Monday, June 20, 2011

Cyber spying and social engineers (Or: Andy's so vain, he probably thinks this post is about him) (Updated)

Probably the most unpopular notion I've ever posited holds that Anthony Weiner was mousetrapped into a false confession of his May 27 tweet to Gennette Cordova. In previous posts, I've given my reasons for thinking along these lines. (Once again and for the last time: I am talking about the May 27 incident and nothing else. Got that?)

In a country where you can gain a massive and adoring audience if you spew hooey about Roswell, controlled demolition, the Illuminati and the dreaded New World Order, my humble suggestion doesn't seem so very outlandish. Nobody seems bothered by the fact that Mike Stack (leader of the anti-Weiner effort) reads Alex Jones and thinks that Weiner's wife is linked to a conspiracy involving the Muslim Brotherhood. Nobody seemed to mind Andrew Breitbart's loopy accusation that Oprah Winfrey is part of a Marxist conspiracy.

Nowadays, that sort of wackiness is considered socially acceptable. But my words sent multitudes into rage-gasm.


Nevertheless, recent findings have strengthened that unbeloved theory. At the very least, we may state without serious contradiction that something very odd -- odder than most people can imagine -- was happening in the weeks and months before the scandal broke open.

Before we proceed further, a warning:

Hot button issues invariably cause reading comprehension problems, so let's be crystal clear. This post is the first part of a larger work about the potential for political mischief in the worlds of hacking, malware and "social engineering." This is NOT a post about Weiner's behavior.

I WILL NOT PUBLISH any drivel about women being "forced" into cyber sex -- in fact, I won't even read such comments beyond the first sentence. I WILL NOT PUBLISH any comments mired in the familiar left-versus-right dichotomy. Even if I agree with you, I won't print you.

This post is about cyber-spying and allied matters. If you have nothing to say about those topics, say nothing.

Are we clear? Good. Let us proceed.

First, a definition. "Social engineering" is a fancy-shmancy term for online impersonation. People adopt fictional personas in order to fetch information about a target. Email scamsters and "phishers" often engage in this practice. The 65 year-old duffer who swaggers into a chat room pretending to be a 26 year-old body-builder is, in a sense, a social engineer. (So is the gay guy who pretends to be a girl.) Bottom line: In any cyber-only communication, you rarely have any way of truly knowing who is on the other end of the line.

A reminder: Mike Stack, Weiner-hater extraordinaire, bragged about his hacking skills, calling himself a "cyber detective" who could get anything on anyone. It is also known that he has engaged in cross-gender "social engineering" to get what he wants.

Now let us look at an under-appreciated New York Times story. Someone -- we shall refer to him as a Mysterious Someone, or "M.S." for short -- posed as a 16 year-old California girl named Nikki Reid in order to get information on Weiner and, possibly, to trap him on a pedophilia beef.

But "Nikki" (or rather, the Mysterious Someone) also had another motive, one that went well beyond Weiner. We'll get to that soon.

We know from previous stories that the conspirators fixated on accusing Weiner of sexual communication with the underaged. Yes, there was a conspiracy, or at the very least a collective "get Weiner" effort. That is not disputable. As the New York Times (along with many other sources) has revealed, the conspirators collectively called themselves the #bornfreecrew.

Nikki also got in contact with Gennette Cordova, but the things she said didn't sound quite real. Gennette became suspicious, and communicated those suspicions to Weiner.

Fascinatingly, another fake girl named Marianela Alicea communicated with #bornfreecrew, allegedly to offer scandalous information about Weiner.

Do you remember the tale of Betty and Veronica, recounted in a previous post? Get ready for a bombshell: Nikki Reid is Betty and Marianela is Veronica.

The spadework on this tale was done by the remarkable Tommy Christopher on Mediaite. To offer a very brief summary: Christopher's original report recounted how Veronica/Marianela, desperate for attention, cobbled together a fake story about her, "Betty" and Weiner. Christopher got the details from interviews with Nikki, Marianela and Nikki's mother. His original report included a very convincing apology from Marianela.

It was all a lie.

Nikki/Betty and Veronica/Marianela never existed. Neither did the mother. One can only marvel at the elaborate preparations that went into this ruse:
At the time the story ran, Christopher had taken more than reasonable steps to verify the identities of these sources, and the material details of their story. The information in the report was based on extensive email and telephone contact with these sources, who also provided photo identification, which Christopher checked against known exemplars, and elements of which he verified to the extent possible.

