi and BMW."

Feb 28 2013: Iranian Hacker Bullies VP Joe Biden, Credibly Threaten to Commandeer US Drones, Leak IHS Jane’s CBRN Documents | SiliconANGLE - note that some of the released material may have a trojan according to this.

Some absolutely shocking threats and claims have emerged from a fairly new hacking group on the scene. DefCon’s “y3ti” tipped us off to the group that calls themselves Parastoo that first emerged at the end of last year. Their latest chilling release confirms their earlier claims with an incredible stash of sensitive intelligence that was announced on a series of Iranian activist sites and later found on world-wide filesharing sites. The bounty is big, the targets are bigger, and the list of items they have hacked is staggering. Among this data and the statements– nuclear intelligence, military information, satellite images, national infrastructure intelligence, and a thinly veiled threat on the vice-president of the United States Joe Biden.

March 9 2013: Parastoo IAEA Mossad via Cryptome. This may be related?

IN TECHNICAL PART OF OUR LAST MESSAGE WE TALKED
ABOUT HOW PARASTOO GOT INTO C4ISR SYSTEMS BELONG
TO NATO AND USED A VSAT-BASED ATTACKS TO CONTROL
AND "PARASTOOJACK" A DRONE , LONG TIME AGO .
NOW THAT WE SLOWLY ARE WORKING THROUGH THE ROUTE
AND PARASTOOS , CYBER RESISTANCE GROUPS , AND
PEOPLE WHO ARE TIRED OF IMPERIALISTIC SHIT
BEING FED US AS POLITICS FOR A LONG TIME , IN
OUR NEXT MESSAGE WE WILL RELEASE A VIDEO OF HOW
THE ATTACH TO IDIRECT-CONTROLLED C4ISR SYSTEM
HAPPENED AND HOW PARASTOO BROKE INTO A FIPS 140-2
SECURE SATCOM ON THE MOVE . IT DEMONSTRATES , IN
A LIMITED WAY THAT PUBLIC WWW CAN HANDLE , WHAT
DID WE MEAN BY "AN EASY SPORT" IN OUR LAST MESSAGE .
IDIRECT DAYS ARE OVER FOR A LONG TIME , AND NOW
WE ARE CLOSING ITS FILE FOR GOOD , GIVE A BIT DATA
ABOUT THE JFK TEST AND TRY TO SPEAK "SERIOUSLY" TO
VICE PRESIDENT OF ANOTHER COUNTRY . DO NOT SUPPORT
ZIONIST-LED PLOTS. IT IS "SERIOUS" .

/////

On the Turkish front, #occupygezi and protesters have been supported by Redhack, an apparently older Turkish communist-sympathetic hacker group with sturdy skilz at defeating Turkish government websites.

RedHack_EN (RedHack_EN) on Twitter - English language outlet. Turkish: RedHack ★ (TheRedHack) on Twitter

e6f34b9e9e0be5e07dae99a483ee24fb.jpeg

#RedLeaks RedHack Belgeleri.. Kizil Hackerlar - 1997-2013

RedHack - Wikipedia, the free encyclopedia

Documentary about Redhack: RED! Movie Turkish (İngilizce Subtitled) - YouTube - trailer here. lots of RedHack related video clips here.

RED-656x437.jpg

Red!, the world's agenda hacktivizm issues of weight and center of each year is increasing cyber-activism. It carries out actions in particular RedHack'in Anonymous'un and Turkey. At the same time contributing to the documentary ICT, academics, lawyers and politicians hacktivizmin through politics, explores the relationship between ethics and law. BSM-Independent Film Center, Red! founded an independent film exhibition and distribution network. Film screenings held across Turkey. documentary Who, Dr. Free Uçkan / Author-scholar Gökhan Ahi-IT Law Expert Professor. Dr. Aslı Tunç-Head of the Department at Istanbul Bilgi University Media Alper Stone-ODP Co-Chairman Dr. Rabun Kosar - Bogazici university for Data Processing Center Manager Özgür Murat-Lawyer -Attorney Bilgütay Durna Ilhan Cıhaner-MP - Former Republican Attorney General Ayhan Erdoğan-Attorney Asst. Assoc. Dr. Erkan Saka-Istanbul Bilgi University, Department of Communication

RED! « Independent Cinema Center: The movie RED! produced by BSM – Independent Cinema Center, focuses on two subjects that gain globally more and more attraction every year: cyber activism and hacktivism. In the movie, these subjects are principally treated through Anonymous and RedHack. At the same time, the movie examines the relations between hacktivism and politics, ethic and law.

This documentary does not conceal being biased. It approachs cyber activism and hacktivism from a class struggle perspective. Considering the cyber world as a new battlefield, the movie examines how the cyber struggle can be linked to the class struggle.

490-249.jpg

REDHACK Voice of the oppressed! - Tumblr

July 4 2013: RedHack Identified as “Cyber Terrorist Organization” - Bianet / English - Bianet

July 5 2013: Turkish Police Name RedHack a Cyber Terrorist Organization

July 4 2013: Redhack members face virtual terrorism charges for pro-Gezi tweets

A report recently prepared by the National Police Department into the recent nationwide Gezi Park protests has stated that members of the Socialist hacker group RedHack (Kızıl Hackerlar) committed virtual terrorism by inciting people to commit criminal acts in the tweets posted on the account “@TheRedHack” during the protests.

The National Police Department launched a large-scale investigation into the online activities of Redhack during the Gezi Park protests and determined the identities of the members of the group from their IP addresses. The Sabah daily reported on Thursday that the National Police Department is seeking legal action against Redhack.

The police department stated in its report that Redhack posted many tweets that invited people to attend the protests and incited people to commit crimes during the Gezi Park protests. The police department also included some tweets posted on the Redhack account in the report. A tweet posted on June 14 states, “People from around the country will be on the streets as of 2.00 p.m.” In another tweet posed on June 15, Redhack stated: “We are protesting for a fair, non-exploitative and classless world, for brotherhood and freedom. If they are so brave, they can stop us.” In other tweet, again posted on June 15, Redhack stated: “They [Justice and Development Party (AK Party) government] provides people with free transportation or food for their rallies, but they give us tear gas, police batons and police attack car. Do you continue to be silent?”

According to the Sabah report, Prosecutor Muammer Akkaş will launch an investigation into Redhack based on the police report. The prosecutor will reportedly investigate members of Redhack on charges of virtual terrorism.

RedHack | Cyber War News - a great many lulz on this category:

Turkish Police Informant Files Leaked By Red Hack - July 16 2012. "only way we will stop publishing these files is if so called gov’t sponsored “lamers” stop attacking journalists."

As you may be all aware, our actions are continuing non-stop since February. From that time our first action was against Ankara Security Headquarters and as a result seven innocent people got arrested and they are still imprisoned. The only evidence against them is a PlayStation Cd’s. The dominant powers then decided to transfer the investigation about us to a prosecutor who once managed the Sivas case to drop due to time-frame elapsed, where 33 intellectuals and artists got killed by mob of bigots. Despite this we didn’t stop and we were investigated by National Intelligence Agency (MIT) and complaint was made to Interpol. For disinformation reasons various news was made about us. We still did not stop. Ministry of Interior was hacked twice, 95% of police forces in Turkey were hacked, and other Ministry sites were hacked time to time. Lately we were declared “terrorists” after Ministry of Foreign Affairs was hacked where we have leaked document. All of a sudden cyber teams established against us have mushroomed up. Those couldn’t stop us with help of imperial powers such as USA, EU, Russia or China created “cyber counter-guerrillas” and created sites to vilify us. Also the government, that sees us as terrorists supported these people to attack other countries. They have tried various games to alienate people against us.

Very recently attacks started against opposition journalists that makes objective news and lawyers specialises on internet. With the helping hand of the government those fake sites published personal details of these freedom defenders and very harsh/degrading threats were made to them. Just today another dirty “cyber government” attack was made against Birgun (OneDay) newspaper. This must be the very “Cyber Army” that was established against us by establishments such as TUBITAK, TIB and BTK. One of their employee quite recently announced that they will use a different approach against us, this must be it. They will brand those fighting for the truth as a terrorist but will unleash their lamers against journalists, lawyers. This must be their so called “different approach”.

As these conditions were set by them and freedom defender’s details are published with the help of government, we have taken a decision. Since they are attacking those people fighting for freedom, we will not let them walk alone. Starting from the beginning, we will publish all the leaked documents we have managed to gather, uncensored.

We will only stop when they cease to treat these lamers with double standard and treat them as equal as us.

Tomorrow we will start to publish an uncensored police informants file of 70mb.

Since we are a “terrorist” and those who publish details of innocent people are heroes, then we will act with the language they understand. We won’t play the inoffensive any longer.

The choice is yours; either put the leash on these corrupted lamers that lacks knowledge of code or face the consequences.

Lastly, we will not let those take sides with us be alone. We have plenty of jokes and they are funny but they are all real.

We don’t ACQUIT We HACK!

We won’t embarrass those trust us and walks with us, we won’t leave them alone halfway through this struggle.

If we get arrested one day, we will defend our actions. Because bourgeois terrorists cannot judge us.

RedHack (Red Hackers Association)

Central Committee

14th July 2012

Hacking for the People!

