Stupid Movies, Dumb Moves

Standard

Today there is a big conference [ar] starting, organised by Mauritania’s Tewassoul party, with high-level delegates in attendance from many Arab states, including Tunisia, Kuwait, Palestine, Saudi Arabia, Morocco and Algeria. I’d expect increased security in and around Nouakchott, but have not seen the usual reports of any. Last night, the political opposition coalition held a licensed event which tens of thousands attended, but they were denied permission for a similar event a couple of weeks ago, with the authorities claiming the need to avoid large gatherings because of the security risks. Yet a few days ago, the American Embassy in Mauritania issued an oddly paranoid statement to nationals, warning them to be cautious in case of unrest or protests on or near December 14 and 19. These events are likely, they claim, because of the anticipated release of another film which is deliberately insulting to Muslims,  as well as a new video about Osama bin Laden.

The Embassy in Mauritania has a quiet little Facebook page that mainly posts friendly invitations to attend the regular sessions they host for throngs of hopeful student visa applicants at the “American Corner” of Nouakchott University. The statement is not posted on Facebook, and I would never have known about it, except for a tweet from the US State Dept’s travel advisory account:

To be honest, I had ignored an earlier “exclusive” report on a local website with little to commend it in the way of credibility, which claimed the embassy had sent all residents a warning note.

People in Mauritania were baffled by the embassy’s official warning. “When did we ever see a protest in Mauritania about bin Laden?” one asked. Another said “bin Laden is no prophet, people can make any film they want about him, and no one will care.” One replied to @TravelGov:

Bearing in mind that less than 5% of the population has internet access, and even then most of the time it’s like dial-up that has been heavily sedated,  there’s precious little chance either film will reach a sizeable audience even in Nouakchott. To be super helpful in case any random terrorists really do fancy their chances, Ould Abdel Aziz listed a few potential targets during his recent speech at a UNESCO event in Paris, his default location since the 13 October incident. Taking all this into account, and  in light of recent events in Egypt and the Maghreb region, it  makes sense to stay tuned.

Stupid Movie 2

Stupid Movie 2

The sequel to the highly successful (in terms of provoking riots, and making a few people in the State Department look foolish) but very stupid “Innocence of Muslims” movie is called “The Innocent Prophet” and was delayed by the Spanish authorities threatening to revoke the Pakistani film maker Imran Firasat’s refugee status if he released it on 14 December as planned. But it’s out now, and the news cycle has calmed down enough to make space for a bigger splash than it would have gotten on December 14, given the terrible tragedy that occurred in Connecticut that day. Like it’s fore-runner, The Innocent Prophet has a staggeringly small number of views so far. I suppose intelligence agency cyber trolls will have to post the link liberally on “jihadist” forums if they want to see more riots, arson attacks and deaths in time for Christmas.

Randy Wilson was arrested by FBI officers, just as he and his family were boarding a plane in Atlanta

Randy (Rasheed)Wilson was arrested by FBI officers, just as he and his family were boarding a plane in Atlanta

(Updated 21 Dec) While I am thinking about false flags, do be on the lookout for more news about the two Alabama men arrested separately in Georgia, allegedly planning to make their way to Mauritania to “wage violent jihad”. It’s possible* Mohammad Abdul Rahman Abukhdair** and Randy (Rasheed) Wilson***, like so many others before them, got the idea after speaking to an undercover FBI agent. Including the agent, that is three people I would not want to have near any weapons or explosives. In any case, you could probably staff an entire katiba of terrorists and the necessary weapons for the price of their air fare from Alabama, by recruiting within the region. It just does not make sense for people to travel half way across the world to do it, unless they were incredibly dumb, or were just playing along, intending to renege on their end of the deal and get a free desert safari in the process. Now that international aid and development agencies are more interested in hiring locally, would it be too much to expect the FBI to follow suit?

Still on jihad, something that is jarring my instincts: these pastebin posts allegedly from a new(ish) cyber army of angry “Qassam Cyber Fighters” who hate American banks so much they decided to give advance notice of their intention to take down their websites, and even apologised for the delay in staging their onslaught, codenamed “Operation Ababil”. Nice and polite, if not exactly stealthy, but thanks for giving all your targets time to tighten security, change passwords, etc. Anyone would think they were not a real cyber army at all. If you are a linguaphile, have fun analysing and comparing their use of Arabic and English. If not, have fun wondering why an Iranian regime cyber operation (as claimed) would use Arabic, when they apparently have a proud, Farsi-speaking, cyber army.