“The photo of Veronica was consistent with the one on her Twitter account, but not the same photo,” Christopher says, “and I checked the physical address, found that it was not fictitious, and that the school on the girls’ IDs was consistent with that address.”
Looks like I owe an apology to Markos Moulitsas, of all people. I was furious at him for publishing the "real names" of Betty and Veronica. But the real names turned out to be fake names!

NYT reporter Jennifer Preston and another unnamed source "close to the story" became suspicious of the Nikki and Marianela tale. Preston discovered the problems with the identification.

Am I talking about a conspiracy? Perhaps; perhaps not. We have no proof that more than one person posed as these three females. We also have no proof that they were female.

(We do know, however, the Mike Stack has a history of operating in cyber-drag. That fact may or may not be relevant to our story about the Mysterious Somebody.)

Mediaite refuses to speculate as to motive for this deception. Do I have a theory? Of course.

One little-noticed sub-theme of the "Betty and Veronica" tale concerns Andrew Breitbart. Although Tommy Christopher's first account carefully kept Breitbart's name under wraps, we now know that the pseudo-girls tried to convince Christopher that the Big Daddy pulling the strings of the bornfreecrew was none other than Andrew Breitbart himself.

Here's where it gets tricky, folks. Pay attention:
When Betty first approached Christopher (first via Twitter, then email), she said her primary concerns were the actions of the online group, led by @PatriotUSA76. She made the allegation that this group had approached her and Veronica on behalf of Andrew Breitbart and Dana Loesch to manufacture evidence against Rep. Weiner. When Christopher discovered a screenprint of Direct Messages between Veronica and Mike Stack, a member of that group, that showed Veronica actually offering such evidence, all three of these sources explained that Veronica had been lying to everyone in a misguided bid for attention. The allegations about Andrew Breitbart were not included in the original story, Christopher says, “because presenting this, even as a false allegation, could have unfairly damaged the reputations of Andrew Breitbart and Dana Loesch, and it didn’t add news value to the story at that time.”
(Emphasis added.) If you skimmed the above, the import of this may be unclear. So let's spell it out:

1. Betty/Nikki claimed to have evidence that Andrew Brietbart led the group that was out to create false evidence to smear Weiner.

2. Betty obviously hoped that Mediaite, a liberal-ish site, would publish this evidence.

3. Betty turned out to be a complete fake. No such girl ever existed. Her mother never existed. Her friend never existed. Thus, her "evidence" against Breitbart was fake.

4. If Mediaite had taken the bait and published fake evidence against Andrew Breitbart, Breitbart might have had standing to sue Mediaite.

Probably he would not have gone that far. I doubt that a lawsuit was the purpose of this charade.

But the important point here concerns the media wars. If Mediaite had published fake evidence injurious to Breitbart's reputation, the camera-hungry Breitbart would certainly have been able to adopt what I call the "false underdog" position. As a former girlfriend of mine might have put it, he would have been able to play martyrella. His underlings would have sent comments all over the internet decrying the "smears" against Andy Breitbart.

Poor Andy! He never, ever lies about anything. The Liberal Media Conspiracy has published lie after lie about Breitbart. Weinergate proves that Breitbart was right all along -- about ACORN's alleged involvement with child prostitution, about Shirley Sherrod, about Senator Landrieu, about Kevin Jennings, about Kenneth Gladney, about the NEA, about everything.

At least, that's what the current "Breitbart was right all along" propaganda campaign would have us believe. Don't be surprised if you see the message on a billboard: "Breitbart ha sempre ragione!"

A lot of people think that Breitbart is an egomaniac desperate for both media attention and "vindication." Before Weinergate, his lying had shredded his reputation. Even on the right, people had a hard time defending him.

After Weinergate, Breitbart embarked on a frenzied series of interviews, during which he claimed to be the victim of various liberal conspiracies. For example, he said on at least two occasions that Anthony Weiner personally directed writers for the Daily Kos to print false stories about Breitbart. This claim was, of course, bullshit.

Poor, poor Andy! Everyone is out to get him. It's all about Andy Breitbart!

Breitbart prefers to operate in a manner in which he can plausibly claim to keep his hands clean while others do the dirty work. For example, Breitbart claims he did not know that the James O'Keefe "pimp" tapes were deceptively edited. (As many now forget, ACORN was eventually cleared of wrongdoing; O'Keefe was not.) Then came the outrageous incident in which O'Keefe was arrested trying to eavesdrop on Senator Mary Landrieu's phone. When O'Keefe was caught, Breitbart denied that he (O'Keefe) was his (Breitbart's) employee.

Breitbart just paid him money. That didn't mean that O'Keefe was an employee.