Also recently June 29th 2013: RedHack Erases Public Debt and Renames Primary School in Instanbul | 40 Oz of Bad Karma

Google Translate- RedHack, Provincial Supervisor hacked

Intelligence documents about bomb plots leaked: This time the 'bomb' mails

Istanbul Special Provincial Administration Hacked by REDHACK - Hackers News Bulletin

Anyway, classic stuff. Bonus points to redhack for a much more well crafted public image than Parastoo!

/// UPDATE 3AM: On another LulzCluster altogether, keep an eye on https://twitter.com/op_nsa for another wave of possible NSA data drops. For apparently new hawt NSA hax0rd0x See http://pastebin.com/bBuS9aH5
http://pastebin.com/raw.php?i=bk3yqHue for supposed new NSA leak pastebins including email addresses at nsa.gov and suspiciously obscure British domains, one can only hope MI6 municipal council weasel-moles are flushed trololol!
Also: Hello to @redhack_en posting this story: https://twitter.com/RedHack_EN/status/353780921373171712 A good day to you from Minnesota, Cheers! ///

Pentagon domestic operations switches from "pull" to "push" on 24-48hr timelines: "Defense Support of Civil Authorites" expands

This is an incredibly short period of time, he said, and it forces a change in the relationship between DOD and other agencies. The old paradigm was to have civil partners “pull assistance” from DOD, while now DOD will actually push assistance where it is needed.

Defense.gov News Article: Official Explains New Homeland Defense/Civil Support Strategy

There is also a video here: http://www.pentagonchannel.mil/Video.aspx?videoid=285596

Mirrored: Domestic Pentagon ops expands Defense Support of Civil Authorities vs domestic extremists - YouTube

//// UPDATE 4.22.13: I forgot! Here is one version of USNORTHCOM CONPLAN 3501. Thanx to YAN, reddit, & Cryptogon for taking note of this post! This video from the Boston metro area shows what domestic militarization of police is all about:

Also please follow PublicIntelligence.net and Cryptome.org for more handy docs. PI in particular has been pretty well on top of this.////

Mission drift into the US continues as the Pentagon contemplates dealing with "domestic extremists" under the rubric of Defense Support of Civil Authorities (DSCA) - one aspect of which is the US Northern Command's "USNORTHCOM CONPLAN 3501".

CONPLAN 3501, This generic emergency plan is relatively easy to obtain (most of the text), but it is the "friendly" hand of the DOD compared to the more mysterious and riot-control-oriented "USNORTHCOM CONPLAN 3502" entitled "Civil Disturbance Operations" (CDO). This surfaced in researching the role of Northcom at the 2008 Republican National Convention, which was a very 3502 CDO style operation with National Guard controlling space on Kellogg Blvd. CONPLAN 3502 is the post-2002 version of GARDEN PLOT, the 1960s-1990s template plan for domestic military deployments, like for example in the LA Riots.

This extends the story from late 2010: Secret 'Trigger' & blueprint for emergency domestic military crackdown plan revealed | HongPong.com and reconfirms various aspects.

/////////////

Here is the new front-piece document. Also bonus weird stuff about the ever popular integration of North America.

An interesting Snippet:

Loosely-networked or individually motivated violent extremists will continue to exhort followers and encourage violent extremism in the homeland.

o HVEs will operate alone or organize in small groups and will be largely autonomous in their operations; they will have access to web-based resources to assist them in their operational planning.

o Military members and facilities will remain prominent targets of terrorists, and particularly by HVEs.

ł DoD will be called upon to provide significant resources and capabilities during a catastrophic event in the homeland.

o The National Response Framework will remain the primary instrument for applying Federal capabilities during disaster response.

And

Rapid and actionable intelligence on terrorist threats

DoD will maintain and enhance the Joint Intelligence Task Force for Combating Terrorism (JITF-CT) as its key node for sharing intelligence with interagency partners on terrorist threats. DoD will improve and refine intelligence and information-sharing relationships that have developed since 9/11 and as a result of the Fort Hood shootings.

DoD maintains a robust array of foreign intelligence capabilities, and sharing relevant counterterrorism-related information with the Federal Bureau of Investigations (FBI) and other key parties is vital to the prevention of potential terrorist threats to the homeland. JITF-CT will remain the focal point for DoD’s outreach and sharing of intelligence and information with the FBI, the Office of the Director of National Intelligence (ODNI), and the National Counterterrorism Center (NCTC). Additionally, DoD will expand its participation within the various FBI Joint Terrorism Task Forces (JTTFs),9 as well as other similar entities to maximize “top-down” and “bottom-up” sharing of key pieces of intelligence and information, consistent with applicable law and policy.

And of course, Unity of Effort and the ever popular Council of Governors:

Promote Federal-State Unity of Effort

Unity of effort between the Federal Government and States must be one of DoD’s guiding principles in the homeland, since unifying DoD’s efforts with those of its external partners improves collaboration and shortens response times for meeting life-saving needs during emergencies. Unity of effort also means greater national preparedness at less overall cost, while preserving both Federal and State constitutional requirements and responsibilities. DoD and its Federal partners must continue to strengthen unity of effort with States to define common goals regarding capabilities, structures, and processes for responses to disaster and emergencies in the homeland. The Council of Governors – established by Executive Order in 2010 – will be an essential forum for enhanced, senior-level dialogue among Federal and State civilian and military officials for this purpose.

[.....] DoD will regard dual-status commanders as the usual and customary command and control arrangement in cases where Federal military and State National Guard forces are employed simultaneously in support of civil authorities within the United States.

DoD will continue to refine processes for dual-status commanders and their associated command structures. By leveraging the use of such commanders, DoD will improve Federal-State communication, economy of force, and force employment for planned events and no-notice or imminent incidents. Historic examples of the employment of dual status commanders include national special security events such as the Democratic and Republican national conventions and responses to disasters like Hurricane Sandy and wildfires in the western United States...

Vague talk of militarized domestic databases always good:

Since Federal and State military components have varying requirements for relevant information and level of detail, development of a COP solution need not specify systems, hardware, or software. Instead, it must be based on common data from authoritative military or civilian databases that flow to various systems in a common format.....

The DCE/DCO structure is reconfirmed to be key to domestic military operations:

DoD will use the planning capacity of Defense Coordinating Elements (DCEs) to expand planning cooperation at the regional level so that Departmental capabilities are considered in FEMA-led regional planning efforts. DoD will also build an integrated organizational architecture for its liaison and coordinating officers at various headquarters.

The ten FEMA regional offices are key nodes for integrating Federal plans with State and local plans, and DCEs within these regional offices are essential for operational and tactical unity of effort in an adaptive environment. This regional planning relationship bridges the gap between State-level planning conducted at a National Guard’s Joint Force Headquarters (JFHQ)-State and DoD and DHS national-level planning. The JFHQs in each of the 54 States and Territoriesprovide vital ties to State emergency officials and the National Guard Bureau. This enduring synergy positions the JFHQ as the key State-level organization for integrating the emergency plans of local DoD installations with State plans and FEMA regional plans.

DoD will deepen and facilitate rigorous Federal, regional, and State-level planning, training, and exercises through coordination and liaison arrangements that support civil authorities at all levels. These arrangements include DoD liaison officers at DHS and FEMA, Defense Coordinating Officers (DCOs), and Emergency Preparedness Liaison Officers from each Service.....

FULL DOCUMENT: Pentagon domestic ops Homeland Defense Strategy 2.2013

/////////////

Defense.gov News Article: Official Explains New Homeland Defense/Civil Support Strategy

By Jim Garamone - American Forces Press Service

WASHINGTON, April 1, 2013 – The Defense Department incorporated hard lessons learned when it codified its new homeland defense and civil support strategy, said Todd M. Rosenblum, DOD’s top homeland defense official.

In an interview with American Forces Press Service and the Pentagon Channel, Rosenblum, the acting assistant secretary of defense for homeland defense and Americas’ security affairs, said the new strategy is a recognition that the operating environment has changed.

“We face new threats, we have new vulnerabilities, we have new dependencies, most importantly we have a new way to do business,” Rosenblum said during a Pentagon interview. “We have to capture that and make sure the department is prepared and directed toward being more effective and efficient as we can be.”

The Defense Department is charged with defending the homeland from attack. U.S. Northern Command is further charged with working with state and local entities and other federal agencies to provide support in times of natural or man-made disasters. In the first instance, DOD has the lead. In the second, another federal agency -- such as the Federal Emergency Management Agency -- has the lead.

The strategy, released in February, looks at the lessons learned from past experiences -- from Hurricane Katrina through Hurricane Sandy.

They also looked at changes including the growth of communications networks, dependence on private-sector capabilities and “the rising expectations from the president and from the secretary, and certainly from the American people, that we will be prepared to provide support to civil authorities within a 24- to 48-hour window,” Rosenblum said.

This is an incredibly short period of time, he said, and it forces a change in the relationship between DOD and other agencies. The old paradigm was to have civil partners “pull assistance” from DOD, while now DOD will actually push assistance where it is needed.

“So we are postured to provide assistance as fast and rapidly as possible,” Rosenblum said.

The vast difference between the response to Katrina in 2005 and to Sandy in 2012 shows the effectiveness of the new strategy, he said.

“We were more efficient, timely and effective in our support to Hurricane Sandy,” Rosenblum said. “This is because we did integrated planning within DOD, with our federal partners, and with our state partners. We recognized the need to not wait to be called upon, but to pre-position our support capabilities knowing there’s going to be audibles and ad hoc requests.”

