Who's been discredited again?
February 10, 2011 9:11 AM   Subscribe

A proposal for U.S. defense contractors HBGary Federal, Palantir Technologies, and Berico Technologies to discredit Wikileaks which was pitched to Bank of America on December 3rd has been leaked. Assange had perviously stated that Wikileaks' next mega-leak will "expose an ecosystem of corruption" in a major American bank, which many believe to be Bank of America.

It unclear whether the plan pitched represents an independent attack on Wikileaks, or an attempt at double billing Bank of America for U.S. government operations of which the contractors were aware.

Among the individuals named in the document are MeFi's own Jacob Appelbaum and Glenn Greenwald.

Anonymous' counter attack on HBGary for Aaron Barr's infiltration of Anonymous is a plausible source of the leak. (previously)
posted by jeffburdges (205 comments total) 45 users marked this as a favorite
 
perviously stated
posted by found missing at 9:13 AM on February 10, 2011 [1 favorite]


So we had the What, and now we have the Why.
posted by Pope Guilty at 9:17 AM on February 10, 2011 [1 favorite]


But the Stones of Seeing do not lie! Not even the lord of Barad-dûr can make them do so!
posted by Iridic at 9:17 AM on February 10, 2011 [12 favorites]


Oh god if you have no read the arstechnica article on this drop what you are doing and read it now

Aaron Barr is shockingly, amazingly dense and grandstanding.
posted by The Whelk at 9:18 AM on February 10, 2011 [24 favorites]



Hubris :

Barr: Noooo….its about probabilty based on frequency...c'mon ur way smarter at math than me.

Coder: Right, which is why i know your numbers are too small to draw the conclusion but you don't want to accept it. Your probability based on frequency right now is a gut feeling. Gut feelings are usually wrong.


...

Barr: [some information redacted] On the gut feeling thing...dude I don't just go by gut feeling...I spend hours doing analysis and come to conclusions that I know can be automated...so put the taco down and get to work!

Coder: I'm not doubting that you're doing analysis. I'm doubting that statistically that analysis has any mathematical weight to back it. I put it at less than .1% chance that it's right. You're still working off of the idea that the data is accurate. mmmm…..taco!


Note to self - listen to the professionals you hire when they know more about the subject than you.
posted by Pogo_Fuzzybutt at 9:20 AM on February 10, 2011 [22 favorites]


Fascinating to watch stuff like this unfold, in part (for me) because it's somewhat difficult to predict how it all turns out in the end.
posted by jquinby at 9:22 AM on February 10, 2011


Anonymous' counter attack on HBGary for Aaron Barr's infiltration of Anonymous is a plausible source of the leak.

At this point, we're about 15 plot turns past ridiculous.
posted by Think_Long at 9:23 AM on February 10, 2011 [18 favorites]


double billing Bank of America

Or the gummint. HBGary Federal should be the poster child for the contracting mess we've created.
posted by jsavimbi at 9:23 AM on February 10, 2011


Oh god if you have no read the arstechnica article on this drop what you are doing and read it now

I couldn't tell who was a bigger idiot, the author of that ars technica article or Barr...probably Barr. but Barr is pure marketing/dotcomscamartist bottom feeder.
posted by ennui.bz at 9:24 AM on February 10, 2011


It's also possible that some wikileaks sympathizer inside Palantir, HBGary, or Berico leaked the documents when they realized everyone would blame anonymous for the leak. Or even that wikileaks only released the document now that they won't compromise their super-secret inside source won't be compromised! Yey more plot turns! ;)
posted by jeffburdges at 9:24 AM on February 10, 2011 [1 favorite]


Life imitates William Gibson novel?
posted by Alterscape at 9:25 AM on February 10, 2011 [2 favorites]


Holy shit holy shit holy shit life is SO COOL.
posted by WidgetAlley at 9:25 AM on February 10, 2011 [9 favorites]


Watching the media cover the bank leak (when it comes out, if ever) is going to be fascinating. They're going to downplay and ignore it so hard it's gonna become this strange lacuna. I have good odds on the story barely creaking the surface of TV News.
posted by The Whelk at 9:26 AM on February 10, 2011 [7 favorites]


"Freespeech nutjobs?"

Fuck you Barr.
posted by spitbull at 9:27 AM on February 10, 2011 [14 favorites]



Life imitates William Gibson novel?

We've lapped Gibson twice already and are now enjoying a victory spliff in Robert Anton Wilsonland.
posted by The Whelk at 9:27 AM on February 10, 2011 [77 favorites]


Pogo; please tell me you're paraphrasing that exchange.

I excerpted it from the Arstechnica article. But it is telling.

His "big idea" was to to try and tie accounts to social media using relationship analysis. So, if someone says something in IRC and then the same post shows up in twitter, then you can tie those two accounts together. At some point he talks about how he can assume that people who have many friends in a town must also be from that town.

The trouble is, as anyone with half a brain knows - most of those relationships are useless knowledge. They can be accurate, but they might not be and there isn't much you can do to validate it - especially not on the timescales he's talking about.
posted by Pogo_Fuzzybutt at 9:29 AM on February 10, 2011 [1 favorite]


Palantir Technologies

"I've got a great name for the company."
"Lay it on me."
"'Palantir Technologies.'"
"WTF is a palantir?"
"It's that thing from Lord of the Rings. It's a crystal ball thingy."
"OK, I get it. 'We can see the future.' I like it."
"Well..."
"Well, what?"
"The palantir actually get used by Sauron, the bad guy of the story."
"Used for what?"
"He corrupts Saruman with it. And then Saruman hucks it at one of the hobbits, like a big-ass bowling ball. And when the hobbit picks it up, he's like, corrupted by it, too."
"You want us to name our company after a giant magic crystal ball of crack that the devil uses to reach through and pimpslap people with?"
"Yeah."
"Awesome. Let's get another round of cocktails."
posted by Cool Papa Bell at 9:29 AM on February 10, 2011 [73 favorites]


Any financials stock gurus in here? I have around $1000 of BAC stock. Hold or sell?
posted by gagglezoomer at 9:30 AM on February 10, 2011


This irc log of HBGary's president Penny Leavy in an IRC Anonymous chat room is pretty priceless.

[04:06] <> Penny: if what you are saying is tree [sic] then why is Aaron meeting with the FBI tomorrow morning at 11am? PLEASE KEEP IN MIND WE HAVE ALL YOUR EMAILS.
posted by phaedon at 9:33 AM on February 10, 2011 [5 favorites]




His "big idea" was to to try and tie accounts to social media using relationship analysis. So, if someone says something in IRC and then the same post shows up in twitter, then you can tie those two accounts together. At some point he talks about how he can assume that people who have many friends in a town must also be from that town.


his big "idea" was that if you spout enough horse shit and can convince people who probably can't turn on their own computers without tech support that you are a computer security professional then you can get an article in the Financial Times and that will help you sell your 'services' to the government.

standard government outsourcing contractor stuff.
posted by ennui.bz at 9:34 AM on February 10, 2011 [8 favorites]



i can't believe this is a powerpoint. i guess these sorts of things are no longer discussed in smoky rooms with guys in drinking whiskey from heavy cut crystal glasses.


Holiday Inn conference rooms contain more evil per square foot then any other place on earth.
posted by The Whelk at 9:40 AM on February 10, 2011 [43 favorites]


From the Arstechnica article linked up thread:

[Aaron Barr's] programmer had doubts, saying that the scraping and linking work [Barr] was doing was of limited value and had no commercial prospects. As [the programmer] wrote in an e-mail:

Step 1 : Gather all the data

Step 2 : ???

