Moderators: Elvis, DrVolin, Jeff
by Plutonia » Mon Feb 28, 2011 9:48 pm
Stephen Morgan wrote:https://threatpost.com/en_us/blogs/hbgary-federal-ceo-aaron-barr-steps-down-022811
Embattled CEO Aaron Barr says he is stepping down from his post at HBGary Federal to allow the company to move on after an embarassing data breach.
by Plutonia » Wed Mar 02, 2011 12:55 pm
Anonymous' counterattack against HBGary and the network of federal contractors and even government agencies that colluded in unethical and perhaps illegal activities in an effort to destroy Glenn Greenwald, Wikileaks, and various unions has yielded a number of victories for decency and transparency. Still, our work - which is yours as well - is far from over. Thus it is that we invite you to consider the following:
1. Facebook heavy Peter Thiel is pimping the firm Palantir, in which he has invested quite heavily, as the next big thing.
2. Palantir was involved in the HBGary affair, itself one of the most incredible and ostentatious conspiracies to have been revealed in years.
3. Nonetheless, Palantir initially "cut off ties" from HBGary in such a way as to leave the blame with that firm...
4. ... despite the fact that their own employee, who was presumably not working unsupervised despite insane claims to the contrary by Palantir, was heavily involved in some of the most disgusting plans.
5. After we discovered the extent of his role, I contacted Steckman via e-mail to provide terms of surrender a couple Fridays ago (and forwarded to press to protect myself). I received a call from the firm's head counsel an hour later (which I recorded and provided to a journalist, again to protect myself). He and I agreed on a conference call for 1:00 pm EST the next day - one which they seem to have decided not to attend.
6. Palantir is lying.
7. What follows is a guide, prepared by Anonymous lawyers (seriously - we have those now) which I have provided to Glenn Greenwald and other relevant parties. Now is the time to distribute it in such a way as to help ensure that a firm like Palantir does not end up being any sort of Facebook or even a ChipsAhoy.com.
8. By downloading an IRC client and joining irc.anonops.in #anonleaks, anyone may also join us in our targeted rampage against the parties that have engaged in what I would refer to as the "politics of personal destruction" were Anonymous not so rightly intent on the personal destruction of those who brought the U.S. to this sad and degenerate age.
9. We do not forgive.
10. We do not forget.
Overview
The following emails clearly establish Matthew Steckman's (Foward Deployed Engineer at Planatir) involvement in the cref the leaked presentation/propoentitled, "The Wikileaks Threat," including content allegedly considered unethical by the Internet security firm, Palantir, and possibly illegal under U.S. law. According to emails sent and received by Stec, Maas the first to correspond with Bank of America's legal representation, Hunton & Williams regarding Wikileaks, a publisher allegedly holding leaked documents from Bank of America;
Was aware that Hunton & Wlliams had been recommended to Bank of America by the U.S. Department of Justice;
Solicited the involv
Outlined the format of the presentation to b made to Hunton & Williams by Palantir, Berico and HBGary, including the number of slides and the possible content of slides;
Received and approved suggestions for the proposal from representatives from HBGary, Berico and Palantir, included suggestions foald and others in the media for the purpose of undermining Wkileaks' support in the media;
Specifically approved suggestions for the proposal, made by Aaron Barr, regarding the exploitation of weaknesses in Wikileaks' infrastructure, including its network of staff, volunteers and leakers; its submission servers; its finances; its founder, Julian Assange; etc;
Incorporated the above-described suggestions for the proposal, made by Aaron Barr, into the finished proposal;
Personally created, formatted, revised, edited, approved and distributed the presentation document in question.
Listed emails also detail correspondance between employees of the firms HBGary and Palantir (including Aaron Barr and Matthew Steckman) among others, concerning the internet movement called Anonymous, its alleged connections to Wikileaks, and Aaron's Barr's research on Anonymous, including its alleged connections to Wikileaks.
List of emails TO Matthew Steckman RE: Wikileaks
John Woods (Hunton for BoA) requests slides for a presentation to a "large US bank" re: Wikileaks:
http://search.hbgary.anonleaks.ru/...
Eli Bingham (Palantir) requests for sec reps from Palantir, Berico and HBGary to join a conference call regarding the "large US bank" opportunity discussed above:
http://search.hbgary.anonleaks.ru/...
Aaron Barr informs Matthew Steckman that he cannot open a file attachment from Steckman's previous email (linked):
http://search.hbgary.anonleaks.ru/...
Aaron Barr discusses sending analysis information to Matthew Steckman, regarding BoA/Wikileaks. Barr mentions "mapping" [speculation: the analysis maps seen in the presentation made to Hunton for BoA]:
http://search.hbgary.anonleaks.ru/...
Aaron Barr, to Matthew Stuckman, explicitly lays out potential "attack" strategies against Wikileaks' "weak points," citing Wikileaks' volunteers, staff, financials, submission servers, Julian Assange, the perceived security of leakers, etc. [speculation: this appears to be the origination of most of the points made in the palantir/berico/hbgary presentation to BoA legal defense]:
http://search.hbgary.anonleaks.ru/...
Aaron Barr introduces Matthew Steckman to the idea of attacking Glenn Greenwald specifically, and makes a case for strategically undermining Wikileaks' support in the "liberal" media. Barr explicitly uses the word "attack" in relation to organizations/individuals supporting Wikileaks:
http://search.hbgary.anonleaks.ru/...
Aaron Barr informs Matthew Steckman that he cannot open a file attachment sent by Steckman. Attachment appears to be a draft of the presentation to be made to Hunton for BoA:
http://search.hbgary.anonleaks.ru/...
Aaron Barr agrees with Matthew Steckman that they should find out "later" on whose end is the technical issue keeping Barr from accessing Steckman's BoA/Wikileaks proposal file attachments:
http://search.hbgary.anonleaks.ru/...
List of emails FROM Matthew Steckman RE: Wikileaks
Matthew Steckman invites Aaron Barr (and reps from Palantir and Berico) to join a conference call about an opportunity from a "large US bank" re: Wikileaks (mentioned in previous email):
http://search.hbgary.anonleaks.ru/...