Planning is at the heart of the strategy, he said. Integrated planning -- with state and local officials, with other federal agencies and with non-governmental entities -- has increased visibility and prominence. The National Guard -- an organization that bridges state and federal efforts -- continues to play a crucial role. But, Rosenblum noted, the strategy recognizes that response to disasters requires an all-of-government approach.

Cyberattacks, he said, also could produce the type of man-made disaster that would require DOD assistance. The homeland defense mission codifies requirements to provide cyberdefense, he added.

“The threats to networks and critical infrastructure increase when we are engaged in operations overseas,” he said. “The physical effects of cyberattacks can impact our military operation capabilities and response capabilities.”

The fiscal environment impacts this -- and all other -- strategies.

“The sequester is real and effecting DOD through readiness, training,” Rosenblum said. “It is difficult for the department to plan and budget intelligently, when we don’t have budget certainty.”

Officials devised the strategy when the department had already committed to $487 billion in reductions over 10 years.

“Sequester has changed the calculus tremendously,” Rosenblum said. “But this strategy is not about buying new capabilities: It’s about our planning, our processes and our integration.”

////////////

Defense.gov News Release: DOD Releases Strategy for Homeland Defense and Defense Support for Civil Authorities

U.S. Department of Defense

Office of the Assistant Secretary of Defense (Public Affairs)

News Release

On the Web:

http://www.defense.gov/Releases/Release.aspx?ReleaseID=15878

Media contact: +1 (703) 697-5131/697-5132 Public contact:

http://www.defense.gov/landing/comment.aspx

or +1 (703) 571-3343

IMMEDIATE RELEASE No. 172-13

March 22, 2013

DOD Releases Strategy for Homeland Defense and Defense Support for Civil Authorities

The Department of Defense announced today the release of the Strategy for Homeland Defense and Defense Support of Civil Authorities. This policyestablishes DoD’s priorities in the areas of homeland defense and defense support of civil authorities through 2020, consistent with the president’s National Security Strategy and the 2012 Defense Strategic Guidance. It links with other DoD and national strategic documents related to missile defense, space, cyberspace, counterterrorism, and the Western Hemisphere. The strategy identifies two priority missions for the department in the homeland: defend U.S. territory from direct attack by state and non-state actors; and provide assistance to domestic civil authorities in the event of natural or manmade disasters, potentially in response to a very significant or catastrophic event.

The strategy emphasizes cost-effective policy mechanisms and innovative approaches to defend the homeland against direct attacks and to provide timely responses to routine and catastrophic events on U.S. territory. It stresses the continuation of DoD capabilities to defend against conventional and emerging threats in the air and maritime domains, while expanding cooperation with federal, state, and local partners to defeat asymmetric threats – including, for example, homegrown violent extremists who may seek to use improvised explosive devices. Additionally, it addresses DoD preparations for responding to man-made and natural disasters.

“The Department of Defense’s contributions to the defense of our nation have evolved over the past decade and account for new threats and challenges. Lessons learned from events like Hurricanes Katrina and Sandy and collaboration with our interagency partners and State Governors have framed our current approach to DoD civil support activities,” said Acting Assistant Secretary of Defense for Homeland Defense and Americas’ Security Affairs Todd Rosenblum. “This strategy emphasizes strengthening our partnerships with federal agencies like the Departments of Homeland Security and Justice, with state and local governments, with the private sector, and with our Canadian and Mexican neighbors – not only for more comprehensive approaches to complex security challenges in the homeland, but also to create efficiencies through collaboration and joint action,”

For further information about this strategy, please access http://www.defense.gov/news/Homelanddefensestrategy.pdf

//////////

Never heard of this guy, he is the one doing the news release above. Career includes being Evan Bayh's national security staff & CIA Near East 1988-1993hires_061611094311_Rosenblum_Todd.JPG

Defense.gov Biography: Todd M. Rosenblum

Acting Assistant Secretary of Defense for Homeland Defense and Americas' Security Affairs [Acting?]

Todd M. Rosenblum is the Acting Assistant Secretary of Defense for Homeland Defense and Americas’ Security Affairs. In this position, he advises the Under Secretary of Defense for Policy on the homeland defense activities of the Department and regional security matters for the countries of the Western Hemisphere. He is also responsible for advising the Secretary of Defense on all matters pertaining to defense support to civil and law enforcement authorities in the homeland. Mr. Rosenblum has nearly 25 years of political, policy, and legislative experience in national security affairs.

Prior to his appointment at the Department of Defense in May 2011, Mr. Rosenblum was the Deputy Under Secretary of Intelligence for Plans, Policy, and Performance Management, Department of Homeland Security, from February 2009 to May 2011. He directed strategic and policy planning for the Department’s intelligence program, oversaw budget development and resource allocation priorities for the synchronization of intelligence programs and priorities, provided stewardship and direction for the Information Sharing Enterprise, and ensured that the intelligence program was aligned with national, departmental, and intelligence strategy and requirements.

Mr. Rosenblum was a Professional Staff Member on the Senate Intelligence Committee from March 2005 to November 2008, leading Committee oversight of Department of Defense human intelligence collection programs and Intelligence Community-wide intelligence collection programs and operations in the Middle East. Concurrently and prior to joining the Committee, he served as the Military Legislative Assistant and National Security Advisor to Senator Evan Bayh from January 2001 to November 2008, where he acted as senior counsel and represented the Senator on defense issues and foreign policy, national security legislative actions, and public affairs. He was a member of the Senior Personnel Staff, National Security Cluster, on the Obama Presidential Transition Team from November 2008 to February 2009.   

Mr. Rosenblum held several management and advisory positions at the Department of State and the U.S. Arms Control and Disarmament Agency from August 1994 to January 2001. From April 1999 to January 2001, he was the Executive Assistant/Chief of Staff to the Assistant Secretary of State for Nonproliferation where he provided executive management and policy liaison on the full range of nonproliferation issues. He was the Senior Foreign Affairs Advisor for Northeast Asia at the U.S. Arms Control and Disarmament Agency from August 1994 to April 1999, where he represented the Agency in numerous nonproliferation negotiations and regional security dialogues.

From January 1993 to August 1994, he was the Deputy Political-Military Advisor for the Bureau of Near Eastern Affairs, U.S. Department of State. Mr. Rosenblum chaired an interagency export control working group, providing departmental recommendations on proposed arms sales to the region, and was responsible for ensuring consistency between national policy and regional security assistance activities. He was an Intelligence Officer in the Central Intelligence Agency’s Office of Near Eastern Affairs, Directorate of Intelligence, from September 1988 to January 1993.

Mr. Rosenblum has received numerous individual and group awards from the Department of State, the U.S. Arms Control and Disarmament Agency, and the Central Intelligence Agency. He received his Masters in International Affairs in 1988 from the School of International and Public Affairs, Columbia University, and his Bachelor of Arts in 1986 from Columbian College, The George Washington University.

//////////////

Anyway that should give everyone a little more to work with, given the heightened domestic military operations surrounding the Boston aftermath, it is important to get a sense of where the Pentagon sees itself going in these reactions and ongoing operations -- what happens next is another question.

A great move would be publishing the entire text of USNORTHCOM CONPLAN 3502 Civil Disturbance Operations on the Internets immediately!

FawkesFail: Even more #OpCartel related shadiness: Anonymous hive instantly rejects @FawkesSecurity feds/contractors/fools posting violent threat, false flag or buffoonery

‏@AnonNCarolina2 - We spend all night informing ppl about indefinite detention only to be placed at the top of the list by some dumbfuck. #StopNDAA#Anonymous - SOURCE

Fortunately #stopNDAA at least hit a huge volume on twitter during tonight's presidential debate. So... Synchronicity in the Fog? Less than 24 hours after posting loose notes on #OpCartel & possible evidence of related Anonymous false flags / synthetic setups staged by contractors and handlers ( ECHELON GCSB military surveillance vs New Zealand & Kim Dotcom; IRC logs on Anonymous false flag attacks viewed anew; Barrett Brown setup via #OpCartel ) naturally yet another very similar likely falseflag trial balloon (or sheer dumbassery) has just been sent up. It's easy to speculate this is intended to defame &/or distract from stuff like the announced Tyler P2P leaking platform project & other peaceful modes of information dissent.

The first time I heard of FawkesSec (assuming that's the same general thing as FawkesSecurity) I heard it was a contractor setup. And now here we are. I'm not the only one who noticed a flow of BS. & also this.

/// UPDATE: @anon_prole flags: "RT @MsSamanthaMarie FB profile is the admin to FawkesSecurity group page that's listed on twitter profile https://www.facebook.com/jodie.rushforth @Anonyops" and "FYI our friend Fawkessecurity was the one threatening @twitter 4 @Anon_Central suspension https://www.youtube.com/watch?v=7xDRwRIzbeY … cc. @Anony_Central @Anonyops". /// Someone instantly made a semi-offensive Flash anime about this? Damn quick/// Really handy tips for watching social media on this story via @anonOccuBloc : FawkesSecurity #Twitter Analysis | http://analytics.topsy.com/?q=fawkessecurity | http://mentionmapp.com/beta/classic/index.php#user-fawkessecurity | http://www.twinitor.com/#q=fawkessecurity&lang=all&stop_spam=0&stop_porn=0 | http://trendsmap.com/topic/%40fawkessecurity |

Researchers have started looking at the FawkesSecurity facebook group &etc. See @AnonyOps, Alexa O'Brien for notes & Paul Henderson (Vizfosho) among the first to flag what was going on. @AmberLyon mentioned her sources said it's evidently fake and she'd seen similar before.