Step 3 : Profit
posted by nooneyouknow at 9:40 AM on February 10, 2011


Fun fact: Palantir is an anagram for "liar pant", "anal trip"and "plain rat."
posted by MuffinMan at 9:41 AM on February 10, 2011 [8 favorites]


I love this bit in the Wikileaks response pdf about HBGary Federal's contribution to the plan:

HBGary Federal

• A Focus on Information Operations (INFOOPS)
- Influence operations
- Social media exploitation
- New media development
• Experts in threat intelligence and open source analysis
• World renowned vulnerability research and exploit development
• Critical cyber incident response
• Industry leading malware analysis and reverse engineering


One might say Barr & HBGary fulfilled many of these objectives with operation INFO OOPS
posted by timshel at 9:43 AM on February 10, 2011 [2 favorites]


the picture of the Bahnhof AB Servers, Pionen White Mountains, Sweden is so....bizarre? cool? looks like the entrance to a BladeRunner or Chiba City nightclub?

It's even cooler on the inside.
posted by theodolite at 9:43 AM on February 10, 2011 [9 favorites]


Can anyone comment on how much of this plan might've been implemented thus far?

I'd imagine Jacob Appelbaum's harassment was more just morons at the TSA, but you'll notice the powerpoint spends a whole page on Glenn Greenwald.

Ignore the slashdot article's mistaken claim that these contractors may've been involved in visa, master card, and paypal pulling wikileaks accounts. All those accounts were pulled before December 3rd.
posted by jeffburdges at 9:44 AM on February 10, 2011


Cool Papa Bell - heh.
posted by Eyebeams at 9:45 AM on February 10, 2011


Someone at one of these companies is probably working on a new plan right now, substituting Anonymous in place of Wikileaks. That should go swimmingly.
posted by Big_B at 9:46 AM on February 10, 2011


Their profile of Julian Assange is ridiculous. Is this how adults act? Unbelievable.
posted by kuatto at 9:47 AM on February 10, 2011


Let's get back to the BoA leak. When is that going to happen? And why would Assange announce what his next leak is going to be? Like nobody was going to pay attention otherwise?
posted by DU at 9:47 AM on February 10, 2011




batcube
posted by DU at 9:50 AM on February 10, 2011 [2 favorites]




odinsdream: “Pogo; please tell me you're paraphrasing that exchange.”

Nope; that's verbatim, and it's from the Ars Technica article. Quite entertaining, actually.
posted by koeselitz at 9:52 AM on February 10, 2011


I am so very glad that the bad guys are consistently slower and dumber than the good guys.
posted by leotrotsky at 9:52 AM on February 10, 2011


• A Focus on Information Operations (INFOOPS)

Oh, great, these assholes are giving FOOPS a bad name.
posted by oneswellfoop at 9:53 AM on February 10, 2011 [5 favorites]


What an amateurish PowerPoint. Palantir could benefit from some restaffing. I bet they could hire Christopher Lee THANK YOU GOOD NIGHT
posted by AugieAugustus at 9:53 AM on February 10, 2011 [3 favorites]


the picture of the Bahnhof AB Servers, Pionen White Mountains, Sweden is so....bizarre? cool? looks like the entrance to a BladeRunner or Chiba City nightclub?

It's even cooler on the inside.

yes. you are entirely correct. those inside shots are nuts. i might not mind working in a cube if it was also a cave.


What plants are those that they have growing along the sides of the cave? Are they using grow lamps or something?
posted by ekroh at 9:53 AM on February 10, 2011


Oh, great, these assholes are giving FOOPS a bad name.

Don't worry. All us MeFites know there is one truly swell foop, and he's one of us.
posted by hippybear at 9:54 AM on February 10, 2011 [4 favorites]


I'd imagine that Assange announces these leak to build up anticipation so the story moves faster once announced, although he's used announcements for misdirection before. It'll be pretty funny if BoA has exposed all their criminal activity to hundreds of lawyers working as outside contractors only to find that Goldman Sacks get speared by Wikileaks.
posted by jeffburdges at 9:55 AM on February 10, 2011 [2 favorites]


"The palantir actually get used by Sauron, the bad guy of the story."
"Used for what?"
"He corrupts Saruman with it. And then Saruman hucks it at one of the hobbits, like a big-ass bowling ball. And when the hobbit picks it up, he's like, corrupted by it, too."


Just watched RETURN OF THE KING again so I'm suddenly an expert on the palantir. One of it's key features is that regardless of what it shows the user, the user always fucks up with his interpretation of what the palantir has shown him. EVEN SAURON GETS IT WRONG, TWICE.

So, I see it as being kind of like LSD: erupting with revelation and insight, but fuck if you can do much with it other than spread the great cause of confusionism, which is not inherently a bad thing.
posted by philip-random at 9:57 AM on February 10, 2011 [7 favorites]


I am so very glad that the bad guys are consistently slower and dumber than the good guys.

On the other hand, a core principal of modern economics is that evil will always triumph, because good is dumb.
posted by kaibutsu at 9:59 AM on February 10, 2011 [7 favorites]


Metafilter: so put the taco down and get to work!
posted by Mister Fabulous at 9:59 AM on February 10, 2011 [3 favorites]


Let's get back to the BoA leak. When is that going to happen? And why would Assange announce what his next leak is going to be? Like nobody was going to pay attention otherwise?


He's recently been back peddling on the materiality of the BoA info. Reuters Article
posted by JPD at 9:59 AM on February 10, 2011 [1 favorite]


Metafilter: erupting with revelation and insight, but fuck if you can do much with it other than spread the great cause of confusionism, which is not inherently a bad thing.
posted by oddman at 9:59 AM on February 10, 2011 [6 favorites]


only to find that Goldman Sacks get speared by Wikileaks.

I'm *just* paranoid enough to think that if GS really thought they were in any danger the people involved would be dead.

On the other hand....
posted by The Whelk at 9:59 AM on February 10, 2011 [1 favorite]


This whole wikileaks saga is getting more boring than Season 3 of Lost.
posted by dougrayrankin at 10:04 AM on February 10, 2011


Thank you Ars for ending your article with this image.
posted by Mister Fabulous at 10:04 AM on February 10, 2011 [7 favorites]


I am so very glad that the bad guys are consistently slower and dumber than the good guys.

Wait, that's not what I learned from Spaceballs!
posted by XMLicious at 10:08 AM on February 10, 2011


Awesome, XMLicious; I remembered the line but forgot the origin!
posted by kaibutsu at 10:13 AM on February 10, 2011


Somehow reading about this stuff makes me feel like i'm reading about eve online... except this has real implications for all of us.
posted by Nanukthedog at 10:18 AM on February 10, 2011 [8 favorites]


Fun fact: Palantir is an anagram for "liar pant", "anal trip"and "plain rat."

Strangely enough, according to the Internet Anagram Server, HBGary has no anagrams at all.

But adding Federal generates, among others: Brayed Flag Her, Barraged Eh Fly, Blah Grayed Ref, and A Harry Beg Fled.
posted by Naberius at 10:23 AM on February 10, 2011


My new catchphrase at work: You just need to program as good as I analyze.
posted by benzenedream at 10:32 AM on February 10, 2011 [5 favorites]


Between the emails and the chat logs, there are so many quotable lines..."mmmm…..taco!" is an instant classic.

I liked this one, too:
"You're asking us not to press the red button after we've already pressed the red button."

Seriously. The president of a "security company" not knowing how torrents work. She was told the emails had already been seeded...she wanted them to be un-seeded.

This is what our tax dollars are paying for.
posted by Xoebe at 10:33 AM on February 10, 2011 [7 favorites]


"We... are now enjoying a victory spliff in Robert Anton Wilsonland."

If ever a lake needed a No Swimming sign....
posted by rokusan at 10:34 AM on February 10, 2011


Actually, "Barghy" is an anagram of HBGary (the "gh" is pronounced "f," like in "rough").
That's not an actual word, you might protest. Not yet, I would reply.
posted by adamrice at 10:34 AM on February 10, 2011


Ugh this is the problem with "executives" using iphone's... the AUTOCORRECTS.
posted by stratastar at 10:38 AM on February 10, 2011


Also, I feel like I defamed the word executive by connecting it to this asshat.
posted by stratastar at 10:56 AM on February 10, 2011


I think the whole obsession with Greenwald shows that this was someone trying to put together a proposal for the WTF team at the CIA, or some OGA. This doesn't represent an actual government plot, it represent someone trying to pitch the government on buying their services to begin the plot. Since the slide deck isn't marked as "classified", top secret or even company confidential, it seems like we are dealing with something so amatuerish that I can't believe these guys are serious government contractors.