A late, but convenient addition to end with: a random tweet was posted yesterday about an alleged hacking ten months ago of  Bank of Israel by a group calling themselves “Mauritania Hacker Team”

https://twitter.com/SaudiAnonymous1/status/281117976319643648

Here’s their Facebook page, where the old news reports were reposted yesterday, which I assume explains the tweet.

Back in February, they posted this video claiming to show evidence of  an intrusion that netted “all” Bank of Israel customer accounts:

http://www.youtube.com/watch&v=ik9X1rSmRHo

Ignoring the fact that it looks decidedly fake, note the speed with which typing errors of English words are corrected, and use of words like “bingo” and the phrase “don’t try this at home”. Add to that the use of classroom French, typed more slowly with far higher accuracy in their next video. It gives the impression whoever created at least the first and probably the second would feel more at home in Oxshott than Nouakchott. No offence to Oxshottonians, it could be any cosy corner of over-privileged middle-class and perhaps even middle-aged (bingo? really?) England.

Additional information added 21 December 2012:

American terror suspect Omar Hammami, aka Abu Mansour al-Amriki

American terror suspect Omar Hammami, aka Abu Mansour al-Amriki

* In the criminal complaint that led to his arrest, Randy Wilson was said to be a former room mate of another Mobile, Alabama man, Omar Shafik Hammami (aka Abu Mansour al-Amriki), who was just reportedly kicked out of Somalian al-Qaeda franchise Al-Shabaab for spreading the wrong message in videos he posted online.  Although they did know one another about 10 years ago, the  information about Wilson and Hammami’s living arrangements turned out to be false (see below). There was a rather long delay between news about his first video – in which he said he feared his life was in danger – appearing in March 2012, and the 17 December reports of the announcement of Hammami’s expulsion. March was also when the coup in Mali was claimed to have accelerated the spread of rebel groups in the north, as the vast region was abandoned by both civil and military authorities along with most NGOs and aid agencies. This heightened activity was accompanied by reports that fighters from other al Qaeda groups were moving into Mali. Wherever Hammami – who incidentally is married to a Somali woman, and they have at least one child, a daughter – shows up next, it is unlikely to be America.

** According to this post, a Syracuse, NY native by the name of Mohammad Abdul Rahman Abukhdair was arrested in Egypt in 2010 on charges of suspected terrorist activity. In 2011, he was deported back to the U.S., taking residency in both Ohio and Alabama.

*** Randy Wilson appeared in court and was refused bail after the judge heard testimony from FBI Special Agent Tim Green, who had established an online relationship with the defendant and his co-accused over a period of two years, by pretending to have a shared interest in Islam. Green also confessed in court that the story about Wilson being a former room mate of Omar Hammami was a lie and claimed he” didn’t know where it came from”. Wilson’s case will be heard on December 27, local press reported. There are no similar reports for Mohammad Abdul Rahman Abukhdair as yet. Given the fact that the two New Jersey men arrested in the almost identical “Operation Arabian Knight” case in 2010 have still not been sentenced, despite accepting a plea bargain, we should not expect any swift justice.

Related Posts

Advertisements

LOIC Downloads Update – BlueHat FaceBook Attack Planned?

Standard
Image representing Facebook as depicted in Cru...

Image via CrunchBase

25 Jan 2012 UPDATE: Total downloads since 20 Jan now over 110,000 copies and still going.

This story on CNET about a video allegedly from Anonymous threatening to take FaceBook down on 28 January has been denied by …  @AnonOps! Once again (as on 5 November 2011) Anons are being set up as wanting to “kill FaceBook” – but this time, some busy work has been happening that could make it impossible for Anonymous to defend their claim of innocence. Even if – like last time – they don’t take FaceBook down, someone else could. I am referring to the 112,000+ downloads of LOIC in the 6 days since the Anon attack on FBI, US Gov and media industry sites that followed the raid on MegaUpload.

The geographical distribution of the downloads, coming from 182 countries,  is so widespread it looks highly suspicious to me. What makes this even more interesting and less believable is WikiPedia shows us exactly the same number – 182 – of the 195 countries in the world have internet access. Is such a coincidence even remotely likely to happen under normal circumstances?