The crazy thing is that the new bomb threat video posted by @fawkesSecurity uses the same basic video file as the original #OpCartel video, which is broadly believed to have been a setup or falseflag. [see this one for the highest view count] O_o


fawkes-sec-threat.png
fawkes-sec-twitter.png

fawkes-sec-threat-youtube.png

On the diametrically opposite side, this seems pretty representative of the genuine idea among the 'real Anonymous', having observed for some time: AnonPaste via Twitter / Anon_Prole: #ProTip: Whoever claims to ...

Anonymous is a non-violent resistance movement consisting of a global collective of autonomous individuals who adhere to these basic principles: 1) Do not attack the media. (This includes main stream, independent, and social media) 2) Do not attack critical infrastructure. (Such as communications networks, power grids - or hospitals) 3) Work for Justice and Freedom. (Especially with regards to freedom of information and the internet) ANYONE anywhere can initiate an Anonymous operation, action, or group - and so long as they adhere to these basic principles they are as much Anonymous as anyone. EVERYONE is Anonymous.

Another statement calling out @fawkessecurity:Anonymous response to false #OpV attack. - Pastebin.com via here

Ohai /b/ros,

Welcome sit sit sit... Grab some popcorn and watch this fail.

Fawkes Security whether fed or disinfo fucktard, has been 100% fail since day one.

Here is a little list of fails:

False Facebook attack fails.

Taking credit for others ddos attacks fail.

Attempting to link Project Mayhem 2012 / TYLER with physical disruption fail... (Just like NSA & DHS have attempted.)

AND NOW Linking #OpV with a bomb plot fail!

w0000000hoooo!

Anyhow, this Anon has simply gain fame by reuploading Anonymous videos onto Youtube for almost a year while creating hardly any videos which have NEVER amounted to anything.   

Channels:

https://www.youtube.com/user/FawkesS3curity

https://www.youtube.com/user/FawkesSecurity

This Anon is a cancer to the internet.

As for this Anon linking Project Mayhem 2012 to harmful and illegal activities ('Fawkes Virus', releasing viruses on 12.21.2012 and physical disruption.) we say, bring on the disinfo, we encourage it. Any disinfo you throw at us will only be fuel to the fire that will burn this world, because EVERYONE knows PM2012 will NEVER do ANYTHING ILLEGAL.

Love and Lulz,

Anonymous

&& a little earlier went around: Response to @FawkesSecurity Threat - Pastebin.com (although I don't get why these people and fawkessecurity both transpose the usual forgive/forget epithet): [line breaks edited, dang ASCII art & pre tag]


Greetings from....
_ _ ___
_| || |_ / _ \   
|_ __ _/ /_\ \_ __ ___ _ __ _ _ _ __ ___ ___ _ _ ___
_| || |_| _ | '_ \ / _ \| '_ \| | | | '_ ` _ \ / _ \| | | / __|
|_ __ _| | | | | | | (_) | | | | |_| | | | | | | (_) | |_| \__ \
|_||_| \_| |_|_| |_|\___/|_| |_|\__, |_| |_| |_|\___/ \__,_|___/
__/ |
|___/   
This message is to the media:
Earlier tonight, the Twitter account @FawkesSecurity posted a link to a pastebin and a YouTube video that stated the following:
"As of today 200 kilograms of composite Nitroglycerin and commercial explosives have effectively been concealed in a government building"
Let us be perfectly clear: Anonymous is not a terrorist organization. Anonymous does not use bombs. Anonymous does not condone violence
in any way.Anonymous supports justice and universal equal rights. We support peaceful protest.
At this time, we are not sure whether or not @FawkesSecurity is trying to troll, or if he's trying to discredit the name of Anonymous
in the eyes of the world. Maybe @FawkesSecurity's twitter and YouTube account was hacked. Perhaps this is the FBI's way of trying to
label Anonymous as terrorists so they can begin using the NDAA against us.
Either way, fuck whoever posted that threat.
We are Anonymous
We are legion
We do not forget
We do not forgive
Expect us

Also, who is this guy? He's sent tweets to fawkessecurity in the last few days (& bizarre emails to people) & doesn't seem too balanced. We have had more than a few like this, but something unique going on here :/

...and also check this out: on Subliminal Ridge: Doxing and the Barrett Brown Indictment. Important info about the 'restricted information' BS: In this law, the term “restricted personal information” means, "with respect to an individual, the Social Security number, the home address, home phone number, mobile phone number, personal email, or home fax number of, and identifiable to, that individual." ... yet to cite merely one recent example on Cryptome.org this kind of stuff is already not 'restricted' at all!

Regarding FBI surveillance, see new infos: Anarchists targeted after Seattle's May Day protests - Los Angeles Times // Affidavit: Feds tracked Ore. anarchists to Seattle - AP. Music in support of those hassled.

UPDATE: VizFoSho adds : "@GlobalRevLive can you put this at the bottom? @Anon_Prole @DBCOOPA @AnonyOps @AmberLyon #TittySprinkles http://pic.twitter.com/nRw88ZHj" [NSFW]

ECHELON GCSB military surveillance vs New Zealand & Kim Dotcom; IRC logs on Anonymous false flag attacks viewed anew; Barrett Brown setup via #OpCartel

"<omg> i'm one of those horned rimmed guys sitting behind a desk in DC dreaming of ways to manipulate Anonymous for UK's and USA's purpose :)" Backtrace Security - Pastebin.com http://pastebin.com/KtLfurP1 -posted BY: A GUEST ON MAR 16TH, 2012 | SYNTAX: NONE | SIZE: 9.62 KB | HITS: 833 |

/// UPDATE OCT 23 1AM: YET ANOTHER SHADY OP with links to OpCartel material turns up! YE GODS! Even more #OpCartel related shadiness: Anonymous hive instantly rejects @FawkesSecurity feds/contractors/fools posting violent threat, false flag or buffoonery ///

Dragging a big post together here because it's a loose thing, happening in real time, with some old logs illustrating new predicaments from New Zealand to Texas. All of this post material is out in the open, not SpySquirrel material, but drifting by quick. Everything here seems pretty tenuous but might be useful to have for review. If nothing else there is kind of an old school global hacker madness tone tying this all together, hard to tell what is truthful & hype :-/ Mostly just raises a bunch of questions for further inquiry.

Wired is covering the Kim Dotcom case - one of the world's (literally) biggest cloud hosting provider CEOs taken down by the New Zealand government and FBI; the case is collapsing in court and it's been admitted that their NSA spy sigint equivalent GCSB was illegally spying on him - even the Prime Minister had to apologize. Suggested to search Topsy.com for "GCSB Surveillance" "GCSB Scandal" etc.

Checking into backstories kind of related to realtime events From New Zealand & found some new info from Decentralise Occupy (endarken) on Twitter. There was an #O20 anti-austerity protest this weekend and a complex surveillance scandal unfolding. I don't really agree with endarken's conclusions about a bunch of things, however there is a lot worth looking at. First the New Zealand Dotcom/Surveillance scandal - let's mainline some New Zealand surveillance state inside-Cricket fail - or here is a news clip running down the illegal NZ GovOps:

The problem with riding out a political controversy is that it makes it very hard to draw a line underneath it.

High profile resignations eventually allowed the Government to draw a line under the ACC mess.

Compare that to the problems Mr Dotcom is causing, which are numerous and largely unresolved. John Banks' involvement is still creating fallout, with the Prime Minister again having to back his coalition partner. This is despite revelations in a letter from Banks' lawyer that the Act leader - who repeatedly stated he had nothing to hide - was concerned about what journalists and Opposition MPs might do with his statements to the police - see: Key still backs Banks, despite letter.

Of course the actual statements are still to be revealed - another political grenade waiting to go off, even as related issues keep John Key occupied. David Shearer's claim that there was a video of the PM discussing Kim Dotcom in February clearly wasn't a knockout blow and as Patrick Gower reports, Shearer's Labour colleagues weren't exactly enthusiastic in support - see: Has Shearer's GCSB claim backfired?.

In the (un)parliamentary melee that erupted as John Key sought to correct a previous statement to the House there were no real blows landed, just some brawling that was difficult to referee - see: Jane Clifton's Smith on a hot tin roof with points-ordering. As Corin Dann points out, however, that is probably enough for the opposition at the moment: 'The fact is that the Government is now having to fight a number of fires on different fronts. It's starting to look a little rattled' - see: No 'gotcha' moment for Key.

The nature of the GCSB may also be preventing Key from dealing with the politics of the issue says Patrick Smellie: 'If lawyers are unwilling to be open about the truth, spy agencies are both obliged and pathologically inclined to withhold information. He simply can't defend himself. In the process, however, his position is eroded' - see: Trust easily lost in age of new media. However, heads may be beginning to roll at the spy agency, albeit slowly, as it appears Hugh Wolfensohn - a key player in signing off on the illegal spying of Dotcom is on 'gardening leave' - see Patrick Gower's Senior spy faces sack over Dotcom debacle.

There will undoubtedly be some gardening leave on offer soon at the Ministry of Social Development. The seriousness and scale of the problem has been underlined by the head of the Government's IT programmes being ordered to do an urgent stocktake of all public computer systems in use by government departments: - see Claire Trevett's Scramble to safeguard IT systems.