Matthew Steckman summarizes, for Palantir, Berico and HBGary sec reps, a phonecall from Hunton and Williams; outlines BoA/Wikileaks opportunity as "internal investigation;" mentions BoA seeking injunction against wikileaks; mentions US Department of Justice's recommendation of Hunton & Williams, specifically Richard Wyatt, whom steckman refers to as "the emperor," to BoA's general counsel; mentions roles of Palantir, Berico and HBGary; mentions potential prosecution of Wikileaks:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman outlineeaks.ru/...
Matthew Steckman sends "a cleaned up version" of a document for sec reps to "work from" [original attachment is not included at listed link, document is an early draft of the BoA proposal.] Steckman informs sec reps from HBGary, Palantir and Berico that he is only collectinnformation for the time being, regarding the BoA/WIkileaks proposal:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman sends Berico and HBGary reps another "cleaned up version to work from":
http://search.hbgary.anonleaks.ru/...
Matthew Steckmanforms John Woods (Hunton for BoA) that the three firms (Palantir, Berico, HBGary) will have coordinated an early proposal by "tonight" [Dec 02, 2010]:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman and John W
http://search.hbgary.anonleaks.ru/...
Matthew Stecman sends "working draft" of BoA/Wikileaks proposal to sec reps from Berico, Palantir and HBGary:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman sends conference call ails [date, time, phone number] to John Woods (Hunton for BoA) and Bericoantir and Hry sec reps:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman sends proposal notes ["document"] for upcoming conference call/presentation to John Woods (Hunton for BoA) and Berico, Palantir and HBGary sec reps:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman informs Aaron Barr that he approves of Barr's earlier suggestions regarding Wikileaks' strengths/weaknesses and that he plans to "spotlight" an attack on Glenn Greenwald in the upcoming presentation, also per Barr's earlier suggestion [see earlier emails TO Steckman]:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman informs Aaron Barr that Barr's suggestions have been added to the updated proposal and thanks Barr for his suggestions [detailed in emails/synopses above]:
http://search.hbgary.anonleaks.ru/...
Matthew Steckman sends Aaron Barr a "Pfd" [sic] and suggests that they need to work out Barr's technical difficulties opening steckman's email attachments "afterwards":
http://search.hbgary.anonleaks.ru/...
List of emails TO/FROM Aaron Barr RE: Anonymous Research and/or Anonymous Connections to Wikileaks
Aaron Barr contacts John Woods (Hunton for BoA) about Barr's research on Anonymous. Barr claims to have information about Anonymous that possibly no one else has regarding "organization operations and communications infrastructure as well as key players by name." Barr mentions possible application of this information to another "opportunity" previously discussed with Woods, but does not elaborate:
http://search.hbgary.anonleaks.ru/...
Aaron Barr and Matthew Steckman discuss sharing Barr's research on Anonymous:
http://search.hbgary.anonleaks.ru/...
Aaron Barr and Matthew Stechman discuss meeting and sharing Barr's research on Anonymous:
http://search.hbgary.anonleaks.ru/...
Aaron Barr contacts Dawn Meyerriecks (Office of the Director of National Intelligence) and informs her of his research on Anonymous. Barr claims to have put together "a significant data set" and offers to discuss his "results, methodologies, and significance of social media for analysis and exposure":
http://search.hbgary.anonleaks.ru/...
Aaron Barr corresponds with John Woods (Hunton) and claims that he has mapped out 80-90% of Anonymous' leadership. Barr claims to be meeting with "govies" [speculation: government officials] "next week" [dated 01/31/2011.] Follow-up to email in which Barr alleges ties between Anonymous and Wikileaks.
http://search.hbgary.anonleaks.ru/...
Aaron Barr discusses with Bill Wansley (Booz, Allen, Hamilton) the possibility of researching ties between Anonymous and Wikileaks; Barr claims there are "many" such ties:
http://search.hbgary.anonleaks.ru/...
List of emails TO/FROM Other HBGary Employees RE: Wikileaks and/or Anonymous
Bob Slapnik (HBGary) recounts to HBGary's sales department a recent conversation at a "customer site" about potential markets created by the Wikileaks release (i.e. China's resultant access to classified US security intelligence and the US's subsequent need for new sec.) Slapnik stresses the importance of targeted language when proposing such products:
http://search.hbgary.anonleaks.ru/...
David Willson informs Ted Vera (HBGary) that the Bank of America/Wikileaks news has been broken by FOX:
http://search.hbgary.anonleaks.ru/...
"The Wikileaks Threat" (Original Document) Discussed in Listed Emails
WikiLeaks Response v5: http://www.mediafire.com/...
WikiLeaks Response v6: http://www.mediafire.com/...
Differences between drafts/versions:
Organizational breakdown expanded
White space changed
Minor wording changes
The rest seems to be identical
Background Brief
Based on what I’ve seen of their corporate positioning, Palantir seem to be invested in the idea that they are one of the good guys. They claim to offer technology which better distinguishes and discriminates amongst information acquired via mass-surveillance, and to permit the ‘tagging’ of this information so that it is accessible only to those with the appropriate clearance and jurisdiction.
“ dedicated to working for the common good and doing what’s right”
“That deeply felt commitment has been clear since the company’s inception and is evident in the company’s roster of advisors, leaders, engineers, and technology experts.”
White Paper: ‘Privacy and Civil Liberties are in Palantir’s DNA’
http://www.palantir.com/...
“Dam it feels good to be a gangsta...”
Matthew Steckman
(worthwhile background: positioned as trying to make a bad system better
http://www.npr.org/... )
They’re also pretty high profile, with a market capitalisation of over $1 billion (mostly courtesy of PayPal cofounder Peter Thiel) - ie, they’re a little more serious than the HBGary fools.
http://blogs.forbes.com/...
All of which makes it likely that they’re going to be looking to isolate Steckman, emphasising the disparity between their corporate values and his conduct. Obviously, having THEIR emails would make it easier to determine just how much upper management knew about his work without having to actually ask them only to receive the standard incredulous insistence of virtue. Either way, probing this is likely to give some insight into the scale of the threat as they presently perceive it.
On that threat, I think the safest thing to say at the moment is that nobody is quite sure where all of this is going to end up. Equally safe is that whatever we might be able to reduce the ‘Anonymous’ position to, it will likely be directly contrary to Palantir and their ilk – they want this to be a momentary blip, we want it to be the chink that proves the undoing of this sick machine we’ve all ended up serving and despising. The following is intended to outline some of the bigger picture factors in the form of some choice extracts from authoritative sources. This will hopefully yield insights into particular pressure points, fissures and weaknesses to be exploited.
