Tuesday, October 28, 2014

"Hail Hydra!" and other spy games...

Has the second leaker been found? For quite a while, observers have speculated that Ed Snowden was not the only NSA whistleblower. Some of the material that has been made public seems to have come from another source. The FBI is now indicating that they know who this person is...
The FBI recently executed a search of the suspect's home, and federal prosecutors in Northern Virginia have opened up a criminal investigation into the matter, the sources said.
The locus of attention seems to be this new story by Jeremy Scahill and Ryan Devereaux. I hope that the controversy over the source doesn't drown out the important message conveyed by this article...
Nearly half of the people on the U.S. government’s widely shared database of terrorist suspects are not connected to any known terrorist group, according to classified government documents obtained by The Intercept.

Of the 680,000 people caught up in the government’s Terrorist Screening Database—a watchlist of “known or suspected terrorists” that is shared with local law enforcement agencies, private contractors, and foreign governments—more than 40 percent are described by the government as having “no recognized terrorist group affiliation.” That category—280,000 people—dwarfs the number of watchlisted people suspected of ties to al Qaeda, Hamas, and Hezbollah combined.

The documents, obtained from a source in the intelligence community, also reveal that the Obama Administration has presided over an unprecedented expansion of the terrorist screening system. Since taking office, Obama has boosted the number of people on the no fly list more than ten-fold, to an all-time high of 47,000—surpassing the number of people barred from flying under George W. Bush.

“If everything is terrorism, then nothing is terrorism,” says David Gomez, a former senior FBI special agent.
Great line, that: “If everything is terrorism, then nothing is terrorism.” But those weren't the words that sparked a morning meeting at the Hoover Building. No, what got the Feds' attention were these words: "...obtained from a source in the intelligence community."
The CIA uses a previously unknown program, code-named Hydra, to secretly access databases maintained by foreign countries and extract data to add to the watchlists.
Seriously? Hydra? Less than a year ago, the second Captain America movie posited that the CIA -- or SHIELD, as it is known in the Marvel Universe -- had been hopeless corrupted by Hydra. Is life imitating pop art?

At any rate, the new source -- the one who has revealed the existence of Hydra -- is referenced in a new documentary about Snowden by Laura Poitras. There's a scene in which Glen Greenwald tells Ed Snowden that someone new has stepped forward, and that this person was inspired by Snowden's example to blow the whistle.

I hope this guy has made his escape already. But I don't think he has.

And on the other side of the aisle, we have...

Sharyl Attkisson. She's the former CBS News reporter who says that she was fired because she delved too deeply into Obama administration wrongdoings. I'm a little loathe to get on board with Attkisson's claims, since she played into the right's "Benghazi" scenarios without bothering to mention the real Benghazi scandal -- the CIA's funneling of Libyan arms to the Syrian rebels.

Now the right-wing darling claims that Obama administration spooks put a super-powerful keylogger on her laptop.
In her new memoir, Sharyl Attkisson says a source who arranged to have her laptop checked for spyware in 2013 was “shocked” and “flabbergasted” at what the analysis revealed.
Attkisson says the source, who’s “connected to government three-letter agencies,” told her the computer was hacked into by “a sophisticated entity that used commercial, nonattributable spyware that’s proprietary to a government agency: either the CIA, FBI, the Defense Intelligence Agency or the National Security Agency.”

The breach was accomplished through an “otherwise innocuous e-mail” that Attkisson says she got in February 2012, then twice “redone” and “refreshed” through a satellite hookup and a Wi-Fi connection at a Ritz-Carlton hotel.

The spyware included programs that Attkisson says monitored her every keystroke and gave the snoops access to all her e-mails and the passwords to her financial accounts...
Wait a freakin' minute here. This entire story revolves around the credibility of this unnamed source, whom Attkisson calls Number One. If we can't have this source's name, then at least give us some idea as to how he knows what he knows (presuming that we're dealing with a "he").

How was he able to determine that this malware was government malware? What program did he use to find the keylogger? I mean, did he simply use Norton or AVG? Or did he use a special gummint keylogger-finder?

The evil things attributed this alleged piece of malware are typical of any keylogger. You don't need to be with the NSA to make a thing like this happen.