Far be if from me to suggest that Breitbart had any connection to Mike Stack or to the #bornfreecrew or to the Mysterious Somebody who set up the Betty and Veronica hoax.

We can say this, though: There was a indisputably an M.S. behind that hoax. The target of that hoax was not Weiner. Based on currently-available evidence, the likeliest purpose for that hoax was to trick a liberal-ish site into publishing false -- and potentially actionable -- material about Andrew Breitbart.

If, based on the above, you wish to conclude that the M.S. was secretly working for Andrew Breitbart -- that Breitbart headed a fiendishly clever plan to plant fake evidence against himself -- I can only say that you must be one of those awful, awful conspiracy theorists. In fact, you're probably part of a liberal/socialist/Marxist conspiracy to smear the honorable Mr. Breitbart.

There is much more to say about cyber-spying, social engineering and Weinergate. There's even a tale to be told about an attempt to socially-engineer yours truly.

But that tale must wait, for this post has already grown to brobdinagian proportions.

As we part, note this: There have been various schemes and designs in which poor, beleaguered Breitbart remains a perpetual innocent, even though his name keeps cropping up. On one occasion, persons involved with one such scheme went so far as to dress up as telephone company repairmen to fiddle with the telephone lines of a senator.

Hacking a Twitter or Facebook account must be one hell of a lot easier than spying on a senator's phone.

By the way: Think back to the Anthony Weiner "confession" press conference. Just who were those "journalists" in the room who kept asking "Will you apologize to Andrew Breitbart?" -- as though that were the most important issue of the day? Since when does the Washington press corp care about Andrew Breitbart?

And just how many pints of scrofulous man-juice do you think Andy squirted into his diapers the moment he heard that yanked-from-the-teeth apology?

Before you say it: Remember, this post is only part one; there will be much more. Remember, too, the bold-faced warning given above. Remember that I simply don't care whether you consider my commenting policies unfair. Finally, remember that I have long been aware of persona software and how it may be used to annoy bloggers.

If you are dying to say something along the lines of "Well, this still doesn't excuse Weiner's behavior when he..." -- don't bother. I WILL NOT PUBLISH WHAT YOU HAVE TO SAY.

If you stick to the subject of cyber-spying and social engineering, you will be published, even if you despise everything written above.

Update: Breitbartling Lee Stranahan -- who would like to make a film about Weinergate, just to twist the knife -- blames Tommy Christopher, not the Mysterious Someone who went to such ridiculously elaborate lengths to fool Christopher. That's like blaming Able for trusting Cain. This attitude seems to be rather common throughout blogistan right. No-one on that side of the aisle can see the obvious reason why a Mysterious Someone would try to fool Christopher into publishing an actionable claim about Breitbart.

Jeez, you think the same scheme hasn't occurred to me?

Yeah, I've thought about it: Adopt a new identity, and under that guise, feed false and defamatory information about Evil Cannon to one of my enemies. (Maybe one of the 9/11 CD nuts who used to make my life miserable.) When the enemy publishes the defamatory info, act outraged and make lawsuit noises. Then sit back and watch the squirming. Hours of fun.

Sure, I've thought about doing that, but I wouldn't actually do it.

I've also whiled away a few hours planning perfect bank heists and perfect murders which I would never actually commit. These are thought experiments -- intellectual puzzles. It's like trying to work out an exception to the four-color map theorem.

By the way, there's a report that Dan Wolfe is now known as Walter Plinge, which is a traditional theatrical pseudonym. I have no idea if that is true.
Very interesting to consider this event in relation to the Chamber of Commerce scandal.

It occurs to me that, depending on how much more involved this gets, a diagram or "cast of characters" list could be invaluable in helping readers sort out the real and fake identities.
Supreme Court slapped down ACORN.
Media Matters is an Obama front.
Ridiculous. MediaMatters is a front for no-one. Investigations have shown that O'Keefe's video was deceptive crap. O'Keefe is being sued.
Nikki Reid is the central phantom among all the cyber-phantoms swarming around Weiner. Reid (he, she, it) was a stalking point it seems, for gulling Anthony into some indiscretion w/fictitious 16 yr old.

You correctly suggest a kinship w/Mike Stack's previous cyber gender-bending MO. The plot, as you also suggest, may have been jump-started from info or photos obtained by Stack's crew from previous Weiner relationships, though possibly from a different cultural world. All the phony twitter accounts then, are set up to draw Anthony into the web; but they were playing with house money. They wanted to both nail him w/bad conduct and to threaten him w/evidence of a more ruinous scandal.