Privatization and the Federal Government: An Introduction
December 28, 2006 Kevin R. Kosar Congressional Reporting Service
http://www.fas.org/...
Furthermore, the movement of an activity from the governmental sector to the private sector, or vice versa, has significant ramifications. Most obviously, the behavior of the entity carrying out the task will differ because each sector has different incentives and constraints. One public administration scholar has suggested that the incentives amount to this: a government entity may do only what the law permits and prescribes; a private entity may do whatever the law does not forbid.
Government agencies, unlike private firms, usually operate under complex accountability hierarchies that include multiple and even conflicting goals. Federal agencies, for example, are subject to the corpus of federal management laws. These laws serve as means for keeping executive branch agencies accountable to Congress, the President, and the public. They also embody principles of democratic justice, such as the allowance for public participation and government transparency.
Thus, in shifting an activity from the governmental to the private sector, the nature of government oversight is transformed. As the components of government provision of goods and services are privatized, the jurisdiction of federal management laws, Congress, the President, and the courts is reduced.
Privatization’s Pretensions
Jon D. Michaels
[77:717 2010] The University of Chicago Law Review
http://lawreview.uchicago.edu/...
Workarounds provide outsourcing agencies with the means of accomplishing distinct policy goals that—but for the pretext of technocratic privatization—would either be legally unattainable or much more difficult to realize.
Consider the following scenario:
Exploiting Legal-Status Differentials. The Department of Homeland Security (DHS) would like to establish a data mining operation to gather intelligence on potential terrorist threats. Bristling under stringent federal privacy laws imposed on government officials—laws that inhibit DHS’s ability to collect and analyze personal information without court authorization—policymakers turn to private contractors. Contractors, like most other private individuals, are largely beyond the scope of these federal laws. For the most part, these laws were enacted well before contractors were hired with great regularity to assist with law enforcement and counterterrorism initiatives. Now, in an era where outsourcing is the norm, DHS may use the statutes’ narrowness to its advantage and award government contracts to the unencumbered private data brokers. The contractors can then acquire the information more liberally on their own and submit raw data or synthesized intelligence to the government. DHS thus gets the benefit of more sweeping, intrusive searches than would otherwise be permitted of government officials, short of their first obtaining warrants or securing legislative change.
Report of the Special Rapporteur on the promotion and protection of human rights and
fundamental freedoms while countering terrorism, Martin Scheinin
HUMAN RIGHTS COUNCIL Thirteenth session
A/HRC/13/37 28 December 2009
http://www2.ohchr.org/...
[20]States that previously lacked constitutional or statutory safeguards have been able to radically transform their surveillance powers with few restrictions. In countries that have constitutional and legal safeguards, Governments have endangered the protection of the right to privacy by not extending these safeguards to their cooperation with third countries and private actors, or by placing surveillance systems beyond the jurisdiction of their constitutions.
[41]The Special Rapporteur notes that since September 2001 there has been a trend towards outsourcing the collection of intelligence to private contractors... [raising concerns about] lack of proper training, the introduction of a profit motive into situations which are prone to human rights violations, and the often questionable prospect that such contractors will be subject to judicial and parliamentary accountability mechanisms
Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, Martin Scheinin
HUMAN RIGHTS COUNCIL Tenth session
A/HRC/10/3 4 February 2009
http://www2.ohchr.org/...
B. Recommendations
For legislative assemblies
65. The Special Rapporteur recommends that any interference with the right to privacy, family, home or correspondence by an intelligence agency should be authorized by provisions of law that are particularly precise, proportionate to the security threat, and offer effective guarantees against abuse. States should ensure that competent authorities apply less intrusive investigation methods than special investigation techniques if such methods enable a terrorist offence to be detected, prevented or prosecuted with adequate effectiveness. Decision-making authority should be layered so that the greater the invasion of privacy, the higher the level of necessary authorization. Furthermore, in order to safeguard against the arbitrary use of special investigative techniques and violations of human rights, the use of special investigative techniques by the intelligence agencies must be subject to appropriate supervision and review.
66. There should be a domestic legal basis for the storage and use of data by intelligence and security services, which is foreseeable as to its effects and subject to scrutiny in the public interest. The law should also provide for effective controls on how long information may be retained, the use to which it may be put, and who may have access to it, and ensure compliance with international data protection principles in the handling of information. There should be audit processes, which include external independent personnel, to ensure that such rules are adhered to.
67. The Special Rapporteur also recommends the adoption of legislation that clarifies the rights, responsibilities, and liability of private companies in submitting data to government agencies.
For the executive power
71. The executive should have effective powers of control, provided for in law, over the intelligence agencies and have adequate information about their actions in order to be able to effectively exercise control over them. The minister responsible for the intelligence and security services should therefore have the right to approve matters of political sensitivity (such as cooperation with agencies from other countries) or undertakings that affect fundamental rights (such as the approval of special investigative powers, whether or not additional external approval is required from a judge).
much more difficult to realize.
the often questionable prospect that such contractors will be subject to judicial and parliamentary accountability mechanisms
Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, Martin Scheinin
HUMAN RIGHTS COUNCIL Tenth session
A/HRC/10/3 4 February 2009
http://www2.ohchr.org/...
B. Recommendations
For legislative assemblies
65. The Special Rapporteur recommends that any interference with the right to privacy, family, home or correspondence by an intelligence agency should be authorized by provisions of law that are particularly precise, proportionate to the security threat, and offer effective guarantees against abuse. States should ensure that competent authorities apply less intrusive investigation methods than special investigation techniques if such methods enable a terrorist offence to be detected, prevented or prosecuted with adequate e
67. The Special Rapporteur also recommends the adoption of legislation that clarifies the rights, responsibilities, and liability of private companies in submitting data to government agencies.
For the executive powernot because they're big secrets.
by JackRiddler » Tue Mar 08, 2011 7:38 pm
From http://www.nytimes.com/2011/03/05/science/05legal.html
March 4, 2011
Armies of Expensive Lawyers, Replaced by Cheaper Software
By JOHN MARKOFF
When five television studios became entangled in a Justice Department antitrust lawsuit against CBS, the cost was immense. As part of the obscure task of “discovery” — providing documents relevant to a lawsuit — the studios examined six million documents at a cost of more than $2.2 million, much of it to pay for a platoon of lawyers and paralegals who worked for months at high hourly rates.