Obama needs to back off Assange now, and just let it go. We got caught with our fly down, just zip it up and move on. You can't stop this and the harder you push back on it the worse you make it for yourself.
posted by humanfont at 10:59 AM on February 10, 2011 [5 favorites]


It seems like one probable source of the leak was one of the programmers that this web 2.0 bullshit artist relied upon for the actual product he was shilling, but seemed to have infinite disdain for. It would be funny if he put down that taco and then immediately sent out this leak.
posted by codacorolla at 11:09 AM on February 10, 2011 [1 favorite]


You defamed the word iPhones by putting an apostrophe in it, too.
posted by emelenjr at 11:15 AM on February 10, 2011 [1 favorite]


I didn't see the take-down message screen cap before; thanks ArtsTech!
posted by paisley henosis at 11:19 AM on February 10, 2011 [3 favorites]


You can't stop this and the harder you push back on it the worse you make it for yourself.

ever consider that Langley does not want it to stop.
posted by clavdivs at 11:19 AM on February 10, 2011


You just need to program as good as I analyze.
10 PRINT "I AM 1337!"
20 GOTO 30
RUN
posted by Hylas at 11:22 AM on February 10, 2011 [20 favorites]


I'd doubt mr. coder leaked it. First, his gripe was about the anonymous crap, not wikileaks. Second, he warned officials inside the company that Aaron Barr was running around spouting garbage, indicating some real sense of duty to the company. Third, Anonymous snagged all HBGary's emails themselves. I was just having some fun with the conspiracy theory upthread.
posted by jeffburdges at 11:24 AM on February 10, 2011 [1 favorite]


We can elaborate slightly on clavdivs' suggestion that the CIA might like wikileaks. There is for example $30 million available under the U.S. Dep't of State's Internet Freedom Programs targeted at East Asia, meaning the U.S. sees some long term benefits from wikileaks-like activity.
posted by jeffburdges at 11:34 AM on February 10, 2011


Is Aaron Sorkin done the script yet? I can't wait for the 2013 blockbuster!
posted by Theta States at 11:41 AM on February 10, 2011


I was struck by one thing reading that arstechnica article; the coder is the hero in this story. When I saw this:

"Coder: No it won't. It will tell you how mindless their friends are at clicking stupid shit that comes up on a friends page. especially when they first join facebook."

As a description of why Barr's datawankery wouldn't yield useful results, I realized that this person was full of awesome thoughts.

Barr, on the other hand, looks like such an idiot it isn't even funny.
posted by quin at 12:05 PM on February 10, 2011 [1 favorite]


At the same time though; they did manage to get a girlfriend of one of the kids... Mix that with some reckless jackbootery and I'm sure China's a buying market.
posted by stratastar at 12:07 PM on February 10, 2011


After carefully considering what my own position is on Wikileaks, I find that Clay Shirky has got there before me and explained it much better than I can, in this Guardian article.
WikiLeaks has not been a series of unfortunate events, and Assange is not a magician – he is simply an early and brilliant executor of what is being revealed as a much more general pattern, now spreading ...

... Assange has claimed, when the history of statecraft of the era is written, that it will be divided into pre- and post-WikiLeaks periods. This claim is grandiose and premature; it is not, however, obviously wrong.
Other Wikileaks news: this week the Assange extradition hearing is going on in London. The final day is tomorrow, although the judgement will probably come later, and then the inevitable appeals. There are heavyweight lawyers on both sides, its not clear which side is winning yet, and a lot of the focus is on the reliability of the Swedish legal system. WLCentral has an eyewitness account from someone who was at the trial on Monday. Guardian was liveblogging day 1 and day 2, summaries near the top.
posted by memebake at 12:14 PM on February 10, 2011 [5 favorites]


Using Palantir, an analyst can discover and investigate latent threat networks in minutes instead of hours or days, dive deeper into data than previously possible, and for the first time be exposed to data in a conceptual environment along intuitive and high-level dimensions, totally unconstrained by data scale and silo.
What does this even mean?
posted by djgh at 12:34 PM on February 10, 2011 [10 favorites]


odinsdream: "Man, the "Coder" character in all of this is just awesome. It reads so much like that layout designer who kept turning out joke pieces for a client who refused to pay. Clearly they think Barr's an idiot, and aren't afraid of making that obvious to him."

The more I read these exchanges, the more I hear them in the voices of Chip and Web-guy at The Website is Down.
posted by jquinby at 12:36 PM on February 10, 2011 [2 favorites]


djgh: You have to watch out for silos; if you don't clean one properly the whole thing can blow!
posted by dhens at 12:37 PM on February 10, 2011


It's even cooler on the inside.

"I love what you've done with the place!" -Dr. Evil
posted by the painkiller at 1:00 PM on February 10, 2011 [3 favorites]


Boy, someone never learned the notion of chaotic good from Robin Hood, D&D, etc.

Imho, the epicest lolz scenario would be this proposal proving that these contractors having revealed classified information to BoA in an attempt to double bill BoA for a U.S. government contract, and they all get their clearances yanked. And obviously the 16 year old girl who helped hack into HBGary gets into MIT. Your hacker movie happy ended has gotta see the kid getting into MIT. :)
posted by jeffburdges at 1:01 PM on February 10, 2011


Using Palantir, an analyst can discover and investigate latent threat networks in minutes instead of hours or days, dive deeper into data than previously possible, and for the first time be exposed to data in a conceptual environment along intuitive and high-level dimensions, totally unconstrained by data scale and silo.

What does this even mean?



[20 fathoms deep into previously unplumbed depths of data]


where are you now?
over here
we are watching you
who are you talking to?
you I'm talking to you
then who's watching?
watching whom?
we are watching you
who's we?
you?
damn they're peddling fake copies the deep data dive experience bringing us all down the same rabbit hole
*cough*
what?
That's the same conceptual environment along intuitive and high-level dimensions
eat your taco
we are watching you we are watching you
kikikikkikikik

[fade]
posted by infini at 1:20 PM on February 10, 2011 [2 favorites]


Empathy is fantastic and I think we should all cultivate a bit more of it, especially before wishing others be driven to suicide.
posted by ChrisHartley at 1:22 PM on February 10, 2011 [17 favorites]


In a war between Barr and Anonymous, I can recognize Barr is a choad, and still root for him over a much worse group. One is harmlessly stupid, an insult that he makes a living being that bad at his job- but years in the tech industry has calloused me to that frustration. However, the other is a hive mind Ted Bundy.

Douchey suburban teenagers defacing websites causes some regrettable personal pain to a few people.

Barr et al. were proposing to ruin and blackmail journalists like Greenwald to protect the good name of BofA from nasty Wikileaks revelations (likely, revelations about BofA's hand in the government bailout till).

Do you really think these two groups are equivalent in their potential for societal harm?
posted by benzenedream at 1:30 PM on February 10, 2011 [18 favorites]


I'm picturing the coder as Dilbert and Barr as the PHB. It's surprisingly appropriate...
posted by Skeptic at 1:34 PM on February 10, 2011 [2 favorites]


Honestly, I'd happily see copious tax dollars towards this effort, I'd like to see these people ruined, driven to despair and ultimately suicide, so the few who remain think twice and begin to grasp the concept of 'empathy'

hincandenza, you do realize that this doesn't add up, that your hatred of these "anonymous" villains is poisoning your ability to put forth a rational observation.

For what it's worth, I've spent some time lurking at /b/ mostly for reasons of professional curiosity. Yeah, there's some root ugliness going on there, but there's also some root hilarity. In other words, exactly what I'd expect from a bunch of over-stimulated (mostly male) 18-28 year olds with no particular responsibilities in life to anyone but themselves, and way too much time on their hands.