Perhaps some kind reader can help me parse this statement: "commercial, nonattributable spyware that’s proprietary to a government agency..." Isn't there a contradiction here? How can an app be "commerical" and "proprietary to a government agency" at the same time? If it really is commercial, then anyone can purchase the thing.

I must confess that this allegation is genuinely interesting...
But the most shocking finding, she says, was the discovery of three classified documents that Number One told her were “buried deep in your operating system. In a place that, unless you’re a some kind of computer whiz specialist, you wouldn’t even know exists.”

“They probably planted them to be able to accuse you of having classified documents if they ever needed to do that at some point,” Number One added.
I've long suspected that potentially incriminating material (kiddie porn, classified docs, whatever) may lurk on nearly everyone's system, just as there are trace amounts of cocaine in most examples of folding money. In my fear-fantasy, really bad shit is placed on your system (and my system) by free apps like Zone Alarm or by pirated versions of apps like Photoshop. The contraband jpgs would give the feds grounds to incarcerate you and to destroy your reputation, should you ever do anything to piss off the Powers That Be.

I'm not saying that this "fear fantasy" is real; I'm saying that it is technically possible.

The WP covers the Attkisson story here and adds a few details...
So CBS News hires an independent computer analyst whom Attkisson identifies as “Jerry Patel,” also a pseudonym. He finds a massive amount of suspicious activity in the computer, including the removal of all kinds of log messages. The author describes the scene as “Patel” does his work: “Now he’s breathing heavily. It alarms me because it alarms him and he’s not easily alarmed. His voice becomes more formal and he launches into what sounds like a speech for posterity. ‘In my professional opinion, someone has accessed this box … I see evidence that shows a deliberate and skilled attempt to clean the log files of activity.’” Intrusions of this caliber, concludes “Patel,” are “far beyond the the abilities of even the best nongovernment hackers.”

In summing up, Attkisson writes, “Everything Patel has found serves to confirm my January source and analysis. Patel tells me that only a few entities possess these skills. One of them is the U.S. government. I already know this from Number One. But now CBS knows it, too. And it will all be in his final report.”
"Far beyond the the abilities of even the best nongovernment hackers"...? I'd like to hear from actual hackers on this score. I'm not a malware expert, but I don't think that the things described here exceed the capabilities of trojans and keyloggers that have been described in the open literature.

I mean, "removal of all kinds of log messages" -- how difficult is that, really? This commercial keylogger has a feature which allows one to remove all logs permanently, at the touch of a button. You don't need to be the freakin' NSA to engineer stuff like that.

I don't trust Attkisson, I don't trust the people she works with these days, and I wouldn't discount the possibility of a false flag attack masterminded by the folks at HBGary, or by some similar outfit. Keep in mind the example of Lara Logan.

By the way: I see no reason why we can't know the real identity of "Patel."

There's something funny about this story...
Intrusions of this caliber, concludes “Patel,” are “far beyond the the abilities of even the best nongovernment hackers.”

That's the line that jumped out to me, too. My first thought was....are they nuts? Are they trying to piss off Anonymous who may retaliate by planting child porn in various high places?

Interesting topic, tho....I hope you get some responses to your queries to readers.
Yeah, there is nothing described here which is beyond the abilities of any decent hacker, government or otherwise. As you say, Trojans, keyloggers, virus, can all be made to erase their own tracks rather easily. It doesn't require any special abilities or skills.
Called Hydra PROMIS in my day.

Bog-standard keylogger. The feds can see what's on your screen through the wall with their TROJAN systems, any idiot with Ophcrack can get your password for Windows if they get access to your computer (by burglarising your house, perhaps) and then your online passwords from the unencrypted file on your hardrive where your browser stores passwords.

Stephen, I don't think anyone broke into Sharyl's house. Too great a risk, too small a prize, and too many alternative ways to get the data.

Note the underlying message: Sharyl, a Koch mole in CBS-land, JUST HAPPENED to have a pal who is a spook. Once again, I'm reminded of Lara Logan, another right-wing mole in CBS-land, who JUST HAPPENS to be married to a high-level intelligence officer who specializes in psyops.

See the pattern?
Oh...and both Lara and Sharyl were trying to get CBS to run Benghazi stories that fostered the wacky right-wing narrative.
Post a Comment

<< Home

This page is 

powered by Blogger. 

Isn't yours?