Despite denials that the Minister, her office and her department had nothing to do with the outing of Ira Bailey, suspicion remains. Not least because the Minister has a track record: 'Ms Bennett has done a similar thing in the past, releasing the weekly benefit details of a solo mother who challenged a National Party policy. Green Party co-leader Metiria Turei wants a forensic investigation of the computers in Ms Bennett's office' - see: Bennett accused of breaching privacy again. There is clear evidence that Bailey's identity was known in the Beehive. Holly Ford, a member of Ms Bennett's staff, checked out Bailey's LinkedIn profile just before it was leaked to the Herald's Claire Trevett - see: Chris Keall's LinkedIn trail leads to Bennett's office - Ng.

The independent journalist at the centre of it all wasn't impressed with his source being forced into public view, but Keith Ng will be happy with the public response to his work - over $5,500 in donations so far to support his work - see: Blogger raises donations for breaking Winz story.

KimDotcom tweets a news clip on this thing unfolding & more here. Roughly speaking @endarken says... well if i can paraphrase, between the industrial surveillance on Dotcom, the new State Dept cables and others, chunks of the overall surveillance grid are getting exposed in operations from New Zealand to the US. In New Zealand right now the Dotcom surveillance issue is really cooking!


newzealand-dotcom.pngNZ-dotcom2.png

Other things from down under & thereabouts surfacing, including the industrial-strength US-backed spying campaign against MegaUpload proprietor Kim Dotcom, a combination of stuff including Australian diplomatic cables -- cables also showing PM Gillard being noticed as friendly new Leader material for Australia with a thumbs-up from US intelligence.

False Flagging Mossad website attack: Let's get to this purported IRC log @endarken highlights from many months back, which purports to show two hacker-handlers bragging about creating Anonymous false flag operations. The first idea is that "omg" tries to have "rooster" get "zeekill" to jam the Mossad's public website enough to cause a news story -- then they joke about their previous #op false flags and jeopardizing Texas journalist Barrett Brown's life by starting the #opCartel fight between Anonymous & the Zetas Mexican drug trafficking cartel. (google that one)

This could be another spoof writing (packs rather a lot of info, srsly) but it's getting a lot of renewed interest now, if the hit counter's any indication: http://pastebin.com/KtLfurP1

<rooster> Tell me what you told him.

<omg> <omg> just get zeekill to use his BR roots to hit mossad's IP for 20 hours and i'll make sure you and zeekill are free to stroll along with no more interference from "external" parties

<omg> <omg> or if you want just 8 hours

<omg> <omg> enough to have reporters verify Mossad's tango down

<omg> i'll make sure Interpol doesn't get a red notice on him

<rooster> why.

<omg> his little panda security stunt and with #antisec hacking the site is what will get his ass hauled by SUPO to Spain

<omg> this is what i call leverage

<omg> <omg> do you know it wasn't Sabu's idea to tell Anarchaos to deliver the emails?

<rooster> yes, i know abou that.

<omg> that was my work, along with other stupid Anonymous false operations such as

<omg> #opcartel, #opglobalbackout

<rooster> Yes, that's fine. i know

<rooster> about all of that.

<rooster> i want to know

<rooster> why.

<rooster> not only, why did you do it.

<rooster> why are you now

<rooster> telling people.

<omg> <omg> i'm one of those horned rimmed guys sitting behind a desk in DC dreaming of ways to manipulate Anonymous for UK's and USA's purpose :)

<rooster> if this is true.

<rooster> give me contact information.

<omg> Anonymous never had leadership that's why it was so easy in the last 6 months

<omg> tell your handlier in NYC

<omg> he'll know

<omg> FBI plays by the books

<rooster> alright. i'll be in touch then.

<omg> however guys like me in counter intelligence don't

<rooster> you'd be surprised.

<omg> oh i know

<omg> don't worry :) i have friends in JTTF

<omg> i assume your magneto's handlier?

<omg> if so call up Philip Selton in DC he's a good friend of my

<omg> tell him 'B' is up to his old tricks

<rooster> i'll look into that. that's what i needed in the first place.

<rooster> Thanks.

<rooster> im working on something of my own, it's a bit in your department, but i need to talk to someone official about it.

<omg> trying to mitigate the Strafor email damage unfortunally

<omg> did you see the assesment?

<rooster> no i did not.

<omg> ask CT in NYC

<omg> they have it

<omg> Senate Intelligence Committee will have a briefing on it next week

<rooster> oh, i don't go to that. i have someone who gives me things i request.

<omg> prob above your clearance level

<omg> anyways you know about their little group's HTP right?

<rooster> not really. but i'm interested.

<rooster> what can you tell me?

<omg> apparently in an attempt to SE, one of their guy's zeekill ran a SYN+ACK ddos against mossad.gov.il

<rooster> oh, the mossad ddos.

<rooster> done with brazil roots, right?

<omg> yep

<omg> from what i gather it's prob CDN servers

<omg> with the bandwidth that was pumped to the site

<omg> the site is on a tier 1 backbone provider with about 1gbs of total speed

<omg> their little gang has some serious bandwidth

<rooster> i guess so. would have to be a good amount to take out something on t1

<omg> haha much faster from what i guess Mossad has

<omg> think it's on a OC-24

<rooster> well, most public sites are on small servers isolated from anything important

<omg> onto a STM-64 uplink

<omg> dunno but what that anonyroot idiot hit CIA's site was pretty high too. The uplink pipe for DC's link was a OC-24

<omg> guys in DS&T had to rotate the public ip three times

<rooster> these guys are persistent fuckers, aren't they?

<omg> well it depends

<omg> most are idiots

<omg> their Anonymous-OS already has a sudoder backdoor

<omg> i think the offical dl count is close to 34K now

<rooster> that was well known

<rooster> and obvious

<omg> about their HTP group from what's read from previous intel reports. It was a splinter group that formed after the HB Gary hack

<omg> they previously use the irc skidr.us

<omg> and apparently the group rotates irc servers monthly

<rooster> i'll be right back.

<omg> figured i should give it a try and try to use their crazy members to try and mitigate the next wikileaks release

<omg> one of them did a quick demo yestoday and was able to bring down Mossad's site

<omg> *yesterday*

<omg> btw you know Israel already caught that 0xOmar kid right?

<omg> it's embarrassing to see Israel able to catch a hacker weeks after an intrusion, while we don't have CERN teams cyber readiness level to react quickly enough to large scale attacks

<rooster> back, sorry i have two other people relaying information to me.

<rooster> reading, sec.

<rooster> hes the israeli, right?

<rooster> no

<rooster> the saudi?

<omg> they caught him in SA

<rooster> yea, the saudi.

<omg> tracked him through credit card purchases

<rooster> yes, i remember when he pastebinned some ccs

<omg> it takes about 2 weeks min to just get a search warrent your whitecollar depts + SS with the DOJ for a simple id theft

<rooster> Yes, i know.

<rooster> fraud isn't just a slap on the wrist.

<omg> yes

<omg> and it's a constant battle

<omg> with DOJ versus state level id theft charges

<omg> though it's good to know cybercrime is monitering hardchats

<rooster> yeah, there are eyes on a lot of different places right now

<omg> that's good, though i'm prob the only guy in my agency trying to figure how to not mess things up with current investigations :)

<rooster> if you can disclose, who are you with?

<omg> sorry i cannot

<rooster> understandable

<rooster> just, personal curiosity.

<omg> just contact SSA Selton

<omg> he'll understand

<rooster> right.

<omg> but i'm not with you guy's at the Bureau

<omg> in fact because of the sealed DOJ docket's, I didn't even know about Xavier Monsegur being a CI

<rooster> Should have, it was actually leaked a while back.

<rooster> also i'm with the bureau, i have to state that if you return this back to anyone.

<omg> i had track down one of your contractors Backtrace to confirm it two months ago in Jan

<rooster> i have a position similar to you.

<rooster> just so that's clear.

<rooster> i don't want break any laws while doing my job.

<omg> i just don't want to mess up any existing investigations

<omg> i thought everything is need to know. Regardless everyone has TS clearance, but certain things such as knowing who is an CI is a need to know

<omg> at the Bureau

<rooster> again, i'm not with the bureau, i do what you do.

<rooster> and it is all need to know

<rooster> but if you look closely

<rooster> you can find out a lot on your own

<omg> <rooster> also i'm with the bureau, i have to state that if you return this back to anyone.

<rooster> hah. wow.

<rooster> that is a typo.

<rooster> meant to say not. i apologize.

<omg> i'm with DS

<omg> of the DOS

<rooster> ah.

<rooster> ive interacted with the bureau

<omg> i'm the guy responsible for mitigating damage caused by Jeremy Hammond sending the Strafor emails to Wikileaks

<rooster> hammon, sounds familiar.

<rooster> um

<rooster> what does he run

<rooster> he runs something, i think.

<omg> Anarchaos aka crediblethreat aka Hack This Site founder

<omg> btw did you ever use the nick moop?

<rooster> there are a few people

<rooster> that use that nick

<omg> my suggestion work with Jennifer Emick with Backtrace

<rooster> i've not worked with backtrace directly, but i've chatted to hubris before.