But that was in 1978. Now, thanks to advances in artificial intelligence, “e-discovery” software can analyze documents in a fraction of the time for a fraction of the cost. In January, for example, Blackstone Discovery of Palo Alto, Calif., helped analyze 1.5 million documents for less than $100,000.
Some programs go beyond just finding documents with relevant terms at computer speeds. They can extract relevant concepts — like documents relevant to social protest in the Middle East — even in the absence of specific terms, and deduce patterns of behavior that would have eluded lawyers examining millions of documents.
“From a legal staffing viewpoint, it means that a lot of people who used to be allocated to conduct document review are no longer able to be billed out,” said Bill Herr, who as a lawyer at a major chemical company used to muster auditoriums of lawyers to read documents for weeks on end. “People get bored, people get headaches. Computers don’t.”
Computers are getting better at mimicking human reasoning — as viewers of “Jeopardy!” found out when they saw Watson beat its human opponents — and they are claiming work once done by people in high-paying professions. The number of computer chip designers, for example, has largely stagnated because powerful software programs replace the work once done by legions of logic designers and draftsmen.
Software is also making its way into tasks that were the exclusive province of human decision makers, like loan and mortgage officers and tax accountants.
These new forms of automation have renewed the debate over the economic consequences of technological progress.
David H. Autor, an economics professor at the Massachusetts Institute of Technology, says the United States economy is being “hollowed out.” New jobs, he says, are coming at the bottom of the economic pyramid, jobs in the middle are being lost to automation and outsourcing, and now job growth at the top is slowing because of automation.
“There is no reason to think that technology creates unemployment,” Professor Autor said. “Over the long run we find things for people to do. The harder question is, does changing technology always lead to better jobs? The answer is no.”
Automation of higher-level jobs is accelerating because of progress in computer science and linguistics. Only recently have researchers been able to test and refine algorithms on vast data samples, including a huge trove of e-mail from the Enron Corporation.
“The economic impact will be huge,” said Tom Mitchell, chairman of the machine learning department at Carnegie Mellon University in Pittsburgh. “We’re at the beginning of a 10-year period where we’re going to transition from computers that can’t understand language to a point where computers can understand quite a bit about language.”
Nowhere are these advances clearer than in the legal world.
E-discovery technologies generally fall into two broad categories that can be described as “linguistic” and “sociological.”
The most basic linguistic approach uses specific search words to find and sort relevant documents. More advanced programs filter documents through a large web of word and phrase definitions. A user who types “dog” will also find documents that mention “man’s best friend” and even the notion of a “walk.”
The sociological approach adds an inferential layer of analysis, mimicking the deductive powers of a human Sherlock Holmes. Engineers and linguists at Cataphora, an information-sifting company based in Silicon Valley, have their software mine documents for the activities and interactions of people — who did what when, and who talks to whom. The software seeks to visualize chains of events. It identifies discussions that might have taken place across e-mail, instant messages and telephone calls.
Then the computer pounces, so to speak, capturing “digital anomalies” that white-collar criminals often create in trying to hide their activities.
For example, it finds “call me” moments — those incidents when an employee decides to hide a particular action by having a private conversation. This usually involves switching media, perhaps from an e-mail conversation to instant messaging, telephone or even a face-to-face encounter.
“It doesn’t use keywords at all,” said Elizabeth Charnock, Cataphora’s founder. “But it’s a means of showing who leaked information, who’s influential in the organization or when a sensitive document like an S.E.C. filing is being edited an unusual number of times, or an unusual number of ways, by an unusual type or number of people.”
The Cataphora software can also recognize the sentiment in an e-mail message — whether a person is positive or negative, or what the company calls “loud talking” — unusual emphasis that might give hints that a document is about a stressful situation. The software can also detect subtle changes in the style of an e-mail communication.
A shift in an author’s e-mail style, from breezy to unusually formal, can raise a red flag about illegal activity.
“You tend to split a lot fewer infinitives when you think the F.B.I. might be reading your mail,” said Steve Roberts, Cataphora’s chief technology officer.
Another e-discovery company in Silicon Valley, Clearwell, has developed software that analyzes documents to find concepts rather than specific keywords, shortening the time required to locate relevant material in litigation.
Last year, Clearwell software was used by the law firm DLA Piper to search through a half-million documents under a court-imposed deadline of one week. Clearwell’s software analyzed and sorted 570,000 documents (each document can be many pages) in two days. The law firm used just one more day to identify 3,070 documents that were relevant to the court-ordered discovery motion.
Clearwell’s software uses language analysis and a visual way of representing general concepts found in documents to make it possible for a single lawyer to do work that might have once required hundreds.
“The catch here is information overload,” said Aaref A. Hilaly, Clearwell’s chief executive. “How do you zoom in to just the specific set of documents or facts that are relevant to the specific question? It’s not about search; it’s about sifting, and that’s what e-discovery software enables.”
For Neil Fraser, a lawyer at Milberg, a law firm based in New York, the Cataphora software provides a way to better understand the internal workings of corporations he sues, particularly when the real decision makers may be hidden from view.
He says the software allows him to find the ex-Pfc. Wintergreens in an organization — a reference to a lowly character in the novel “Catch-22” who wielded great power because he distributed mail to generals and was able to withhold it or dispatch it as he saw fit.
Such tools owe a debt to an unlikely, though appropriate, source: the electronic mail database known as the Enron Corpus.
In October 2003, Andrew McCallum, a computer scientist at the University of Massachusetts, Amherst, read that the federal government had a collection of more than five million messages from the prosecution of Enron.
He bought a copy of the database for $10,000 and made it freely available to academic and corporate researchers. Since then, it has become the foundation of a wealth of new science — and its value has endured, since privacy constraints usually keep large collections of e-mail out of reach. “It’s made a massive difference in the research community,” Dr. McCallum said.
The Enron Corpus has led to a better understanding of how language is used and how social networks function, and it has improved efforts to uncover social groups based on e-mail communication.
Now artificial intelligence software has taken a seat at the negotiating table.