Call them evil if you must, but I know that if I'd been born thirty years later, I'd likely be right there with them; maybe not posting kiddie porn or encouraging suicide, but definitely abusing what little power I actually had. In time, most of these young people will grow up and find that empathy you speak of. Some won't and they're exactly the kind of nimrods that will end up drawing paychecks from the likes of contractors HBGary Federal, Palantir Technologies, and Berico Technologies.

Keep on rockin' in the free world.
posted by philip-random at 1:49 PM on February 10, 2011 [2 favorites]


This is Anonymous we're talking about: a network of permanently retrograde clinical sociopathic child molesting racist rape-loving terrorists.

Source?
posted by Mister Fabulous at 1:53 PM on February 10, 2011 [6 favorites]


the chat log is linked to in the arstechnia article

http://pastebin.com/x69Akp5L


Yeah, this is fascinating. Penny logs on at row 522 of the file. If you imagine trying to reason with a hive, thats exactly how messy it is.

However her main argument seems to be that 'HBGary' is separate from 'HBGary Federal', and should be excused from the rage, but the thing is .... if you want to protect your company name, you shouldn't really give permission (and invest) in people using company names that are very similar. If she'd really wanted people to distinguish between the two firms, they wouldn't have had such confusing names.
posted by memebake at 2:02 PM on February 10, 2011


I'd bet Bank of America has caused way more suicides than Anonymous has.
posted by graventy at 2:02 PM on February 10, 2011 [23 favorites]


What does this even mean?

Five bucks says it's a SQL interface.
posted by Cool Papa Bell at 2:12 PM on February 10, 2011


Five bucks says it's a SQL interface.

SELECT *
FROM Shire
WHERE hobbit = "baggins"
ORDER BY hobbits i gotta kill
posted by Cool Papa Bell at 2:14 PM on February 10, 2011 [11 favorites]


http://pastebin.com/x69Akp5L
[07:43] <+penny> we will talk to Aaron, we will notify our customers. You r painting me with the same brush as Aaron and that is not fair. I can't "de-invest" becaus there is already an investment

To put what I just said in a different way - if 'HBGary Federal' had been a runaway success, Penny would have benefitted from the name similarity. Unfortunately, 'HBGary Federal' turns out to be a douche-pilotted train-wreck, and 'HBGary' suffers as a result. Capitalism is all about taking risks and all that, but if you live by the sword you have to die by the sword. still, props to her for going to talk to them and try and stop the unstoppable. If it was worth $2million dollars to me I guess I'd give it a shot as well
posted by memebake at 2:15 PM on February 10, 2011 [1 favorite]


To assist the Chamber, Wyatt and his associates, John Woods and Bob Quackenboss, hired a set of private security firms — HB Gary Federal, Palantir, and Berico Technologies (collectively called Team Themis) — to develop tactics for damaging progressive groups and labor unions, in particular ThinkProgress, the labor coalition called Change to Win, the SEIU, US Chamber Watch, and StopTheChamber.com.

Fallout
posted by Pogo_Fuzzybutt at 2:16 PM on February 10, 2011 [14 favorites]


Pogo_Fuzzybutt: "...collectively called Team Themis..."

Themis: She is described as "of good counsel", and is the embodiment of divine order, law, and custom. Themis means "divine law" rather than human ordinance, literally "that which is put in place", from the verb τίθημι, títhēmi, "to put". To the ancient Greeks she was originally the organizer of the "communal affairs of humans, particularly assemblies".

Oh my. The whole thing is rather Greek, no?
posted by jquinby at 2:23 PM on February 10, 2011


Barr: Hey! I'm sick of the commute to work. I'm planning on fastening helium balloons to my chair and floating all the way in to the city. Pin on a stick to lose altitude needed. Think you could put it together?

Coder: Um, I'm not so sure that's the best idea, Aaron.

...

Barr: Hey! You know there's these places where you put your feet in a tank and the fish nibble the dry skin off? And you know how everyone's on a diet these days? Well, I've just had this fucking GENIUS idea. Can you go on the web and source some piranha for me?

Coder: Uh -- ok. Tap, tap. Oh, sorry man. Amazon's out of piranha. No can do.

...

Barr: Hey! You know how when you're having a bath and reading a good book, you know, maybe glass of wine, and then you're all aw man, bath's gone cold. You're my go-to tech guy, I've drawn this idea for suspending an electric heater in the bath, reckon you could put it together?

Coder: Genius Aaron. No, really, genius. Apart from the whole side-effect thing.

Barr: Side-effect?

Coder: Death, Aaron, death.

Barr: That would be bad.

Coder: A little bad, yes. No, wait, Aaron, let me lean out of the window and water the plants...


I have lovely visions of Coder following Aaron home, leaping out to drag him from crossing in front of a truck, pushing him out of the way of falling scaffolding.

Coder is my new hero.
posted by reynir at 2:28 PM on February 10, 2011 [21 favorites]


Mod note: few comments removed - try again with less rageman, thanks. MetaTalk is your option if you want to defend calling people rape-lovers or saying they should commit suicide. Not okay here, not at all.
posted by jessamyn (staff) at 2:34 PM on February 10, 2011 [7 favorites]


I don't know if it's irony, but it sure is delicious!
posted by joz at 2:53 PM on February 10, 2011


I just want Anon to know that birdherder and birdherder Federal are two separate companies.
posted by birdherder at 2:59 PM on February 10, 2011 [3 favorites]


We the people should obviously not spend tax dollars on a security company which can't protect even its own data and whose CEO is this clueless.

But it shows that the data we have voluntarily provided to social networks can be used in ways we haven't anticipated. Even this clown Barr managed to find the girlfriend of one of the Anonymous guys. That's close enough for the FBI to bring her in for questioning.

Imagine a future where NSA routinely runs this kind of analysis to come up with a list of people to bring in for questioning for every "homeland security" case.
posted by Triplanetary at 3:09 PM on February 10, 2011 [3 favorites]


But it shows that the data we have voluntarily provided to social networks can be used in ways we haven't anticipated. Even this clown Barr managed to find the girlfriend of one of the Anonymous guys. That's close enough for the FBI to bring her in for questioning.

Imagine a future where NSA routinely runs this kind of analysis to come up with a list of people to bring in for questioning for every "homeland security" case.


Honestly, it's exactly that kind of data mining which has kept me from joining Facebook and other social media services.

I'm sure my real identity can be teased out of my online presence by anyone who seeks to do so with any kind of real focus. But it'll still basically just be me, and I won't be guilty by association via any social network or vice versa.

I don't really think that anyone would be coming after me or anyone I know for any reason, but why make it easy for them if they decide they need to?
posted by hippybear at 3:15 PM on February 10, 2011 [5 favorites]


Five bucks says it's a SQL interface.

Far more likely to be a GUI interface made using Visual Basic, so that they can track the IP address.
posted by djgh at 3:21 PM on February 10, 2011 [4 favorites]


Coder sounds like he could be on ClientCopia, dealing with yet another brilliant client who is in the "I know you're really smart and know about computers but I know this will work" mode.

What's interesting is how they are trying to use the separate company defense, like a lizard dropping off its tail. I suppose that is very handy for court and tax purposes, but not a great defense here. It even shows up, somewhat, in the logs: <+c0s> greg: the big problem is that the people around these parts just dont work like everyone else. So coming at them from the angle of legal problems, or public perception, or really any of the normal ones just doesnt work.

I wouldn't say that they are clueless so much as that this is completely out of their operating theater. Then, later, Barr shows up and still does not get that his confidence has overreached his capabilities. This is fascinating stuff.
posted by adipocere at 3:28 PM on February 10, 2011 [1 favorite]


Everyone should check out Pogo_Fuzzybutt's link above, its another leak from the HBGary emails that's just as interesting as the Wikileaks presentation:
ThinkProgress: To assist the [U.S. Chamber of Commerce], Wyatt and his associates, John Woods and Bob Quackenboss, hired a set of private security firms — HB Gary Federal, Palantir, and Berico Technologies (collectively called Team Themis) — to develop tactics for damaging progressive groups and labor unions, in particular ThinkProgress, the labor coalition called Change to Win, the SEIU, US Chamber Watch, and StopTheChamber.com.
US Chamber of Commerce responds.
posted by memebake at 3:45 PM on February 10, 2011 [6 favorites]


FireDogLake has more on the Chamber of Commerce story
posted by memebake at 3:54 PM on February 10, 2011 [2 favorites]


Thanks for posting the IRC log, that's fascinating stuff. I feel better about humans in general.

