Tuesday, February 25, 2014
Monday, February 24, 2014
The Conspiracy Theory Is True: Agents Infiltrate Websites Intending To "Manipulate, Deceive, And Destroy Reputations"
In the annals of internet conspiracy theories, none is more pervasive than the one speculating paid government plants infiltrate websites, social network sites, and comment sections with an intent to sow discord, troll, and generally manipulate, deceive and destroy reputations. Guess what: it was all true.
And this time we have a pretty slideshow of formerly confidential data prepared by the UK NSA equivalent, the GCHQ, to confirm it, and Edward Snowden to thank for disclosing it. The messenger in this case is Glenn Greenwald, who has released the data in an article in his new website, firstlook.org, which he summarizes as follows: "by publishing these stories one by one, our NBC reporting highlighted some of the key, discrete revelations: the monitoring of YouTube and Blogger, the targeting of Anonymous with the very same DDoS attacks they accuse “hacktivists” of using, the use of “honey traps” (luring people into compromising situations using sex) and destructive viruses. But, here, I want to focus and elaborate on the overarching point revealed by all of these documents: namely, that these agencies are attempting to control, infiltrate, manipulate, and warp online discourse, and in doing so, are compromising the integrity of the internet itself." Call it Stasi for "Generation Internet."
Greenwald's latest revelation focuses on GCHQ’s previously secret unit, the JTRIG (Joint Threat Research Intelligence Group).
Among the core self-identified purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and (2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable. To see how extremist these programs are, just consider the tactics they boast of using to achieve those ends: “false flag operations” (posting material to the internet and falsely attributing it to someone else), fake victim blog posts (pretending to be a victim of the individual whose reputation they want to destroy), and posting “negative information” on various forums. Here is one illustrative list of tactics from the latest GCHQ document we’re publishing today:
Other tactics aimed at individuals are listed here, under the revealing title “discredit a target”:
Then there are the tactics used to destroy companies the agency targets:
Critically, the “targets” for this deceit and reputation-destruction extend far beyond the customary roster of normal spycraft: hostile nations and their leaders, military agencies, and intelligence services. In fact, the discussion of many of these techniques occurs in the context of using them in lieu of “traditional law enforcement” against people suspected (but not charged or convicted) of ordinary crimes or, more broadly still, “hacktivism”, meaning those who use online protest activity for political ends.
The title page of one of these documents reflects the agency’s own awareness that it is “pushing the boundaries” by using “cyber offensive” techniques against people who have nothing to do with terrorism or national security threats, and indeed, centrally involves law enforcement agents who investigate ordinary crimes:
Greenwald's punchline is disturbing, and is sure to make paradnoid conspiracy theorists crawl even deeper into their holes for one simple reason: all of their worst fears were true all along.
No matter your views on Anonymous, “hacktivists” or garden-variety criminals, it is not difficult to see how dangerous it is to have secret government agencies being able to target any individuals they want – who have never been charged with, let alone convicted of, any crimes – with these sorts of online, deception-based tactics of reputation destruction and disruption.
The broader point is that, far beyond hacktivists, these surveillance agencies have vested themselves with the power to deliberately ruin people’s reputations and disrupt their online political activity even though they’ve been charged with no crimes, and even though their actions have no conceivable connection to terrorism or even national security threats. As Anonymous expert Gabriella Coleman of McGill University told me, “targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs, resulting in the stifling of legitimate dissent.” Pointing to this study she published, Professor Coleman vehemently contested the assertion that “there is anything terrorist/violent in their actions.”
At this point Greenwald takes a detour into a well-known topic: Cass Sunstein. Who is Cass Sunstein? Recall: "Obama Picks Cass Sunstein (America’s Goebbels?) To Serve On NSA Oversight Panel."
Government plans to monitor and influence internet communications, and covertly infiltrate online communities in order to sow dissension and disseminate false information, have long been the source of speculation. Harvard Law Professor Cass Sunstein, a close Obama adviser and the White House’s former head of the Office of Information and Regulatory Affairs, wrote a controversial paper in 2008 proposing that the US government employ teams of covert agents and pseudo-”independent” advocates to “cognitively infiltrate” online groups and websites, as well as other activist groups.
Sunstein also proposed sending covert agents into “chat rooms, online social networks, or even real-space groups” which spread what he views as false and damaging “conspiracy theories” about the government. Ironically, the very same Sunstein was recently named by Obama to serve as a member of the NSA review panel created by the White House, one that – while disputing key NSA claims – proceeded to propose many cosmetic reforms to the agency’s powers (most of which were ignored by the President who appointed them).
But while until now there was speculation that Sunstein's policies had been implemented, there was no proof. That is no longer the case:
... these GCHQ documents are the first to prove that a major western government is using some of the most controversial techniques to disseminate deception online and harm the reputations of targets. Under the tactics they use, the state is deliberately spreading lies on the internet about whichever individuals it targets, including the use of what GCHQ itself calls “false flag operations” and emails to people’s families and friends. Who would possibly trust a government to exercise these powers at all, let alone do so in secret, with virtually no oversight, and outside of any cognizable legal framework?