Two months ago, Autonomy, an e-discovery company based in Britain, worked with defense lawyers in a lawsuit brought against a large oil and gas company. The plaintiffs showed up during a pretrial negotiation with a list of words intended to be used to help select documents for use in the lawsuit.
“The plaintiffs asked for 500 keywords to search on,” said Mike Sullivan, chief executive of Autonomy Protect, the company’s e-discovery division.
In response, he said, the defense lawyers used those words to analyze their own documents during the negotiations, and those results helped them bargain more effectively, Mr. Sullivan said.
Some specialists acknowledge that the technology has limits. “The documents that the process kicks out still have to be read by someone,” said Herbert L. Roitblat of OrcaTec, a consulting firm in Altanta.
Quantifying the employment impact of these new technologies is difficult. Mike Lynch, the founder of Autonomy, is convinced that “legal is a sector that will likely employ fewer, not more, people in the U.S. in the future.” He estimated that the shift from manual document discovery to e-discovery would lead to a manpower reduction in which one lawyer would suffice for work that once required 500 and that the newest generation of software, which can detect duplicates and find clusters of important documents on a particular topic, could cut the head count by another 50 percent.
The computers seem to be good at their new jobs. Mr. Herr, the former chemical company lawyer, used e-discovery software to reanalyze work his company’s lawyers did in the 1980s and ’90s. His human colleagues had been only 60 percent accurate, he found.
“Think about how much money had been spent to be slightly better than a coin toss,” he said.
by crikkett » Tue Mar 08, 2011 7:59 pm
by JackRiddler » Thu Mar 17, 2011 7:55 pm
» Thu Mar 17, 2011 3:24 pm
http://www.guardian.co.uk/technology/20 ... l-networks
Revealed: US spy operation that manipulates social media
Military's 'sock puppet' software creates fake online identities to spread pro-American propaganda
The US military is developing software that will let it secretly manipulate social media sites such as Facebook and Twitter by using fake online personas to influence internet conversations and spread pro-American propaganda.
A Californian corporation has been awarded a contract with United States Central Command (Centcom), which oversees US armed operations in the Middle East and Central Asia, to develop what is described as an "online persona management service" that will allow one US serviceman or woman to control up to 10 separate identities based all over the world.
The project has been likened by web experts to China's attempts to control and restrict free speech on the internet. Critics are likely to complain that it will allow the US military to create a false consensus in online conversations, crowd out unwelcome opinions and smother commentaries or reports that do not correspond with its own objectives.
The discovery that the US military is developing false online personalities – known to users of social media as "sock puppets" – could also encourage other governments, private companies and non-government organisations to do the same.
The Centcom contract stipulates that each fake online persona must have a convincing background, history and supporting details, and that up to 50 US-based controllers should be able to operate false identities from their workstations "without fear of being discovered by sophisticated adversaries".
Centcom spokesman Commander Bill Speaks said: "The technology supports classified blogging activities on foreign-language websites to enable Centcom to counter violent extremist and enemy propaganda outside the US."
He said none of the interventions would be in English, as it would be unlawful to "address US audiences" with such technology, and any English-language use of social media by Centcom was always clearly attributed. The languages in which the interventions are conducted include Arabic, Farsi, Urdu and Pashto.
Once developed, the software could allow US service personnel, working around the clock in one location, to respond to emerging online conversations with any number of co-ordinated Facebook messages, blogposts, tweets, retweets, chatroom posts and other interventions. Details of the contract suggest this location would be MacDill air force base near Tampa, Florida, home of US Special Operations Command.
Centcom's contract requires for each controller the provision of one "virtual private server" located in the United States and others appearing to be outside the US to give the impression the fake personas are real people located in different parts of the world.
It also calls for "traffic mixing", blending the persona controllers' internet usage with the usage of people outside Centcom in a manner that must offer "excellent cover and powerful deniability".
The multiple persona contract is thought to have been awarded as part of a programme called Operation Earnest Voice (OEV), which was first developed in Iraq as a psychological warfare weapon against the online presence of al-Qaida supporters and others ranged against coalition forces. Since then, OEV is reported to have expanded into a $200m programme and is thought to have been used against jihadists across Pakistan, Afghanistan and the Middle East.
OEV is seen by senior US commanders as a vital counter-terrorism and counter-radicalisation programme. In evidence to the US Senate's armed services committee last year, General David Petraeus, then commander of Centcom, described the operation as an effort to "counter extremist ideology and propaganda and to ensure that credible voices in the region are heard". He said the US military's objective was to be "first with the truth".
This month Petraeus's successor, General James Mattis, told the same committee that OEV "supports all activities associated with degrading the enemy narrative, including web engagement and web-based product distribution capabilities".
Centcom confirmed that the $2.76m contract was awarded to Ntrepid, a newly formed corporation registered in Los Angeles. It would not disclose whether the multiple persona project is already in operation or discuss any related contracts.
Nobody was available for comment at Ntrepid.
In his evidence to the Senate committee, Gen Mattis said: "OEV seeks to disrupt recruitment and training of suicide bombers; deny safe havens for our adversaries; and counter extremist ideology and propaganda." He added that Centcom was working with "our coalition partners" to develop new techniques and tactics the US could use "to counter the adversary in the cyber domain".
According to a report by the inspector general of the US defence department in Iraq, OEV was managed by the multinational forces rather than Centcom.
Asked whether any UK military personnel had been involved in OEV, Britain's Ministry of Defence said it could find "no evidence". The MoD refused to say whether it had been involved in the development of persona management programmes, saying: "We don't comment on cyber capability."
OEV was discussed last year at a gathering of electronic warfare specialists in Washington DC, where a senior Centcom officer told delegates that its purpose was to "communicate critical messages and to counter the propaganda of our adversaries".
Persona management by the US military would face legal challenges if it were turned against citizens of the US, where a number of people engaged in sock puppetry have faced prosecution.
Last year a New York lawyer who impersonated a scholar was sentenced to jail after being convicted of "criminal impersonation" and identity theft.
It is unclear whether a persona management programme would contravene UK law. Legal experts say it could fall foul of the Forgery and Counterfeiting Act 1981, which states that "a person is guilty of forgery if he makes a false instrument, with the intention that he or another shall use it to induce somebody to accept it as genuine, and by reason of so accepting it to do or not to do some act to his own or any other person's prejudice". However, this would apply only if a website or social network could be shown to have suffered "prejudice" as a result.
by JackRiddler » Sun Mar 20, 2011 2:52 am
http://m.wired.com/threatlevel/2011/03/congress-and-hbgary
This material is archived here as relevant to an ongoing discussion, strictly for purposes of education and debate, and to prevent "memory-holing," with no commercial purpose whatsoever, and original link and copyright notice provided. Now everyone visit Conde Nast's goddamn Wired site.