[@n0pants] it's a do-ocracy
posted by sneebler at 3:59 PM on February 10, 2011 [1 favorite]


Triplanetary: But it shows that the data we have voluntarily provided to social networks can be used in ways we haven't anticipated. Even this clown Barr managed to find the girlfriend of one of the Anonymous guys. That's close enough for the FBI to bring her in for questioning.

How much data you have voluntarily provided, maybe. Personally, I'd rather avoid that exact thing, and if that means I'm not part of some current trendy thing, then so be it.
posted by paisley henosis at 4:09 PM on February 10, 2011


I have some bad news if you think social networking is gonna be just a fad...
posted by furiousxgeorge at 4:17 PM on February 10, 2011 [1 favorite]


But it shows that the data we have voluntarily provided to social networks can be used in ways we haven't anticipated. Even this clown Barr managed to find the girlfriend of one of the Anonymous guys. That's close enough for the FBI to bring her in for questioning.

Well, it was someone from anonymous claiming that - they could have been lying, or being hyperbolic. We have no way to know.

Even at that, it was a failure of persona discipline that failed and not some super sleuthy data mining that revealed that information. Meaning that if you were careful enough, noone on the internet would have to know you are a taco.

And it's easy enough to generate fake data to cover and obfuscate the tracks of any fake persona you'd care to invent. With a couple friends and some WoW raid group level discipline, it'd be easy as hell to generate a bunch of noise. Thats the point that Mr.Coder was trying to drive at - it's not possible to get enough data to have confidence in your conclusions and certainly not along the timeframes Aaron's talking about.
posted by Pogo_Fuzzybutt at 4:19 PM on February 10, 2011


It would be open to all kinds of jamming. He looks at stuff like an IRC comment and a tweet at the same time? I'm gonna start immediately posting all the stuff that appears on the official Sarah Palin twitter. Now what? Am I her? Am I a big fan of hers? Am I just trolling for this type of analysis? Am I in Alaska? Could I convince him I'm Kevin Bacon?
posted by furiousxgeorge at 4:24 PM on February 10, 2011 [2 favorites]


Reading the Chamber of Commerce material, it seems feasible that Hunton and Williams were putting it together with the other firms but it hasn't been pitched to the US Chamber of Commerce yet. The presentation was scheduled for Feb 14th, guess it won't be happening now. But the fact that four different companies thought this was worth pitching is pretty damning in itself.
posted by memebake at 4:25 PM on February 10, 2011


There are two ways to go with your profile is social networks: don't have one (my approach) or be connected to everyone from the dick cheney fan club to the socialist nerf herders. By not having one, you draw attention to yourself as an outlier and things such as your metafilter crawled post history scores higher on echelon. By being connected to everyone you pose yourself as a different type of outlier. Now suddenly you also put the US Chamber of Commerce Fan Club two friends away from Planned Parenthood. Remove the coherent story of your liberal bias and logical conclusions are a lot harder to come up with.
posted by Nanukthedog at 4:33 PM on February 10, 2011 [1 favorite]


Could I convince him I'm Kevin Bacon?

Even more important -- can your social network profiles show you're six degrees or less from Kevin Bacon?
posted by hippybear at 4:39 PM on February 10, 2011 [1 favorite]


The US Chamber seems a lot like anonymous except instead of idle teen hacker wannabes, it's idle millionaires 1980s Gordon Gecko wannabes.
posted by humanfont at 4:43 PM on February 10, 2011 [1 favorite]


I'm sorta sad about Palantir being part of this mess, because I always thought of them as the good guys - they were a key technology in the hands of Infowar Monitor, uncovering both GhostNet and the Shadow Network. Oh well.
posted by gemmy at 5:37 PM on February 10, 2011 [1 favorite]


Why did Wikileaks announce they had dirt on the banks if they were going to wait this long before releasing anything? All that does is give their targets more time to attack and discredit Wikileaks and/or prepare world class damage control months in advance.

As for making sure the story doesn't get buried, I imagine there are plenty of ways to do that. Off the top of my head: replace the Wikileaks page with a countdown surrounded by cryptic messages. When it hits zero, show a big red Drudge-style headline screaming the most important revelations, followed by a direct link to the data dump, followed by "IF THE MEDIA IGNORES THIS THEY ARE COMPLICIT." Think ARG hype tactics + impossible-to-ignore revelation once all eyes are turned their way.

MuffinMan: "Fun fact: Palantir is an anagram for "liar pant", "anal trip"and "plain rat.""

TOO MANY LIAR PANTS
posted by Rhaomi at 5:39 PM on February 10, 2011 [4 favorites]


- The Power Point sounds like those three companies were conspiring to commit Federal computer crime felonies (they proposed cracking into WikiLeaks servers)
- grep and that archive of emails would be absolutely fascinating
- Hypothetically, !!
- If one had access to those emails, one might see that Barr was playing both sides of the fence with his social network intelligence stuff. Barr wanted to speak at BSides about how dangerous all of this information was (wink, wink, nudge, nudge) and wanted to pitch using that information to various TLAs.
- A sufficiently interested programmer could troll through those email archives and create a very interesting data visualization of what types of cyber-intelligence projects are being floated around by government contractors and to whom. Hypothetically speaking of course.
posted by ryoshu at 5:43 PM on February 10, 2011


Wikileaks has no reason to rush anything. Stuff like Manning isn't gonna happen again. They may have nothing else in the vault but the bank stuff.
posted by furiousxgeorge at 5:51 PM on February 10, 2011


I'm not saying they should have rushed it, it's just that there's no reason for them to have shown their hand this early. It really seems like the serious harassment of Wikileaks and Assange didn't start until after they let slip that they were preparing a major leak on the the financial sector. Why give the banks that warning? Why not take them by surprise?
posted by Rhaomi at 5:59 PM on February 10, 2011


All part of the longer term strategy of constricting the conspiracy's ease of communication & operation. By saying "Oh, wait till you see what we have on the banks" and then not dropping the shoe immediately, that causes the guilty parties to expend resources and act with less confidence, with the overall effect of making the conspiracy less efficient.
posted by BeerFilter at 6:06 PM on February 10, 2011 [2 favorites]


Did anyone notice that in his SUPER SLUETH STYLE powerpoint that he spelt Julian Assange's name wrong, consistently?

Attention to deetail. dtail. DEtale. DETAAL.
posted by Sebmojo at 6:13 PM on February 10, 2011 [1 favorite]


I hope Glenn Greenwald sues the shit out of these guys. I don't even like Greenwald or wikileaks, but fucking amateur hour has to end that's ran through the whole wars and Katrina a and Applebaum to if yup are reading I'm not a lawyer, but should totally ask your ACLU buddies what the options are.
posted by humanfont at 6:49 PM on February 10, 2011


but fucking amateur hour has to end

Not that it helps my state of mind very much but I get the feeling the bulk of human history is open mic amateur hour.
posted by The Whelk at 6:55 PM on February 10, 2011 [12 favorites]


I'm sure my real identity can be teased out of my online presence by anyone who seeks to do so with any kind of real focus.

I would have to agree with you, Richard L. Anderson of Fort Wayne, Indiana.
posted by John Kenneth Fisher at 7:01 PM on February 10, 2011 [4 favorites]


Mr. Fiiiiiiiisher.
posted by The Whelk at 7:02 PM on February 10, 2011


I would have to agree with you, Richard L. Anderson of Fort Wayne, Indiana.

Holy shit. You're good.
posted by hippybear at 7:08 PM on February 10, 2011 [1 favorite]


Mrs. Peacock: My life is an open book I have nothing to hide.
posted by The Whelk at 7:10 PM on February 10, 2011


Holy shit. You're good.