<omg> i've been helping Hubris aka david with some "special projects" such as injecting fake Anonymous operations such as #opcartel

<rooster> i understand about injecting fake ops, like a honeypot

<rooster> but opcartel

<rooster> was too far

<rooster> lives could have been at risk

<omg> not really, only Barret Brown's

<omg> the goal of #opcartel was to get CISEN into iranserv

<omg> and understand the leadership structure resulted in the recent Interpol South American arrests

<omg> and anonworld

<rooster> ah, so you're planting fake ops, to infiltrate.

<rooster> smart.

<omg> #opglobalbackout was a response by that anonyroot's idiot ddos of CIA.gov

<omg> so the NSA could argue for stronger monitering + domestic intelligence

<omg> inject stories such as: http://pastebin.com/pVmAZqWY

<rooster> so is that new internet monitoring bill related at all to OpDarknet?

<omg> opdarknet?

<rooster> also

<rooster> i dont tink

<omg> no it's because of the constant threat of China

<rooster> there is any validity

<rooster> in that pastebin

<omg> + guys like pr0f_srs's dump of the SCADA system

<rooster> i understand SCADA system dumps.

<rooster> how does china play into that?

<omg> and a simple ddos to CIA.gov is enough to invoke the "terrorism" arguement

<rooster> anything is enough to invoke the terrorism card

<rooster> it's so vague, it can be thrown around until it sticks.

<omg> when you have critical US infracture such as a Water Pump Facility, or your Intelligence Agency being under attack?

<rooster> why do you think the reason for monitoring the occupy movement, and various protesters was under a counter-terrorism effort?

<omg> how do you think Counter-Intelligence feels?

<rooster> i think they would feel like they need to step it up.

<rooster> and that's where you come in, correct?

<omg> yep

<omg> been doing the injections and manipulation of Anonymous' agenda at the sidelines to push for stronger FBI + NSA prescence

<omg> not everyone in DSS agrees with me

<omg> but when the head of the FBI + NSA is making these arguements to the National Security Council

<omg> ^-- Director

<omg> i've said i've did a good job in the last 5 months :)

<rooster> opcartel, an globalblackout were well recognized, i guess that means you're right

<omg> i'm not involved with Intelligence gathering of Occupy

<omg> it's the boys that are with DHS

<omg> then again they over-react to everything

<rooster> nor am i, but i've a few contacts of mine are.

<omg> shit like Anonymous hackers fucking up train lines?

<omg> yea... DHS your idiots

End of log. This log could be fake or partially fake but it draws a classic picture.

[Side note - the planted story they mention - http://pastebin.com/pVmAZqWY - is a rather silly "message for Anonymous from Mossad" which I remember thinking of as really silly...(BY: A GUEST ON FEB 12TH, 2012 | SYNTAX: NONE | SIZE: 12.71 KB | HITS: 12,109 | EXPIRES: NEVER) ]

Speculating but DSS could be Defense Security Service - http://www.dss.mil/ - which has a purview of defending the Defense Industrial Base generally & that could involve efforts to catch hackers eh? It is a military agency with responsibility for aspects of guarding private contractor installations, so they would seem to have an Interface or 2 to domestic political monitoring. DSS definitely scans websites a lot & shows up in logs but has virtually no public or alt-researcher profile at all. What kinds of programs have they been up to in this exciting era? etc. [Also could be State Diplomatic Security Service but I doubt it - or the odd DOJ Domestic Security Section but that dissolved in 2009 into (this is not a TV show probably): Criminal Division: the Human Rights and Special Prosecutions Section.

Any place run from Quantico AND bonus Fort Meade DISCO Summary from their site:

About Us

The Defense Security Service (DSS) is an agency of the Department of Defense(DoD) located in Quantico, Virginia with field offices throughout the United States. The Under Secretary of Defense for Intelligence provides authority, direction and control over DSS. DSS provides the military services, Defense Agencies, 24 federal agencies and approximately 13,300 cleared contractor facilities with security support services.

DSS contributes to national security by serving as an interface between the government and cleared industry. DSS administers and implements the defense portion of the National Industrial Security Program pursuant to Executive Order 12829. Approximately 356 Industrial Security Representatives provide oversight and assistance to cleared contractor facilities and assist management and Facility Security Officers in ensuring the protection of U.S. and foreign classified information. DSS also facilitates classified shipments between the United States and foreign countries and implements foreign ownership, control and influence countermeasures.

The Center for Development of Security Excellence (CDSE) is located in Linthicum, Md., and provides security education and training to DoD security professionals through formal classroom and distributed learning methodologies (i.e., computer-based, web-based and tele-training).

The Defense IndustrialSecurity Clearance Office (DISCO), located in Fort Meade, Md., processes requests for industrial personnel security investigations and provides eligibility or clearance determinations for cleared industry personnel under the NISP.

OMG's comment on DHS - Homeland Security, collecting info on Occupy could have been related to the Critical Infrastructure stuff similar to DSS activities (as well as Federal Protective Service which has been the main FOIA released docs so far).

The Pastebin he references as a lol fake OMG - it's this crazy absurd Mossad threat missive that got tons of views at the time: http://pastebin.com/pVmAZqWY

//// Below the fold - more logs - coverage on the DOJ's system of illegal operations and signaling to cartels, and other loosely related elements ////

Anonymous & Wikileaks beefing - it's bigger than a paywall - Bonus Anonhosting.biz confusions, Cointelpro Spam, Silent Circle, Cryptocat, Federal "Restricted Information" & i2p

plf-wikileaks.pngA review of the latest internet dickering, with mostly unrelated useful new programs & ideas at the end...

It ain't a 'war' but several prominent representations of the anon flock are speaking out against Wikileaks and it's not just the Javascript paywall (disable JS to get around it). This is happening realtime on Twitter tonight. [pic source]

One thing worth pointing out everyone I believe can agree on, that @Wikileaks Twitter recently accused @AnonymousIRC Twitter, a major account run by several folks, of sending out misleading info about insecure proxies, without specifying which proxies so worried them. That was not a good idea, or at least didn't put anything concrete out there, spreading distrust based on incomplete info instead.

[sub note: the oft very substantive @Asher_wolf adds that @anonyops is the only high-follower twitter account really held by one person since its inception]

The whole thing is a mess on a bunch of levels, as another Anonymous related account @PLF2012 just said they had an inch thick of dox on Wikileaks & judging by today's tweets, frustration that indictments keep raining down on people while Assange lectures them & Wikileaks seems to vacillate.

//// UPDATE OCT 16 AFTERNOON: While the pastebin isn't signed by anyone in particular, a pretty substantial "let's move on" kind of statement has been released. Worth Reading: http://pastebin.com/A14bABfq

UPDATE OCT 15 AFTERNOON: A couple more dramas involving 'Project Vigilant' which Lamo was involved with (bonus Sneakers reference via the SETEC ASTRONOMY patch), and the Wikileaks Forum site (and followup). It seems that Assange's mom is on some aggressive patrol to keep people in line. UK Guardian on all this. I haven't even scoped these things out yet, ye gods it goes on and on.... ////

The constructive lesson in here, to really maximize the positive contributions of all involved without getting sucked into drama, is to take what you can learn from things and get new things going, don't just join some unwieldy bandwagon for the drama flow. While Wikileaks comes across as Julian Assange/Lady Gaga/weird international epicfail ego show going on, they have actually been publishing & releasing more data from the Stratfor files and Syria. That's good -- but trolling @anonymousIRC with nothing to back it up, not good..[MEME SOURCE TROLL.ME - yes rly]

whats-a-shitstorm-julian-i-dont-want-to-get-caught-up-in-no-shitstorm.jpg

Assange just put up a long post lecturing Anonymous about how easy it is for them to get turned into snitches and fail because they lack 'Unity', a word he uses a ton when perhaps he should consider that viable ecosystems really have little lockstep unity at all. He definitely brushed off referencing "the many Bothans that died to bring him this information" so to speak, except to say that it's bad for them to say anything about sources for defendants' legal reasons. Nonetheless he doesn't really seem to venture much explanation of his own responsibility towards the general human wreckage & prosecutors surrounding these very ugly gigabytes...

Overall take it for what it's worth, between the paranoid yet intermittently informative Reddit threads to the review of HBGary and Assange's valid critique that Internet assets (or as 4GW systems theorists can call "bowties") are control points that can get co-opted. In reaction to freeform paranoia over which Anon Twitter accounts are taken over by law enforcement, someone on Reddit added that even when you don't really feel it's sound to assume an account is co-opted, you just don't need to send sensitive info or etc. to them, don't bother freaking out.

Additionally it's not helpful that Texas-based researcher & Project PM police state/contractor research wiki publisher Barrett Brown is incarcerated, awaiting trial [indictment PDF] & some mysterious & unexplored class of "restricted information" has surfaced in his case, & not really been analyzed -- Barrett seems to have been accused of feloniously enticing people to google search for FBI agents, among other things. [FreeBarrettBrown.org]

In Barrett's case, as well as the origin of the Stratfor leak, with Sabu & Lamo in the mix, an infestation of many informants and operatives operates perhaps as "crapflooding", the political hacker scene COINTELPRO counterpart to the paid corporatist trolls filling up & derailing internet discussions everywhere. In all cases the crapflooding ultimately wastes all our time, it buys time for bureaucratic status quo interests, the corrupt & those benefitting from the Power of Ignorance. Interpret gibberish as damage and route around it.