Congress Asks to Review DoD and NSA Contracts With HBGary
By Kim Zetter
March 17, 2011 | 3:10 pm |
http://m.youtube.com/watch?v=pT4ipvfJWEA
Click to watch on YouTube
Update: This story was updated with comment from the House Armed Services Committee and Johnson’s office March 17, 2011 at 2 p.m. PDT.
Anonymous’ recent exposure of a federal contractor’s plan to take down WikiLeaks has led to a congressional probe seeking data on contracts the company and its partners hold with the U.S. military and intelligence agencies.
The House Armed Services Subcommittee on Emerging Threats and Capabilities on Wednesday asked the Defense Department and its intelligence arm — the National Security Agency — to hand over copies of any contracts they may have signed with HBGary Federal, Palantir Technologies and Berico Technologies.
Rep. Hank Johnson (D-Georgia) grilled Gen. Keith Alexander, director of the NSA and commander of the U.S. Cyber Command, and Dr. James Miller, Jr., deputy under secretary of defense for policy, on the services the firms provided their agencies.
Miller replied that he would have to check with the Defense Department’s general counsel to “make sure that the provision of that type of information is allowed contractually.”
When Johnson asked whether this meant the contracts might have provisions barring them from being shared with Congress, Miller backtracked and said no, that it would take time to determine all the agencies in the department that have contracts with the companies and decide in what form to provide the information.
Subcommittee Chairman Mac Thornberry (R-Texas) interjected that the information should be provided to the entire committee.
“This scandal cries out for an investigation,” said Johnson in a statement to Threat Level. “I’ll do it by myself if I have to.”
All three companies were recently in the crosshairs after e-mails stolen from HBGary Federal revealed that the company had been working on a proposal for the law firm Hunton and Williams to investigate and discredit WikiLeaks. The proposal included such maneuvers as:
Launching cyberattacks against WikiLeaks’ servers to obtain data on the sources who submit documents to the organization.
Submitting fake documents to the secret-spilling site and then later calling public attention to the fake documents to raise questions about WikiLeaks’ reliability.
Using intimidation tactics against a Salon reporter who avidly supports the group.
The plan was exposed after members of the online vigilante group Anonymous breached the company’s network and stole more than 60,000 internal e-mails.
HBGary Federal claimed in a news story that it had been working with the FBI to unmask hackers behind recent denial-of-service attacks against PayPal, Visa, MasterCard and Amazon. Members of Anonymous — a loosely structured group of vigilantes — had organized the mass attacks after the companies suspended accounts used by WikiLeaks to receive donations and host documents. In an attempt to uncover HBGary Federal’s investigation of its members, Anonymous hacked the company.
After HBGary’s WikiLeaks plan was exposed, Palantir denied knowledge of details of the proposal. Both it and Berico distanced themselves from HBGary Federal, and HBGary Federal CEO Aaron Barr subsequently resigned.
Last month, Rep. Johnson and more than a dozen other lawmakers sent a letter to four committees urging Republican leaders to investigate the three firms after it was revealed that in addition to the anti-WikiLeaks plan, HBGary Federal may also have been involved in a similar plan to target critics of the U.S. Chamber of Commerce.
Johnson’s office told Threat Level that the Judiciary Committee, one of the committees that received Johnson’s letter has responded that it will not investigate the companies.
A representative for the House Armed Services Committee, another committee that received the letter, said that a decision on investigating the companies will depend on what response the subcommittee gets from the Defense Department about the contracts.
“This is the first official ask from the subcommittee [in this matter], said committee spokesman Josh Holly.
HBGary Federal does classified work for the U.S. federal government among other security work; Palantir is believed to have government contracts, as well.
Gen. Alexander told the congressional subcommittee that he wasn’t sure how many contracts the government had with the companies or the nature of them but noted that Palantir offers tools to visualize traffic on the internet and computer networks.
“My recollection with working with Palantir was, here is an idea that we could use for how to look at networks and how to secure,” he said.
See also
Anonymous Hacks Security Firm Investigating It; Releases E-Mail
Spy Games: Inside the Convoluted Plot to Bring Down WikiLeaks
How One Man Tracked Down Anonymous — And Paid a Heavy Price
Wired.com © 2010 Condé Nast Digital. All rights reserved.