So here’s the deal:  if enough copies have been downloaded by an organised group – or an organisation – they could indeed target every one of FaceBook’s 60,000 servers. They could also use the same technique to mask their location as we are likely seeing in action with the LOIC downloads statistics. Are there plans to stage a “Blue Hat” operation against FaceBook and pin it on Anonymous? What I am suggesting here is that Anonymous’ biggest weakness: the ease with which any entity, shielded by their anonymity, can pass itself off as Anonymous, is at work in a major way. Anon may be about to get pwned by the “Anti-Anon”.

DATE Downloads
2012-01-25 10,783
2012-01-24 29,371
2012-01-23 6,242
2012-01-22 16,104
2012-01-21 17,107
2012-01-20 33,007
2012-01-19 5,789
2012-01-18 1,176
2012-01-17 1,170
2012-01-16 972
2012-01-15 884
2012-01-14 934

Download Statistics: loic.

Related articles

Kim Dotcom’s arrest & Anon’s attack. Just so.. Hollywood Capitalist

Standard
Hollywood Sign

Image via Wikipedia

What I find truly scary is confusing “free” or “open” internet with making money out of sharing illegal content by breaking copyright rules, then launching attacks to defend that profit centre. Megaupload is a profit-based operation, same as a TV company, record label or film studio. Anonymous dashing to the rescue is just one type of enforcement battling against another, but with the same goals – to protect a capitalistic business model. They aren’t fighting over content or the right to access  and share it, they are fighting over making money out of content.

That the United States chose a time when major internet players and users were up in arms against the SOPA/PIPA legislation is an obvious ploy. They are showing the world that they don’t need more legislation than they already have. Why then are we all being riled up and distracted by the SOPA shenanigans? Probably so we don’t notice how incredibly awful the US presidential candidates are. Too late, we already looked, and are universally traumatized.

The organizations that are able to harness the power of international law enforcement to protect their profitability – New Zealand and Great Britain are only two recent examples – are the same ones who own and control the majority of international broadcast media – still the most popular and widely-used source of news and information in the world. Where they choose to shine their spotlight is where we all inevitably end up focusing our attention – regardless of the “power” of social media – we are being spoon-fed flavour-of-the-day of their favorite brand of manure, and lapping it up like day-old pups.

Quite often I feel suspicious when a new event strikes a chord in my memory of some other news item, which takes on a different meaning in the light of the event. In this case, it is the statement I read on Wired.com on 12 Jan by General Keith Alexander, the head of the National Security Agency and U.S. Cyber Command, that the US defense network is currently “not defensible”. I thought at the time that was a rather strange admission from a senior member of the US Military. Why would anyone advertise your vulnerability to the world like that, much less the head of the NSA? Now I see it as one way to explain the apparent ease of “Anonymous” being able to DDOS the FBI website, in addition to other, as-yet unreported events, potentially of greater magnitude.

I think we should also ask ourselves, with the benefit of hindsight, and the recent experience of how much time and effort it took to enact a major online event like the internet blackout – is the speed of the revenge attack on US government and media industry websites really feasible? I know I was half-expecting that Anonymous would step into action on January 18 and implement an “enforced blackout” on sites that didn’t join in, by using DDOS or defacements. That didn’t happen. I am still puzzled by the apparent lack of interest in the blackout operation from the blackout masters of the interwebs; the very group who should feel most at risk from internet censorship and be first in line to defend it were as inconspicuous on the big day as they were super-evident around the Kim Dotcom arrest. Perhaps they had been planning a major DDOS attack for 18 Jan and couldn’t get it together in time, but were able to nimbly harness those reserves on 19 Jan so their efforts were put to some use. No one is ever going to know, and I wouldn’t trust anyone who pretended that they did know.

For some time, since the advent of groups claiming to be part of Anonymous started posting names, addresses, emails, and credit card information, I have considered that Anonymous as an entity or a concept can be so easily infiltrated, misrepresented, subverted or abused, it has long past the point of usefulness or validity within the original framework of “internet defenders for the greater good” and has inexorably devolved into “internet vigilantes for the lulz”. The whole central pillar of Anonymous is anonymity: there can be no identifiable individuals representing Anonymous. Ever. Once that happened, Anonymous was polluted as far as I am concerned.