I know, right?
posted by John Kenneth Fisher at 7:11 PM on February 10, 2011


I just thank to Gods every day that there is no way of connecting me to my teenage USenet postings and failed websites. Remember to Nom De Internet people!
posted by The Whelk at 7:18 PM on February 10, 2011


nom de net scans better
posted by The Whelk at 7:19 PM on February 10, 2011


*nom nom nom*
posted by hippybear at 7:20 PM on February 10, 2011 [4 favorites]


Firm targeting WikiLeaks cuts ties with HBGary - apologizes to reporter.

Well, as long as you apologize Palantir this issue should go away. Greenwald doesn't seem like the kind of guy to hold a grudge.

The Chamber is still in denial mode, but it is clear a firm they employed was in on planning the same kind of activities.

Meanwhile, HBGary is back online:

The cyber world has grown out of control. State and national law enforcement mechanisms are not equipped to deal with the rapidly evolving threat. The complexity of information systems has far exceeded the ability to secure them, while reliance on these systems has only increased. HBGary has an intimate understanding of this problem; We know that understanding the attacker and his methods is the only way to defeat him. This is the core strength of HBGary and why our technology and services outperform the competition. To us, it's personal.


Indeed, when big business is using a federal contractor to subvert and sabotage trade unions, journalists, and political opponents...The cyber world really has grown out of control. Cyber-pinkertons?
posted by furiousxgeorge at 7:21 PM on February 10, 2011 [9 favorites]


I wonder who they hired to secure their website? They seem to lack in-house capability to do so.
posted by maxwelton at 7:27 PM on February 10, 2011 [1 favorite]


HBGary has an intimate understanding of this problem;

That's a fucking understatement.

To us, it's personal.

To Anon, it's lulz.
posted by ryoshu at 7:30 PM on February 10, 2011 [5 favorites]


This is all rather amazing. Thanks Aaron!
posted by localhuman at 7:59 PM on February 10, 2011


Mail Delivery Subsystem to me
show details 9:12 PM (1 hour ago)
Delivery to the following recipient failed permanently:

sales@hbgary.com
posted by furiousxgeorge at 8:05 PM on February 10, 2011 [3 favorites]


#AnonLeaks to launch with 27k mails from Greg. Teaser: Last email from Jussi to "Greg": "did you open something running on high port?"
posted by furiousxgeorge at 9:17 PM on February 10, 2011 [3 favorites]


Please visit HBGary at Booth #556 at the RSA Conference 2011 February 14th - 18th, 2011. HBGary CEO Greg Hoglund will be presenting at the show on Wednesday, February 16th and Friday, February 18th.

Anyone in SF wanna go ask them how it feels to be pwned by a 16 year old girl?
posted by Mister Fabulous at 9:36 PM on February 10, 2011 [5 favorites]




This is all the result of the hubris of someone who's always played offense & never bothered learning or practicing defense because it was always just a game to him & it's more fun to play offense.
posted by scalefree at 10:43 PM on February 10, 2011 [1 favorite]


Barr to be played by Steve Carell in the movie.
posted by breath at 1:23 AM on February 11, 2011 [8 favorites]


Wikileaks has no reason to rush anything. Stuff like Manning isn't gonna happen again. They may have nothing else in the vault but the bank stuff.

Don't forget the Gitmo files. And the big dump of data they have received on the Swiss banks. Something like the BOA emails takes time to put together into the right info store. The problem for WL at the moment is resources and people. I don't think they will have a problem getting more data. I also don't fully trust them to do the right thing with the data. Financial data is vary problematic since it could be used for insider trading.
posted by humanfont at 3:53 AM on February 11, 2011


humanfont: Financial data is vary problematic since it could be used for insider trading.

When I first read that, I thought that you meant that the leaked info could be used for insider trading, and I thought "how would it even be 'insider' if everyone has access to the data? Wouldn't that be normal trading?" Then I thought maybe you meant that WikiLeaks would be able to do insider trading before releasing the information, like shorting BoA or what-have-you, but I don't think that concern stacks up either: it isn't like they haven't released stuff they could have sold for hush money, why start now?
posted by paisley henosis at 5:51 AM on February 11, 2011 [1 favorite]


atopiary Topiary
Anonymous is now in possession of Stuxnet - problem, officer? #AnonLeaks
posted by furiousxgeorge at 6:44 AM on February 11, 2011 [1 favorite]


Anonymous is now in possession of Stuxnet - problem, officer? #AnonLeaks

Seriously. Screw the leaks, the people I hang out with are busy cracking the all the passworded zipfiles for malware & exploits. PGP was too much bother for them I guess.
posted by scalefree at 7:03 AM on February 11, 2011


There are supposed to be institutions which limit what can be done in pursuit of those private-sector goals. They're called "government" and "law." But those institutions are so annexed by the most powerful private-sector elites, and so corrupted by the public officials who run them, that nobody -- least of all those elites -- has any expectation that they will limit anything. To the contrary, the full force of government and law will be unleashed against anyone who undermines Bank of America and Wall Street executives and telecoms and government and the like (such as WikiLeaks and supporters), and will be further exploited to advance the interests of those entities, but will never be used to constrain what they do.

New article out by Glenn Greenwald re: this situation.
posted by jeanmari at 7:18 AM on February 11, 2011 [7 favorites]



[05:38] [&Sabu] penny change your nick to greg /nick greg
[05:38] [+Agamemnon] ^^true
[05:38] [@BarrettBrown] anyway, I'm off for real this time, hopefully
[05:39] [+Penny] How do I do that?
[05:39] [+Agamemnon] nn barrett
[05:39] [evilworks] /nick Greg
[05:39] [+Agamemnon] ^^type that
[05:39] [@`k] So penny is now gregg?
[05:39] [&Sabu] Greg, you're a blackhat presenter and don't know how to use irc?
[05:39] [@q] rootkits.com owener never heard of irc?
[05:39] [evilworks] haha
[05:39] [@q] i am a bit amazed
[05:39] [+Penny] ?nick Greg
[05:39] [@q] nonplussed
[05:39] * Penny is now known as greg
I know we all have typos and whatnot, but damn it is depressing to see Greg Hoglund, a tech consultant who owns Rootkit.com display such total illiteracy. They told him how to do a /nick at least three times before that, too. Poor Penny Leavy, that her husband the "hacker" isn't any better with IRC than she is from "sales and marketing."
posted by paisley henosis at 7:46 AM on February 11, 2011 [3 favorites]


Yikes! That Glenn Greenwald article is pretty amazing. It's like hearing a report about corruption from Eastern Europe 25 years ago.
posted by sneebler at 8:13 AM on February 11, 2011 [1 favorite]


Forbes: A source from Anonymous says that most of the new e-mails from Hoglund are still unchecked and it is unclear who will be most liable when the information is made public, but added that briefly skimming the emails had revealed “three different malware archives, two bots, an offer to sell a botnet, a genuine stuxnet copy, and various malware lists.” Not entirely surprising given that HBGary is a security firm, but the source speculates that botnets aren’t typically rented out for “research.”

It's becoming pretty clear HBGary is just as much a criminal enterprise as Anonymous is, just with a veneer of legitimacy. This whole thing was more like a mob war than a crime against any innocent parties. Aaron just had to prove he was 1337 and take credit for "infiltrating" a competing gang. Pride has been the downfall of many hackers. Anonymous seems like a direct response to that sort of mistake, absolutely refusing to take credit as any other name.
posted by furiousxgeorge at 10:16 AM on February 11, 2011 [5 favorites]




The depressing thing about the Greenwald article is that we're essentially powerless against this sort of thing. America's worship of the corporation ensures that.
posted by maxwelton at 1:18 PM on February 11, 2011 [1 favorite]




The e-mails mention an Iranian Shipping Demo that convinced H&W and the Chamber to go along with the plans. This is it. You can plainly see the scope of what was being planned here. It would be a massive database mapping the interconnections of all the enemies of the Chamber to be used to find any wrong doing, or more likely simply to generate guilt by association.