by eyeno » Sun Mar 20, 2011 7:54 am
As increasingly sophisticated encryption technology becomes widely available, federal authorities have been forced to find new ways to conduct surveillance against suspected criminals or terrorists; when federal authorities try to gather evidence on suspects, they frequently encounter PGP encrypted documents that they cannot hack into; authorities are experimenting with several methods to bypass encryption including keystroke logging spyware, seizing the computer while it is still on, and forcing an individual to turn over their passwords to federal authorities; the FBI recently floated a proposal that would force Web-based e-mail servers and social networks to build backdoors so that federal authorities could conduct surveillance, but quickly backed down
------------------
As businesses increasingly turn to cloud computing solutions, security professionals have become concerned with the challenges of securing data that is stored off-site in light of growing numbers of cyber security attacks; while cloud networks offer smaller businesses low cost technology solutions and remote access to data anywhere, this also leaves data beyond a company's span of control; To discuss securing data on cloud computing networks, a panel at the upcoming ISC West conference will focus on security solutions and risk management plans; the ISC West panel will be held on 6 April 2011
-------------------
Suspects using e-mail, text messages, social networks, and other electronic means of communicating to plan illicit visitations or to brag about offenses committed or planned are unwittingly making cases for their own convictions; because of this, authorities are resorting more and more so to these outlets to support their criminal investigations
------------------------
Local police departments across the United States have are beginning to use Facebook and Twitter to communicate with local residents and track down criminals and missing persons; departments have successfully apprehended suspects minutes after posting photos online; police have also received tips on the whereabouts of wanted criminals and Facebook has become a part of the investigative process; Facebook's traditional functions of outreach and communication have helped departments keep residents informed and build trust; critics of police patrolling Facebook and Twitter for tips say that it is an invasion of privacy; police have been careful to only use publicly posted information that users choose to display
----------------------
Republican legislators in Wisconsin have introduced a bill that would make it illegal to use a fake caller ID number to "defraud, cause harm, or gain anything of value"; last year Congress passed a similar bill that banned the use of "phone spoofing" technologies -- technology that allow an individual to choose what number they wish to appear on another person's caller ID; the new bill would allow law enforcement officials to target individuals making prank calls in addition to prosecuting companies that provide spoofing technology; critics question the timing of the bill as it comes after a high-profile prank call to Wisconsin governor Scott Walker
---------------------------------
In an increasing trend, cell phones have become the tool of choice for eavesdroppers; with new smartphones, spies can easily plant a tracking device that can follow a user's every move including their location, calls, text messages, emails, and even video; with the proliferation of smartphones, thousands of sites are now selling spy software; for as little as $25, someone can tap into all the features of Blackberries, iPhones, and Google Android phones; the software takes minutes to install and can be disguised as an email link; it can take days of searching through thousands of lines of code to discover the spy software
---------------------------
More than fifty applications have been found to be infected with a new type of Android malware called DroidDream, an information stealer; fraudsters repackaged legitimate apps (mostly games) so that they included malicious code before uploading them to the marketplace; the tactic has been seen in mobile marketplaces in China and elsewhere but this is the first time the approach has been successfully applied in the United States
--------------------------
Police and other law enforcement agencies in the United States and the United Kingdom are increasingly turning their attention to domain names as an Internet choke-point that can be used to shut down Web sites selling counterfeit goods and enabling the trading of pirated movies and child pornography
----------------------
Breakthroughs in technology have enabled malicious actors to listen in on any conversation using your phone even when not in use; eavesdroppers have circumvented encrypted audio channels by relying on a relatively simple principle in physics -- resonance; by tapping into an object's natural resonance, spies have turned phones and phone cables into listening devices even when they are not in use; researchers at Teo, a manufacturer of secure telecommunications equipment, were able to capture human voices using standard phones, unplugged Ethernet cables, or even a rock; to address this security gap, Teo has designed its IP TSG-6 phones with special vibration dampening circuitry and materials that render them impervious to these types of listening devices
--------------------
General Keith Alexander, the head of the U.S. Cyber Command, is calling for the creation and implementation of a government strategy to protect critical infrastructure in the United States from cyber attacks; in a speech yesterday, General Alexander emphasized the importance of securing critical infrastructure like the stock market, the electrical grid, and power plants against cyber attacks; he sought to ease fears by assuring the audience that the government could protect critical infrastructure and preserve civil liberties; Alexander's remarks come as civil rights advocates and internet freedom groups have grown more vociferous in their criticism of a recent Senate bill that would help secure the nation's critical infrastructure from cyber attacks; supporters of the bill say that it is impossible to create an internet "kill switch" and that is not their goal
by eyeno » Sun Mar 20, 2011 7:58 am
Feds forced to get creative to bypass encryption
Published 18 March 2011
As increasingly sophisticated encryption technology becomes widely available, federal authorities have been forced to find new ways to conduct surveillance against suspected criminals or terrorists; when federal authorities try to gather evidence on suspects, they frequently encounter PGP encrypted documents that they cannot hack into; authorities are experimenting with several methods to bypass encryption including keystroke logging spyware, seizing the computer while it is still on, and forcing an individual to turn over their passwords to federal authorities; the FBI recently floated a proposal that would force Web-based e-mail servers and social networks to build backdoors so that federal authorities could conduct surveillance, but quickly backed down
As increasingly sophisticated encryption technology becomes widely available, federal authorities have been forced to find new ways to conduct surveillance against suspected criminals or terrorists.
With cyber security fears growing, more software manufacturers are building sophisticated encryption tools into their operating systems like Apple’s FileVault and Microsoft’s BitLocker. Starting in 2005, PGP, a data encryption program, began offering whole disk encryption for Windows and Mac OS X.
Now when federal authorities try to gather evidence on suspects, they frequently encounter PGP encrypted documents that they cannot hack into. Instead authorities have tried using court orders that force Web-based providers to turn over a suspect’s passwords to see if they match.
“Sometimes if we can go in and find one of those passwords, or two or three, I can start to figure out that in every password, you use the No. 3,” said Stuart Van Buren, a U.S. Secret Service agent. “There are a lot of things we can find.”
According to Van Buren, “Every new agent who goes to the Secret Service academy goes through a week of training” in computer technology to learn how to deal with issues like encrypted data and hard drives.
These new technologies, particularly encrypted web-based email systems and social media sites, have confounded the FBI, which says it cannot conduct wiretapping operations on these networks when it has received a court order because of encryption.
To combat this problem, which the FBI calls “going dark,” FBI general counsel Valerie Caproni recently floated a proposal that would force Web based e-mail servers and social networks to build backdoors so that federal authorities could conduct surveillance.
Caproni said the FBI was seeking “a way for police armed with wiretap orders to conduct surveillance of Web-based e-mail, social networking sites, and peer-to-peer communications technology.”
The FBI quickly backed away from mandating backdoors, but did not specify what it planned on doing to address the going dark problem.
“Most our interception challenges could be solved using existing technologies that can be deployed without re-designing the Internet and without exposing the provider’s system to outside malicious activity,” Caproni said.
Authorities are experimenting with several methods to bypass encryption including keystroke logging spyware, seizing the computer while it is still on, and forcing an individual to turn over their passwords to federal authorities. But the latter method has proven ineffective and illegal.
Howard Cox, the assistant deputy chief for the Justice Department’s Computer Crime and Intellectual Property Section, said law enforcement agencies did not have the legal authority to force a suspect to turn over their password.
“We believe we don’t have the legal authority to force you to turn over your password unless we already know what the data is,” he said.
Cox explained, “It’s a form of compulsory testimony that we can’t do… Compelling people to turn over their passwords for the most part is a non-starter.”
Federal authorities have also resorted to using a program that will establish the passphrase after testing every single combination, in what Van Buren calls a “brute force attack.”
He says, if the password is short enough, “there’s a reasonable chance that if I do lower upper and numbers I might be able to figure it out.”
It took three days to determine a seven character password and sixty-two times as long to crack an eight character passphrase.