LINXORS:

Some background [mixed thoughts about this one]: How (not) to destroy Wikileaks: where it all began… | Darker Net

The original @AnonymousIRC post: Statement on Wikileaks - Pastebin.com - the Reddit Thread: @AnonymousIRC's statement on Wikileaks : anonymous

Oct 12 Reaction to @AnonymousIRC with some good points: Supporter response to @AnonymousIRC's Statement on WikiLeaks - Pastebin.com

Julian Assange's Oct 15th missive, kinda be trollin. Yet its page title is simply: TwitLonger — When you talk too much for Twitter. Fair enough, [maybe the big lesson here?]

A couple accounts to check: anonoccubloc / (PLF2012) / @anonymousIRC / @youranonnews / @Asher_wolf

Easily Sunday's best move was EncyclopediaDramatica, the high Octane wiki chronicling troll wars & attempting to crowdsource the most offensive possible entries, poaching for Wikileaks style sources & "defectors". [ED's battles to stay online are actually kinda interesting & a little like a Wikileaks/anon combo situation].

The whole thing has explicitly been tied back to the July Beef by Wikileaks in a tweet hours ago - specifically this Reddit: Update to something I previously posted about @AnonymousIRC on Twitter : anonymous. So links on the earlier affairs:

Tweet July 12 saying anonhosting.biz is good for paste services: Twitter / Par_AnoIA: So we heard that Privatepaste ...

July 15 tweet saying AnonymousIRC shouldn't trust Anonhosting.biz Twitter / KiingCobra: @AnonymousIRC Honeypot site,I ...

July 13 tweet implying something sketch about Anonhosting.biz being registered May 9 when @AnonymousIRC was silent around those few days (when twitter accounts go off air, people fear Party Vanning - arrested hackers flipping while getting sweated by Feds, like Sabu did last summer) Twitter / tmichaels1: The domain @AnonymousIRC is ...

3 months ago, the proxy beef: Reddit thread NO war between WikiLeaks and Anonymous : anonymous

July 14: AnonPaste signed by @YourAnonNews @AnonPR_Network @PLF2012 @AnonCollective @Anon_Central "There is no 'War' with Wikileaks": "....The Anonymous account in question (@AnonymousIRC) is angry because all the contents of the "Syria Files" are not being instantly published. This is due to the fact that the individual behind this account is not in the decision loop regarding our handing over these files to WikiLeaks. ....

So @Wikileaks itself is *right now* trying to stir up this old July anonhosting.biz thing, is it a competition for leaking services or what? Why a priority now when the Ecuadorian embassy is surrounded etc., yet also calling for Unity? Not well explained but there you go. We can only hope it's a proxy to some more interesting intrigue?

//////////

I2P & Cryptocat: let's learn something handy anyway: Eh & after all this bitching well let me add something possibly useful in the long run. In recent weeks away from writing here, I've been taking a bit of time to review encryption, software, approaches to making open source easily replicated communications techs, which seems like a good field for inquiry and experiments right now.

[Also watched the 1992 film Sneakers, which just celebrated its 20th birthday. It only anticipated the NSA's effort to tap everyone & everything domestically. What is Darpa Plan X anyhow?]

A relatively obscure encryption protocol called i2p (an extension of some earlier Darknet efforts) may be the successor to Tor, the big Cahuna which is also a bit US Government funded & regarded cynically by Cryptome among others. Via one of the reddit threads:

http://www.i2p2.de/how_networkcomparisons // good convo about tor, jap, and i2p

i2p shall prevail where Tor has failed - money quote: "There are too few exit nodes, and many are up to something... Tor therefore forces users to make the bizarre choice between non-anonymous Internet use with only their ISP logging traffic or somewhat anonymous Internet use with a complete stranger logging their traffic.". at some point the story went around that Wikileaks claimed to have a zillion documents early on (where did those go?) because they were copying them off their own malicious Tor honeypot exit node that Chinese hackers were sending goodies back home through. May not be true but would make sense.

main i2p website // A bunch of stuff on how i2p works // /r/i2p of course -Anonymous OpDarknet(pre-pedo hunter)

Moar programs: And this is cool, from two years ago, Anomos a combo implementation of Bittorrent and i2p. Groovy! Plus, honesty: "Anomos is an experimental anonymity protocol. It has not yet undergone the serious peer-review necessary to consider it safe for general use. Do not rely on it for strong anonymity." The argument in the 'i2p shall prevail' piece was that new protocols are essential, while Tor is kinda tied down in its weaknesses by basically being a proxy network to the existing web.

Firefox 16 got whacked with an exploit right away, [the JS hack here] but imagine how many more bugs would have gotten by if not for open development. So in turn we need to keep good apps with new protocol thinking developing openly. Cryptocat is another new entrant for IM chat with a lot of potential. Source code here, roll yr own! Don't worry about the drama, just code, crack & compile! [And the PGP man Phil Zimmermann has promised to opensource the touted Silent Circle app for review (see @silentcircle, because centralized communications are sooo secure lol]

Just released from EFF, HTTPS Everywhere 3.0 switches your browser to secure HTTPS, at least improving one level of communications on more than 1500 sites. Also the EFF Observatory is really interesting & discusses part of why HTTPS is not good if the upstream certificate generators, the CAs, are weak/shady:

The EFF SSL Observatory is a project to investigate the certificates used to secure all of the sites encrypted with HTTPS on the Web. We have downloaded datasets of all of the publicly-visible SSL certificates on the IPv4 Internet, in order to search for vulnerabilities, document the practices of Certificate Authorities, and aid researchers interested the web's encryption infrastructure.

We are particularly concerned about the role and practices of Certificate Authorities (CAs), which are the organizations that can sign cryptographic certificates trusted by browsers. These certificates can contain statements like, "this public key belongs to EFF.org", "this public key belongs to yahoo.com, paypal.com and mozilla.com", or "this public key should be trusted to also act as a CA, signing certificates for other domains".

Browsers trust a very large number of these CAs, and unfortunately, the security of HTTPS is only as strong as the practices of the least trustworthy/competent CA. Before publishing this data, we attempted to notify administrators of all sites observed vulnerable to the Debian weak key bug; please let us know if your analysis reveals other classes of vulnerabilities so that we can notify affected parties.

Overall, the idea of credible trust in closed source encryption is seemingly pretty much dead. Or if not, major political strides can be made against it on totally practical grounds.

In this insightful TEDtalk Clay Shirky got a lot right about GitHub vs Lawyers in the control structures of our country & government system. Consequently: Demand code audits, if indeed these executive branch & computer systems are both supposed to be Executing Secure Processes... or whatever it is, exactly, they're $UpTo. [Does a subtle programmer joke subvert currency itself via $variables marked by dollar signs? Will time tell as the Fed addMoar($lots) program hits QEInfinityLoop?]

When it comes to what the security establishment is up to, to modify the ultimate conspiracy tweet of Hassan-i-Sabah, leader of the Assassins & the Man in the Mountain, nothing is true, everything is permissible. Also, full of Spam. [& Since Spam will always be part of the problem, Monty Python ultimately wins the meme war.]

UPDATE: Govt Sites appear OK right now // Earlier Feds / IIR.com apparently scrubbing Trapwire related websites: down from DNS but not offline

///// UPDATE: August 14th 7PM: Apparently more takedowns of media pieces are occurring. Here is a pastebin from Barrett Brown (@barrettbrownlol), and also please listen to a nice interview with Barrett on RadioDispatch, my friends' Molly & John Knefel's radio show. SOURCE: http://pastebin.com/gsR8HEwN

As of 6:40 CST here in U.S., these are the Australian articles on Trapwire that have been simply removed by their respective outlets with no explanation. Note that there are rumors to the effect that they are down to inaccurately stating that Cubic Corporation owns Abraxas Apps - rumors that are false, as show here (http://privatepaste.com/6810d9914a) and as could have been verified for nearly a year on Project PM's Echelon2.org wiki entry for Cubic Corporation (http://wiki.echelon2.org/wiki/Cubic_Corporation) which itself links to the pertinent tax documents. Incidentally, Cubic and Abraxas have long been our focus due to their known involvement in persona management software as provided to CENTCOM by the wholly owned subsidiary Ntrepid. Here, the, are the articles that are down - not corrected, but entirely removed:

http://m.smh.com.au/technology/technology-news/revealed-trapwire-spy-cam... stralia-20120813-2448z.html
http://www.canberratimes.com.au/technology/technology-news/revealed-trap...
http://www.smh.com.au/nsw/surveillance-system-linked-to-transport-defenc...
http://m.watoday.com.au/technology/technology-news/revealed-trapwire-spy...
http://m.theage.com.au/technology/technology-news/revealed-trapwire-spy-...
http://www.katherinetimes.com.au/news/national/national/general/revealed...
http://www.brisbanetimes.com.au/nsw/surveillance-system-linked-to-transp...
http://m.canberratimes.com.au/nsw/surveillance-system-linked-to-transpor...

God forbid that this unprecedented incident receive at least a cursory examination from those journalists who are paid to do what many of us in the activist community have long done for free.

As to the potential reason for such articles going down in Australia, and not elsewhere, this non-scrubbed article may hold a clue:

http://www.heraldsun.com.au/news/victoria/cubic-transportation-systems-o...

As may this:

http://www.optuszoo.com.au/news/breaking/brisbane-times/surveillance-sys...

This, too, is quite understandably down:

http://www.smh.com.au/nsw/surveillance-system-linked-to-transport-defenc...