Yes, they were literally going to use the same technology used to track arms smugglers to take on their political opponents.

Meanwhile liberals pass-out when you use strong language. (Sorry, couldn't resist)
posted by furiousxgeorge at 4:20 PM on February 11, 2011 [5 favorites]


I cracked up every time he said "Irizzle dizzle is all up in our shizzle Amerikizzle!"
posted by paisley henosis at 4:42 PM on February 11, 2011


U.S. Chamber of Commerce target opponents families and children (via the Berico Technologies apology link by furiousxgeorge)

According to wlcentral.org people with minimal connection to anonymous are being rounded up. Go Tech!
posted by jeffburdges at 6:41 PM on February 11, 2011 [2 favorites]


(Seriously, though, that video scared the shit out of me. Not because it seemed as infallible as the fellow seemed to hope, but because the links seemed like they could be so tenuous as to include nearly anyone you wanted to damn.)
posted by paisley henosis at 7:53 PM on February 11, 2011 [1 favorite]





(Seriously, though, that video scared the shit out of me. Not because it seemed as infallible as the fellow seemed to hope, but because the links seemed like they could be so tenuous as to include nearly anyone you wanted to damn.)


Well yeah, that's exactly what the HBGary programmer was telling them about the connections they were making with Anonymous. They were bullshit that couldn't be backed up with math.

Now consider, government contractors have been using this for Iranian arms shipments? There is no doubt in my mind they are using it for terrorists. Meanwhile, who the fuck knows if they are using good math or bad math? The tool clearly has valid uses, but the implications of improper use are mind boggling.

At the same time, if this shit is actually taken seriously let's contact sales@hbgary.com and pay them to map out the conservative movement. Links with racist groups would be a good start.
posted by furiousxgeorge at 9:47 PM on February 11, 2011 [1 favorite]


According to wlcentral.org people with minimal connection to anonymous are being rounded up.

Well, come on, he was an IRC admin for them who apparently didn't cover his tracks.
posted by furiousxgeorge at 9:51 PM on February 11, 2011


Now consider, government contractors have been using this for Iranian arms shipments? There is no doubt in my mind they are using it for terrorists. Meanwhile, who the fuck knows if they are using good math or bad math? The tool clearly has valid uses, but the implications of improper use are mind boggling.

Is this news to you? How do you think they compile those rather erratic no-fly lists?
posted by Skeptic at 3:01 AM on February 12, 2011 [3 favorites]


Are you honestly suggesting that irc admins should be held accountable for what goes on inside their channels? Ain't even probable cause man, just cheerleading.

Anonymous works on the basis that enough cheerleaders will eventually accomplish any sufficiently easy task, although the current hacking story constitutes somewhat more.
posted by jeffburdges at 3:07 AM on February 12, 2011


furiousxgeorge : All indications are that HBGary is run by incompetent thugs who couldn't map out jack shit. If however we believe Alexander Karp of Palantir Technologies about his politics, then maybe he'd happily grant royalty free licenses for their software to some progressive organizations like the Southern Poverty Law Center and Think Progress.
posted by jeffburdges at 3:25 AM on February 12, 2011 [2 favorites]



Are you honestly suggesting that irc admins should be held accountable for what goes on inside their channels?


In some cases, yes, if they have good reason to believe a crime is going on.
posted by furiousxgeorge at 7:03 AM on February 12, 2011 [1 favorite]


Mother Jones has more on the Chamber: Early emails sent between the security firms by Pat Ryan of Berico Technologies describe a conversatoin with the Chamber's law firm about the proposed project: "The problem that they've identified is this:


A client of theirs is targeted by some other entity, specifically a labor union, that is trying to extract some kind of concession or favorable outcome.
They suspect that this entity is running a public campaign against their client by coordinating the actions of hundreds of seemingly separate entities to create a negative public impression of the client. The ultimate goal would be to extract the concession under duress – essentially extortion in their view. They haven’t told us the name or nature of the client, so I can only guess at what this means, but you can imagine for instance an environmental campaign targeted at an oil company as a notional example.

They seek to understand the true nature of the campaign and its command and control structure in order to expose the fact that the client is dealing with a single entity rather than a true "grassroots"campaign.

They further suspect that most of the actions and coordination take place through online means - forums, blogs, message boards, social networking, and other parts of the "deep web." But they want to marry those online, "cyber" sources with traditional open source data, tax records, fundraising records, donation records, letters of incorporation, etc. I believe they want to trace all the way from board structure down to the individuals carrying out actions.

posted by furiousxgeorge at 8:57 AM on February 12, 2011 [1 favorite]



They further suspect that most of the actions and coordination take place through online means - forums, blogs, message boards, social networking, and other parts of the "deep web."


Up periscope, matey! Looks like there's gonna be some action in other parts of the "deep blue" tonight...
posted by infini at 9:26 AM on February 12, 2011 [1 favorite]


On Fri, Aug 6, 2010 at 7:19 AM, Aaron Barr wrote:

> Greg,
>
> Can I get the Stuxnet samples you and Phil have? There are some
> interesting things happening and I have been asked if I could provide
> samples to a certain government organization (not one of the ones you might
> think - an oversight group).
>
> Aaron
>


That would be the day Symantec released the report determining Iran was most heavily hit. I guess someone in oversight was wondering, "Wait, did WE do this?"
posted by furiousxgeorge at 10:10 AM on February 12, 2011 [1 favorite]


Oh, link.
posted by furiousxgeorge at 10:10 AM on February 12, 2011


Not just any plot.

CYBER PLOT.
posted by The Whelk at 11:10 AM on February 12, 2011 [1 favorite]


It seems to me that the most secure form of communication left is soul talk through the eyes. Even pillows have ears and I heard you need a tin foil hat for telepathy.
posted by infini at 11:45 AM on February 12, 2011 [1 favorite]


This is the best thing. "cyber plot for a fiction story"

I can't imagine the turgid exposition that would be necessary to explain all the concepts involved in that story. It would make John Galt seem terse.
posted by scalefree at 5:23 PM on February 12, 2011


I'll concede your point about probable cause, furiousxgeorge. Yes, you can theoretically be convicted as an accessory to a serious crime merely for possessing foreknowledge but not reporting the crime. Afaik, you cannot be charged for failure to prevent a crime, say by not banning irc users, but not reporting remains an issue.

Any serious internet users will recognize that criminalizing the digital sit-in should violate the 1st Amendment, but usually judges are not internet savvy enough for this. Indeed, even an internet savvy judge might rule that voluntary ddos attacks are legal, but third party control as implemented on anonops remains criminal.

I'd hope that the anonops irc admin will escape prosecution simply because the debate surrounding online sit-ins might protect him from being treated as an accessory, irregardless of the ultimate legality of online sit-ins. If the courts skirt the 1st Amendment so closely, they should not permit all the guilt by association tricks.
posted by jeffburdges at 5:24 AM on February 13, 2011 [1 favorite]


Anonymous Claims Possession Of Insidious Stuxnet Virus
To me, two huge questions arise from Anonymous’ claim:

1. Are they actually in possession of Stuxnet?
2. Can they do anything with it?
Stuxnet is now on GitHub. So the answer to 1 is "yes".
posted by scalefree at 8:52 AM on February 13, 2011 [1 favorite]


Oh man I love these 3rd Act twists!
posted by The Whelk at 8:53 AM on February 13, 2011


More Stuxnet e-mails.
posted by furiousxgeorge at 10:13 AM on February 13, 2011 [1 favorite]


I'm afraid that's only decompiled source for Stuxnet posted on GitHub, not original source. You could easily produce the decompiled source from the wild Stuxnet, which obviously isn't too hard to obtain, well usually the goal is not "obtaining" the binary. ;)

I'll be impressed if & when otoh they crowd source turning these decompiled sources into pleasant reading for humans. As I recall, Stuxnet was originally written in C++ not C however. In particular, variables here are often just fragments of classes, not individually human created. I donno if you'll get much better results from a C++ decompiler, but I'd try that first.
posted by jeffburdges at 10:24 AM on February 13, 2011


Anonleaks has a counter up for their next release.