What is perhaps most disturbing is the level of detail these modern day Stasi agents engage in, paradoxically proposing social subversion without realizing they themselves would be susceptible to just that. And all it would take is one whistleblower with a conscience:
Under the title “Online Covert Action”, the document details a variety of means to engage in “influence and info ops” as well as “disruption and computer net attack”, while dissecting how human being can be manipulated using “leaders”, “trust, “obedience” and “compliance”:
The documents lay out theories of how humans interact with one another, particularly online, and then attempt to identify ways to influence the outcomes – or “game” it:
Greenwald's conclusion is spot on:
These agencies’ refusal to “comment on intelligence matters” – meaning: talk at all about anything and everything they do – is precisely why whistleblowing is so urgent, the journalism that supports it so clearly in the public interest, and the increasingly unhinged attacks by these agencies so easy to understand. Claims that government agencies are infiltrating online communities and engaging in “false flag operations” to discredit targets are often dismissed as conspiracy theories, but these documents leave no doubt they are doing precisely that.
Whatever else is true, no government should be able to engage in these tactics: what justification is there for having government agencies target people – who have been charged with no crime – for reputation-destruction, infiltrate online political communities, and develop techniques for manipulating online discourse? But to allow those actions with no public knowledge or accountability is particularly unjustifiable.
So the next time you run into someone in a chat room or a message board who sounds just a little too much like a paid government subversive... it may not be just the paranoia speaking. For the full details "why not", read the formerly confidential slideshow below.
Apple’s Security Breach Should Scare You More Than Target’s Did
Apple’s security protocol breach is nearly as bad as handing your credit card straight to a hacker rather than making them steal the information through the magnetic stripe readers.
The flaw in Apple’s iOs and OS X platforms essentially allows a hacker to get in between the initial verification “handshake” connection between the user and the destination server, enabling the adversary to masquerade as a trusted endpoint. This means the connection which is supposed to be encrypted between you and your bank, email server, healthcare provider and more is open to attack.
Secure Sockets Layers, and more recently, Transport Layer Security protocols have protected web users for years by creating a digital secure handshake to identify and encrypt data from the browser to the secure end site. The Apple flaw puts hackers in the middle of that handshake, by allowing the SSL/TSL routines to be bypassed. (Photo credit: Shutterstock)
Security experts across the web recommend updating iPhones and iPads with the available iOS patches now, and using browsers other than Safari for OS X systems without an available Apple fix.
Usually to achieve encrypted web traffic, a handshake is accomplished through a Secure Sockets Layer — SSL for short — or more recently, Transport Layer Security, or TLS; both are Internet protocols that provide a secure channel between two machines operating over the Internet or an internal network.
The full severity of the security flaw has yet to surface, but the duplicated line of code which is causing all the ruckus has been in place since September 2012. This means theoretically that if you’ve been using the flawed iOS or OS X systems since then, a hacker on your shared network could have captured all your data that should have been SSL- or TSL-encrypted for the past 18 months.
Think of all the banking, online dating, email writing and Internet purchases you’ve made in the last year and a half.
The duplicated line of code that caused the Apple fail is shown here, and now dubbed on Twitter as #gotofail. (Image via Gizmodo)
The SSL/TLS effort requires nearly zero interaction from us — the users — but you may be familiar with the little lock icon that appears on the browser, indicating a secure connection has been achieved. This is where the Apple flaw comes in; anyone using the same network connection — the person sitting next to you at the coffee shop or at work right now — could fake the secure connection and intercept communication between your browser and a site.
Even worse, the flaw allows for modification of the “data in flight,” meaning a hacker could deliver exploits to take control of your system, according to Crowdstrike. And other applications that you may not immediately associate with Internet browsing are affected as well.
Ashkan Soltani points out the Calendar, Facetime, Keynote, Mail, Twitter, iBooks and other applications are just as vulnerable to the security flaw. (Image via Twitter)
Apple released a fix to the flaw housed in iOs 6 and 7 authentication logic, but the company only says the OS X fix is coming “very soon,” according to Reuters. This means Mac desktops and notebooks are still vulnerable to man-in-the-middle attacks.
Apple’s support page says the company will not “disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available,” but describes the fail was addressed by “restoring missing validation steps.”
Apple did not immediately respond to TheBlaze for clarification on how soon fixes for Mac desktops and notebooks will be available.
Thursday, February 6, 2014
Sunday, February 2, 2014
A Little Girls Potato Experiment Will Change The Way You Think About Food!
A little girl decided to do an experiment with a sweet potato, and her results will change the way you think about the fruits and vegetables you buy at the grocery store.