Here’s that Hollywood-style arrest story:

New Zealand police on Friday seized a pink Cadillac and a sawn-off shotgun, and froze millions of dollars in cash, after a raid on the fortified mansion of an Internet guru accused of online piracy.

Armed officers swooped on an Auckland property occupied by “Kim Dotcom”, whose website Megaupload.com is alleged by US authorities to be involved in one of the largest cases of copyright theft ever.

Dotcom, also known as Kim Schmitz, a 37-year-old German [some say Dutch] citizen with New Zealand and Hong Kong residency, was denied bail with three other men on Friday when they appeared in an Auckland district court, police said.

According to New Zealand reports, Dotcom’s lawyer initially objected to media requests to take photographs and video inside the courtroom. But the accused said he did not mind “because we have nothing to hide”.

In a statement, police said they raided 10 Auckland premises, including the Megaupload founder’s property known as Dotcom Mansion, after liaising with US authorities.

In addition, police said NZ$11 million in cash held in New Zealand financial accounts was frozen pending the outcome of legal proceedings.

Detective Inspector Grant Wormald said the Megaupload founder tried to retreat to a fortified safe room when police arrived.

“Mr Dotcom retreated into the house and activated a number of electronic locking mechanisms,” he said.

“While police neutralised these locks he then further barricaded himself into a safe room within the house which officers had to cut their way into.

“Once they gained entry into this room they found Mr Dotcom near a firearm which had the appearance of a shortened shotgun — it was definitely not as simple as knocking at the front door.”

Dotcom and the three other arrested men — Dutchman Bram van der Kolk and Germans Finn Batato and Mathias Ortmann — were denied bail and are scheduled to reappear in court on Monday.

US authorities are seeking their extradition to the United States.

They accuse the Megaupload website, which allows downloading of large files, of generating more than $175 million in criminal proceeds and causing “more than half a billion dollars in harm to copyright owners”.

Its closure sparked retaliatory cyber-attacks from the “Anonymous” hacktivist group on the FBI and Justice Department websites, as well as music and recording industry websites seen as supporting the clampdown.

AFP

No mention of the many gigabytes of user-created content that has now been taken offline, or whether it will be released to the owners. All premium users of MegaUpload who used it to store their own content have effectively now had that material stolen by the FBI acting on behalf of the anti-piracy lobby.

In the wake of all this, don’t you sometimes feel like you are just being entertained in a rather patronizing – yet equally dramatic and titillating – way? Do take a look at the first link below, which surely offers a reasonably simple explanation for why MegaUpload was really shut down.

Britain Will Extradite Accused #Iran Arms Trader

Standard
Christoper Tappin. Photo - PA

Christoper Tappin. Photo - PA

A retired businessman has lost a High Court fight against being extradited to the United States over charges of conspiring to sell parts for Iranian missiles.

Christopher Tappin, 64, of Orpington, south-east London, denies conspiring to export the batteries for Hawk air defence missiles.

He has claimed he was the victim of an FBI “sting”.

However, judges at the High Court said his argument was “unsustainable”.

Aiding and abetting

They said it would not be “oppressive” to extradite him.

His representatives said the case would now be taken to the Supreme Court, the final court of appeal in the UK for civil cases.

Mr Tappin is wanted in El Paso, Texas, on a charge of conspiring to export defence articles without licence or approval and aiding and abetting the attempted export of defence articles without the required licence.

He is also accused of intentionally and unlawfully attempting to conduct financial transactions from the outside to a place inside the US, with the intent to promote the carrying on of a specified unlawful activity.

“I was relying on the British justice system to protect me from false allegations made by a maverick government agency clearly operating outside the law in the US”

If convicted, he could face up to 35 years in prison.

Mr Tappin, the former director of Surrey-based Brooklands International Freight Services, said he believed he was exporting batteries for the car industry in the Netherlands.

He was “thoroughly disappointed” with the High Court judgement, he said.

He added: “I was relying on the British justice system to protect me from false allegations made by a maverick government agency clearly operating outside the law in the US.

“Our extradition laws completely fail to prevent such improper extraditions.”

He said he feared the impact it would have on his family and close friends, and would consider the options to “bring an end to this nightmare”.