And to those who are claiming that Trapwire does not actually entail anything like facial recognition, please take a few minutes to read what ex-CIA agent and Abraxas head Richard Helms said about the intent of the software seven years ago: that it would “collect information about people and vehicles that is more accurate than facial recognition," among other things. This was noted at http://publicintelligence.net/unravelling-trapwire/ where anyone could read it, not just those of us who bothered to do so.

In conclusion, fuck the media, and fuck the dozens of state-linked firms that the media hasn't bothered to do a single fucking bit of research on despite this problem having quite demonstrably gotten out of hand years ago.

Barrett Brown
Project PM
barriticus@gmail.com

END UPDATE /////

///// UPDATE: August 12 7AM: via two different DNS services it looks like the sites are looking up correctly now. My net connection's pretty dodgy at the moment but I think they are loading correctly now. It could have been a temporary glitch - strange since other lookups were working correctly on a that stable connection all day, while both ncirc and nsi.ncirc failed in lookups and had been working correctly on that DNS only hours earlier. Oh, domain name system, why must you be so quirky? [Needed: a good way to check quite a few open DNS servers at once for a query like this - I don't have a good method obviously]

On the upside, even if this was a transient thing and not a nefarious takedown, a few things can be learned. It's good to take a careful look at Suspicious Activity Reporting, which is the underlying basis of this sketchy Trapwire system. It's also good to know about the technique that I used to get around the faulty lookups and talk to the Apache servers (manually setting /etc/hosts allows you to send the correct headers to load a site, even when DNS is not pointing correctly at the server).

I'll add that I have seen this happen before, where a Suspicious Activity Report related government site went weirdly offline and I had to go back into the google cache to retrieve the missing site data. Thus, may have fallen a bit to confirmation bias.

Unfortunately in this case I was under a major time constraint - battery was about to run out & had to kick out a notice about this possibly going down before I lost power & internet availability. It's difficult to determine DNS changes on the fly - especially as power starts to drop out :[

Additionally http://twitter.com/unoccupyABQ retrieved more files using Google Cache (not wget) and those should be added to a new file archive later today after I get some rest.

I'm certainly sorry for prematurely drawing limited interest to this odd circumstance -- however, when we posted tweets asking if other people could see the server, a couple responses indicated it was still working, but there wasn't much feedback to confirm or deny the state of these DNS lookups. [& indeed it's possible they changed files, but I lack the ability to check right now - running wget again may be able to confirm such changes]

Also in the process I learned that IIR.com, a weird quasi-governmental organization, is controlling both ncirc.gov and nsi.ncirc.gov domain name registrations, which is an interesting inflow of authority from the quasi-gov sector into the .gov realm, and further linkages between IIR.com, Trapwire, and SARs will probably turn up, I'd suspect. Again sorry for the DNS drama but at least the effort brings other useful info.

$ dig ncirc.gov

; DiG 9.6-ESV-R4-P3 ncirc.gov
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 5598
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0

;; QUESTION SECTION:
;ncirc.gov. IN A

;; ANSWER SECTION:
ncirc.gov. 30 IN A 199.44.41.59

;; AUTHORITY SECTION:
ncirc.gov. 30 IN NS talgtm.iir.com.
ncirc.gov. 30 IN NS ns3.iir.com.
ncirc.gov. 30 IN NS MURFGTM.iir.com.

;; Query time: 362 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Aug 12 06:50:19 2012
;; MSG SIZE rcvd: 111

and nsi,ncirc.gov:

$ dig nsi.ncirc.gov

; DiG 9.6-ESV-R4-P3 nsi.ncirc.gov
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 49668
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0

;; QUESTION SECTION:
;nsi.ncirc.gov. IN A

;; ANSWER SECTION:
nsi.ncirc.gov. 30 IN A 199.44.41.191

;; AUTHORITY SECTION:
ncirc.gov. 30 IN NS talgtm.iir.com.
ncirc.gov. 30 IN NS ns3.iir.com.
ncirc.gov. 30 IN NS MURFGTM.iir.com.

;; Query time: 403 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Aug 12 06:52:11 2012
;; MSG SIZE rcvd: 115

END UPDATE ///////

Apparent #trapwire gov coverup in realtime!! it looks like the government is scrubbing Suspicious Activity Report related .gov sites and dumping their DNS entries. However the boxes are still online, if you use /etc/hosts on osx/unix you can still get in and mirror the files. i got 40MB+ off one site and 100+MB off the other.

IIR.com is a very sketchy org, one of these quasi governmental orgs that sets up tracking systems in the US, and advocates policies for them.

you can still get it with adding /etc/hosts entries:

199.44.41.191 nsi.ncirc.gov

199.44.41.59 ncirc.gov

on UNIX

wget -m --tries=5 "http://ncirc.gov"

and

wget -m --tries=5 "http://nsi.ncirc.gov"

*****

LETS HAS THE ARCHIVES I GOT with WGET. these are not necessarily the full files on these webservers but they are everything which the WGET mirroring spider could grab.

MD5 (ncirc.gov.zip) = d94b716f9b62c9bf5c65ca92bb566e86

FILE http://hongpong.com/files/ncirc/ncirc.gov.zip 85.7MB

MD5 (nsi.ncirc.gov.zip) = 0b23e1bb048cce2a499f5ec9476b30c5

FILE http://hongpong.com/files/ncirc/nsi.ncirc.gov.zip 34.3MB

DNS INFO SEE http://dnshistory.org/browsedomains/ncirc.gov.

DNS History - Domain Browser

Domain: ncirc.gov. (view subdomains / view in browser)
Added: 2009-12-29 Last Checked: 2010-10-16
PageRank: 6

What links here by: CNAME / NS / MX / PTR

View all domains starting with ncirc.*.

SOA - (history)

2010-10-16 -> 2010-10-16
MName: MRFGTM.iir.com
RName: hostmaster.iir.com
Serial: 18
Refresh: 10800
Retry: 3600
Expire: 604800
Minimum TTL: 60
NS - (history)

2010-05-16 -> 2010-10-16: talgtm.iir.com.
2010-05-16 -> 2010-10-16: mrfgtm.iir.com.
MX - (history)

2010-05-16 -> 2010-10-16: 10 -> janus.iir.com.

FOR more infos on the TRAPWIRE program situation - >>

Unravelling TrapWire: The CIA-Connected Global Suspicious Activity Surveillance System | Public Intelligence

Abraxas and Trapwire: the technology and personnel revealed « Darker Net

#FreeHammond - 23 July 2012 statement from accused Chicago hacker Jeremy Hammond

Worth throwing up there as an example of how to keep perspective when they try to throw the book at you. Things like this crystallize the hypocrisy of conspiracy charges, cyber-fear-blather, terrorism and of course the laundering of drug money through the banking system. Till the walls tumble, Jeremy...

SOURCE: http://youranonnews.tumblr.com/post/27859335364/23-july-2012-statement-f...

23 July 2012 - Statement from Jeremy Hammond, alleged Anonymous hacker -

Thanks for everybody coming out in support! It is so good to know folks on the street got my back. Special thanks to those who have been sending books and letters, and to my amazing lawyers.

I remember maybe a few months before I was locked up I went to a few noise demonstrations a the federal jail MCC Chicago in support of all those locked up there. Prisoners moved in front of the windows, turned the lights on and off, and dropped playing cards through the cracks in the windows. I had no idea I would soon be in that same jail facing multiple trumped up computer hacking “conspiracies.”

Now at New York MCC, the other day I was playing chess when another prisoner excitedly cam e up as was like, “Yo, there are like 50 people outside the window and they are carrying banners with your name!” Sure enough, there you all were with lights, banners, and bucket drums just below our 11th floor window. Though you may not have been able to here us or see us, over one hundred of us in this unit saw you all and wanted to know who those people were, what they were about, rejuvenated knowing people on the outside got there back.

As prisoners in this police state – over 2.5 million of us – we are silenced, marginalized, exploited, forgotten, and dehumanized. First we are judged and sentenced by the “justice” system, then treated as second class citizens by mainstream society. But even the warden of MCC New York has in surprising honesty admitted that “the only difference between us officers here and you prisoners is we just haven’t been caught.”

The call us robbers and fraudsters when the big banks get billion dollar bailouts and kick us out of our homes.

They call us gun runners and drug dealers when pharmaceutical corporations and defense contractors profit from trafficking armaments and drugs on a far greater scale.

They call us “terrorists” when NATO and the US military murder millions of innocents around the world and employ drones and torture tactics.

And they call us cyber criminals when they themselves develop viruses to spy on and wage war against infrastructure and populations in other countries.

Yes, I am one of several dozen around the world accused of Anonymous-affiliated computer hacking charges.

One of many here at MCCC New York facing trumped up “conspiracy” charges based on the cooperation of government informants who will say anything and sell out anyone to save themselves.

And this jail is one of several thousand other jails, prisons, and immigrant detention centers – lockups which one day will be reduced to rubble and grass will grow between the cracks of the concrete.

So don’t let fear of imprisonment deter you from speaking up and fighting back. Silencing our movement is exactly what they hope to accomplish with these targeted, politically motivated prosecutions. They can try to stop a few of us but they can never stop us all.

Thanks again for coming out.

Keep bringing the ruckus!

——-

You can donate to Jeremy’s legal fund here - https://www.wepay.com/donations/125509 - and learn more about him here - http://freehammond.com/

You can write to Jeremy in prison here:

Jeremy Hammond 18729-424
Metropolitan Correctional Center
150 Park Row
New York, New York, 10007

Syndicate content