Around 2 hours from now.
posted by furiousxgeorge at 11:17 AM on February 13, 2011


Was it mentioned that #Anonymous obtained source code of HBGary security products? No, well it is so. What a disaster. #GameOver @HBGaryPR
posted by furiousxgeorge at 1:03 PM on February 13, 2011


^ that one was old, ignore me.
posted by furiousxgeorge at 1:05 PM on February 13, 2011


As somebody pointed out, the Palantir had an uncanny ability to show people things that they'd misinterpret, but the thing that I remember is that the last time we really get the see the Palantir in action is when Aragorn uses Sauron's very own spy device cum la mind control geegaw to prank call him at three am.

Talk about nature copying art.
posted by Kid Charlemagne at 1:24 PM on February 13, 2011


Anonleaks has a counter up for their next release.

And they're being DoSed.
posted by scalefree at 1:25 PM on February 13, 2011


I'm sure the government will step in and investigate this cyberattack Scalefree, no worries.

I'm in on the mirrors, search is down though.
posted by furiousxgeorge at 1:30 PM on February 13, 2011 [2 favorites]


Search interface for HBGary emails is here & torrents are here, now including Greg Hoglund's spool.
posted by scalefree at 3:48 PM on February 13, 2011 [3 favorites]


I believe this is what they call irony.
posted by scalefree at 3:56 PM on February 13, 2011 [3 favorites]


Gary pens the bizzaro reality version of the Anonymous victory boast:

HBGary Federal Flexes Private Intelligence Muscle.
---

HBGary Federal, the specialized and classified services arm of HBGary,
flexes its muscle today by revealing the identities of all the top
management within the group Anonymous, the group behind the DDOS
attacks associated with Wikileaks. HBGary Federal constructed and
maintained multiple digital identities and penetrated the upper
management of Anonymous, and was subsequently able to learn actual
identities of the primary management team – BUILDING A COMPLETE ORG
CHART. This information was critical for law enforcement, yet all the
intelligence work was done without law enforcement or government
involvement. Only after achieving the mission did Aaron Barr, the CEO
of HBGary Federal, reveal this information to the Feds. This
underscores the need for new blood in the intelligence community and
the abilities of small agile teams that are unhindered by the
bureaucratic machine.


Aaron says he is sleepy and wants to talk about it in the morning, Gary replies:

You are the dark star. Oh, I'm afraid the deflector shield will be
quite operational when your friends arrive....


Eerily appropriate.
posted by furiousxgeorge at 5:19 PM on February 13, 2011 [1 favorite]


Ouch.

Michael,

You are starting to piss me off. I know U were playing WoW last night at
1AM, I can see your last logged time. You not coming in today will severly
effect my decision to keep you at HBGary. Also, you are out of sick days,
every day is docked from your paycheck. Stop fucking me.

-Greg


> I'm still pretty much down for the count, although I feel marginally better
> than yesterday, so hopefully I'm beginning an upswing. Come hell or high
> water, I will be there on Monday.
> Michael
>

posted by furiousxgeorge at 7:25 PM on February 13, 2011


Hahahahahaha! Too funny.
posted by scalefree at 8:18 PM on February 13, 2011 [1 favorite]


> Any serious internet users will recognize that criminalizing the digital sit-in should violate the 1st Amendment, but usually judges are not internet savvy enough for this.

Judges, prosecutors, the mainstream media and most of the public at large, unfortunately.
posted by Marla Singer at 10:25 PM on February 13, 2011


>Indeed, when big business is using a federal contractor to subvert and sabotage trade unions, journalists, and political opponents...The cyber world really has grown out of control. Cyber-pinkertons? [emphasis added]

Nice phrasing. I am so stealing that.
posted by Marla Singer at 10:49 PM on February 13, 2011 [2 favorites]


Actually, I would not say that the "cyber world really has grown out of control," I would say that the government has gotten out of control. But cyber-pinkertons is golden.
posted by Marla Singer at 10:55 PM on February 13, 2011 [1 favorite]




I am a serious bad ass right now and I'm not sure you realize that.


posted by Theta States at 5:56 AM on February 14, 2011 [3 favorites]


Will this ever stop getting better?

This website has been reported as unsafe
hbgary.anonleaks.ru

We recommend that you do not continue to this website.
Go to my home page instead

This website has been reported to Microsoft for containing threats to your computer that might reveal personal or financial information.

posted by Sebmojo at 2:15 PM on February 14, 2011


Has the mirror at http://luxembourg.cryptoanarchy.org/ been hacked? The page only (ironically) displays the words "It works!" -- there's nothing else there. It's been that way for hours now.
posted by Marla Singer at 2:29 PM on February 14, 2011


I'm thinking the thing that works is the exploit that compromised the site. Defense is hard.
posted by scalefree at 2:50 PM on February 14, 2011


Interesting. I wonder if HBGary and the other security firms are taking out the search sites and/or reporting them as malware. The anonleaks.ru site looks pretty clean when viewing source -- just has a twitter.js include and a show headers button. I can't see any obfuscated .js code, but I'm no expert.
posted by benzenedream at 5:35 PM on February 14, 2011





Interesting. I wonder if HBGary and the other security firms are taking out the search sites and/or reporting them as malware. The anonleaks.ru site looks pretty clean when viewing source -- just has a twitter.js include and a show headers button. I can't see any obfuscated .js code, but I'm no expert.


Well, the e-mails themselves are FULL of links to malware. Amusing catch-22.
posted by furiousxgeorge at 11:08 PM on February 14, 2011






Greenwald: More facts emerge about the leaked smear campaigns
posted by homunculus at 5:43 PM on February 15, 2011


ars technica again: Anonymous speaks: the inside story of the HBGary hack.
posted by scalefree at 7:45 PM on February 15, 2011 [3 favorites]




arstechnica:
Rather than using an off-the-shelf CMS, HBGary—for reasons best known to its staff—decided to commission a custom CMS system from a third-party developer ... Unfortunately for HBGary, this third-party CMS was poorly written. In fact, it had what can only be described as a pretty gaping bug in it ... The hbgaryfederal.com CMS was susceptible to a kind of attack called SQL injection ...
*facepalm* yeah, that is really bad, especially so for a 'security company' that sells vulnerability assessment services.
posted by memebake at 2:46 AM on February 16, 2011 [1 favorite]




Related MeTa.
posted by XMLicious at 7:50 PM on February 17, 2011


I'd suggest making an fpp from that Daily Kos article on government or corporate backed software sock puppets, well assuming you can say more about persona management software.

There may already be some restrictions on what federal agents can do via fake personas. In particular, it should obviously be forbidden for the executive branch to use federal money to anonymously advance the president's policies. If the news parrots their press releases, well that's our fault for not supporting better news organizations. It should be illegal for the DEA to offer payola for research or opeds that fraudulently support the war on drugs.

Assuming these regulations already exist, this all comes down to how far the state actor doctrine extends beyond criminal law. For example : Could marijuana legalization activists sue an anti-legalization blogger, say obtaining discovery for his personal finances, once they've evidence that he's being given early access to the official story? (Yes, batman is a state actor.)

It'll get far stickier once your talking privately held corporations, although honestly they already seem more effective than the government at spreading their version of the truth, perhaps due in part to stock holder activity. We might eventually find that some variation upon google's markov chain based algorithm provides the solution, if not for identifying the honest people, then for identifying the people who think like you. I donno..
posted by jeffburdges at 5:12 AM on February 18, 2011 [1 favorite]


We've already got an fpp on persona management software it seems. I guess we don't like the idea of coordinated sock puppets. :)
posted by jeffburdges at 5:43 AM on February 18, 2011 [1 favorite]












« Older Femmes et hommes fatales   |   Separate, Unequal, and Ignored Newer »


This thread has been archived and is closed to new comments