“All of a sudden I’m looking at close to a year to do that. That’s not feasible,” Van Buren said.
To avoid resorting to this timely method, the Secret Service tries to seize a computer while it is still on so the encryption codes are still in the computer’s memory.
“Traditional forensics always said pull the plug,” Van Buren said. “That’s changing. Because of encryption…we need to make sure we do not power the system down before we know what’s actually on it.”
To guarantee that the computer is on and the suspect logged in, authorities will sometimes contact the individual via Internet chat and then send an agent disguised as a delivery man to the door. The suspect will be arrested and the computer seized.
by crikkett » Sun Mar 20, 2011 12:06 pm
by JackRiddler » Sun Mar 20, 2011 12:43 pm
eyeno wrote:blurbs from the homeland security site...they don't miss a trick
wasn't their site, just related to what they are doing, which is everything
by eyeno » Sun Mar 20, 2011 1:37 pm
JackRiddler wrote:eyeno wrote:blurbs from the homeland security site...they don't miss a trick
wasn't their site, just related to what they are doing, which is everything
WTF?
Do you mind labeling things clearly? And how about linking? And how about avoiding this if you can:
"The following is a direct quote from the enemy leader!
It's not, it's from somebody talking about the same stuff! Which is the same!"
Unless you're quoting or mimicking the Onion. Okay?
.
by eyeno » Sun Mar 20, 2011 1:38 pm
crikkett wrote:eyeno, can I ask why you didn't include a link to the info you posted?
Thanks
by JackRiddler » Sun Mar 20, 2011 3:17 pm
eyeno wrote:JackRiddler wrote:eyeno wrote:blurbs from the homeland security site...they don't miss a trick
wasn't their site, just related to what they are doing, which is everything
WTF?
Do you mind labeling things clearly? And how about linking? And how about avoiding this if you can:
"The following is a direct quote from the enemy leader!
It's not, it's from somebody talking about the same stuff! Which is the same!"
Unless you're quoting or mimicking the Onion. Okay?
.
sorry, i strive for accuracy, i was dozing in and out and got careless
by JackRiddler » Fri Mar 25, 2011 12:02 am
elfismiles wrote:PsyOps & The War on Information
Congress Opens Investigation Into HBGary Scandal
http://blogs.forbes.com/parmyolson/2011 ... y-scandal/
Anonymous To Release Documents Showing ‘Virtual Armies’ Used To Identify Dissidents
http://blogs.forbes.com/parmyolson/2011 ... issidents/
Another Runaway General: Army Deploys Psy-Ops on U.S. Senators By Michael Hastings
http://www.rollingstone.com/politics/ne ... s-20110223
Rolling Stone: Army Used Psy-Ops on Senators
http://www.nationaljournal.com/national ... s-20110224
White House wants new copyright law crackdown
http://news.cnet.com/8301-31921_3-20043421-281.html
Revealed: US spy operation that manipulates social media
Military’s ‘sock puppet’ software creates fake online identities to spread pro-American propaganda
http://www.guardian.co.uk/technology/20 ... l-networks
Military’s ‘persona’ software cost millions, used for ‘classified social media activities’
http://www.rawstory.com/rs/2011/02/22/e ... ctivities/
Army of Fake Social Media Friends to Promote Propaganda
Does a code of ethics still exist in Intelligence firms? Does it disappear behind closed doors, dirty deeds done in the dark and used against the American people who are supposed to be free to express themselves?
http://www.pcworld.com/article/220495/a ... ganda.html
Sites Getting Punked By David Booth/Sorcha Faal Right Now
http://cryptogon.com/?p=20740
“CIA spy” Davis was giving nuclear bomb material to Al-Qaeda, says report
http://in.news.yahoo.com/cia-spy-davis- ... 3-452.html
PBS contacted by fake Muslim group that duped NPR
http://www.wral.com/news/national_world ... y/9242854/
by justdrew » Fri Mar 25, 2011 12:19 am
JackRiddler wrote:Elfismiles posts compilation in a thread about SXSW, Dunno why.
Indiana prosecutor told Wisconsin governor to stage ‘false flag’ operation
By Eric W. Dolan | Thursday, March 24th, 2011 -- 7:32 pm
An Indiana prosecutor and Republican activist has resigned after emails show he suggested Wisconsin Governor Scott Walker stage a fake attack on himself to discredit unions protesting his budget repair bill.
The Republican governor signed a bill on March 11 that eliminates most union rights for public employees.
In an email from February 19, Indiana deputy prosecutor Carlos F. Lam told Walker the situation presented "a good opportunity for what’s called a ‘false flag’ operation."
The Wisconsin Center for Investigative Journalism discovered the email among tens of thousands released to the public last week following a lawsuit by the Isthmus and the Associated Press.
"If you could employ an associate who pretends to be sympathetic to the unions' cause to physically attack you (or even use a firearm against you), you could discredit the unions," Lam said in his email.
"Currently, the media is painting the union protest as a democratic uprising and failing to mention the role of the DNC and umbrella union organizations in the protest," he continued. "Employing a false flag operation would assist in undercutting any support that the media may be creating in favor of the unions."
Lam resigned from his position after the Wisconsin Center for Investigative Journalism published an article about his email.
On February 22, an alternative paper in Buffalo, New York managed to trick Walker into taking a call from their editor posing as tea party tycoon David Koch.
When the editor posing as Koch suggested planting some troublemakers in the protests, Walker responded that "we thought about that," but said it was not necessary "because sooner or later the media stops finding ’em interesting."
"My only fear would be is if there was a ruckus caused is that that would scare the public into thinking maybe the governor has gotta settle to avoid all these problems," he said.
Walker had promised to lay off 1,500 state workers if the bill to curb collective bargaining rights for public employees didn't pass.
In mid-February, 14 Democratic state senators left Wisconsin to stall a vote on the bill. There are 19 Republican senators, but the Senate needs a minimum of 20 members to be present to debate and vote on any bills that spend money.
While the 14 Democratic senators remained in Illinois, Republican state senators removed all references to spending from the bill and passed the proposal to limit public employees' collective bargaining rights.
Wisconsin citizens upset withWalker's attack on public employees' collective bargaining rights have launched a boycott campaign aimed at his campaign contributors.
Users browsing this forum: No registered users and 6 guests