Obviously, Breitbart is all over this. O'Keefe, an admitted felon, probably is too. Some one should a money chart that connects the dots among B-bart, O'Keefe, Drudge and Rove.
The mind boggles.

I wish Weiner would actually be honest. I wonder what Weiner knew about the people out to get him and when. We know Gennette Cordova warned him about Betty being fake. I also find Weiner apologizing to Andrew Breitbart, then sitting there and taking verbal tomatoes to the face during his resignation was really incredible. You'd think Breitbart literally cut off his dick and balls, rather than just paraded them around on his cell phone.

His May 30th post on his old facebook page here is interesting and I thought I should point to it.

I hope somebody asks him about Betty in an interview but I doubt they will.
Scott Ritter, former UN weapons inspector and whistleblower on Iraq, was convicted in April of "unlawful contact with a minor, criminal use of a communications facility, corruption of minors, indecent exposure, possessing instruments of crime, criminal attempt and criminal solicitation" (Wikipedia). This was a police sting ie he was not in fact talking to a minor. Good way of entrapping enemies though.
Was somebody out to get Weiner? Yeah, I think the odds are pretty good that someone was intent on using any personal foible to take him down. Whether that someone was Breitbart himself, or just someone who found Breitbart to be a convenient instrument, I couldn't say. Frankly, I wouldn't be surprised if this were all payback for Weiner's criticism of the President during the health care debate.

I do know that any left-leaning politician who makes allegations of conspiracy, particularly when he's been caught with his virtual pants down, risks becoming a figure of ridicule unless he has really compelling evidence. The Right protects their own with an almost pathological zeal.

Oh, and Oprah really does follow Marx (at least one of them) - check out the name of her production company if you don't believe me. ;-)
I'll be that jerk to pick nits... Without a doubt, social engineering pre-dates online chat rooms and the internet in general. The premise is the same, falsely representing oneself as someone else.

There may have been some rather spectacular feats of social engineering that happened via phone. This, long before easily spoofable CLID (thank you VOIP).

Of course, there may have been some rather spectacular feats of social engineering that happened face-to-face. Again, the premise was the same.

Just saying, social engineering is not an internet phenomenon. Of course, it makes it much easier to misrepresent oneself via the internet.
Hey Joseph, as you know Im writing about this and this may interest you:

There was also evidence that HBGary Federal was involved in developing an undetectable, full command and control cyber offensive weapon called Magenta.

A Daily Kos contributor also noted a document discovered in the leaked emails that outlines strategies to develop "an army of sockpuppets, with sophisticated 'persona management' software that allows a small team of only a few people to appear to be many" for the purpose of manipulating social media and public opinion.

Of the multiple issues that have garnered attention in the wake of the HBGary Federal breach, the issue of organized social media manipulation has received scant attention from the mainstream press.

The leaked document reveals a detailed, highly developed, and systematic plan to artificially gain ideological hegemony in the largely democratic realm of online social media interaction.

Excerpts from the document speak for themselves:

"Persona management entails not just the deconfliction of persona artifacts such as names, email addresses, landing pages, and associated content. It also requires providing the human actors technology that takes the decision process out of the loop when using a specific persona. For this purpose we custom developed either virtual machines or thumb drives for each persona. This allowed the human actor to open a virtual machine or thumb drive with an associated persona and have all the appropriate email accounts, associations, web pages, social media accounts, etc. pre-established and configured with visual cues to remind the actor which persona he/she is using so as not to accidentally cross-contaminate personas during use."

"To build this capability we will create a set of personas on twitter,‭ ‬blogs,‭ ‬forums,‭ ‬buzz,‭ ‬and myspace under created names that fit the profile‭ (‬satellitejockey,‭ ‬hack3rman,‭ ‬etc‭)‬.‭ ‬These accounts are maintained and updated automatically through RSS feeds,‭ ‬retweets,‭ ‬and linking together social media commenting between platforms.‭ ‬With a pool of these accounts to choose from,‭ ‬once you have a real name persona you create a Facebook and LinkedIn account using the given name,‭ ‬lock those accounts down and link these accounts to a selected‭ ‬#‭ ‬of previously created social media accounts,‭ ‬automatically pre-aging the real accounts."
And in the exact period of history when this kind of manipulation is making it clear to the most clear-minded that neither the internet, nor any part of it, can be used as a vehicle or medium for the advancement of social critique, what do we get?

Twitter revolutions and all that shit.
Post a Comment

<< Home

This page is 

powered by Blogger. 

Isn't yours?