‘Horrendous extraditions’

Karen Todner, of Mr Tappin’s solicitors Kaim Todner, said: “Yet again this one-sided treaty is set to destroy a British citizen’s life.

“We would urge the government to take urgent action to review this treaty and stop these horrendous extraditions.”

Mr Tappin had been challenging a decision made in February last year by district judge John Zani at City of Westminster Magistrates’ Court that extradition could go ahead.

Edward Fitzgerald QC, appearing for Mr Tappin, told the High Court at a hearing in December that his client was the victim of an abuse of power.

Mr Fitzgerald said FBI agents pretending to belong to a fictitious export company known as Mercury Global Enterprises set out to “dupe, deceive and ensnare” unsuspecting businessmen.

In June last year, the Home Office said it would not refuse Mr Tappin’s extradition on human rights grounds.

BBC News – Iran arms accused Christopher Tappin to be extradited.

Stratfor Boss “Regrets” Not Encrypting User Info

Standard
[youtube https://www.youtube.com/watch?v=ItreEs03A2k]

Stratfor website is back online, and free to use for now, with a new section  www.stratfor.com/hacking-news for details of the hack and further updates.

The Hack on Stratfor

By George Friedman | January 11, 2012

In early December I received a call from Fred Burton, Stratfor’s Vice President of Intelligence. He told me he had received information indicating our website had been hacked and our customer credit card and other information had been stolen. The following morning I met with an FBI special agent, who made clear that there was an ongoing investigation and asked for our cooperation. We, of course, agreed to cooperate. The matter remains under active investigation.

From the beginning I faced a dilemma. I felt bound to protect our customers, who quickly had to be informed about the compromise of their privacy. I also felt bound to protect the investigation. That immediate problem was solved when the FBI told us it had informed the various credit card companies and had provided those companies with a list of compromised cards while omitting that it had come from us. Our customers were therefore protected, as the credit card companies knew the credit cards and other information had been stolen and could act to protect the customers. We were not compelled to undermine the investigation.

The FBI made it clear that it expected the theft to be exposed by the hackers. We were under no illusion that this was going to be kept secret. We knew our reputation would be damaged by the revelation, all the more so because we had not encrypted the credit card files. This was a failure on our part. As the founder and CEO of Stratfor, I take responsibility for this failure, which has created hardship for customers and friends, and I deeply regret that it took place. The failure originated in the rapid growth of the company. As it grew, the management team and administrative processes didn’t grow with it. Again, I regret that this occurred and want to assure everyone that Stratfor is taking aggressive steps to deal with the problem and ensure that it doesn’t happen again.

From the beginning, it was not clear who the attackers were. The term “Anonymous” is the same as the term “unknown.” The popular vision of Anonymous is that its members are young and committed to an ideology. I have no idea if this is true. As in most affairs like this, those who know don’t talk; those who talk don’t know. I have my theories, which are just that and aren’t worth sharing.

I was prepared for the revelation of the theft and the inevitable criticism and negative publicity. We worked to improve our security infrastructure within the confines of time and the desire to protect the investigation by not letting the attackers know that we knew of their intrusion. With the credit card information stolen, I assumed that the worst was done. I was wrong.

Early in the afternoon of Dec. 24, I was informed that our website had been hacked again. The hackers published a triumphant note on our homepage saying that credit card information had been stolen, that a large amount of email had been taken, and that four of our servers had been effectively destroyed along with data and backups. We had expected they would announce the credit card theft. We were dismayed that emails had been taken. But our shock was at the destruction of our servers. This attack was clearly designed to silence us by destroying our records and the website, unlike most attacks by such groups.

Attacks against credit cards are common, our own failures notwithstanding. So are the thefts of emails. But the deliberate attack on our digital existence was a different order of magnitude. As the global media marveled at our failure to encrypt credit card information, my attention was focused on trying to understand why anyone would want to try to silence us.

In the days that followed, a narrative evolved among people claiming to speak for Anonymous and related groups. It started with looking at our subscriber list and extracting corporate subscribers who were now designated as clients. The difference between clients and subscribers is important here. A client is someone you do customized work for. A subscriber is simply someone who purchases a publication, unchanged from what others read. A subscriber of The New York Times is not its client. Nevertheless, some of the media started referring to these subscribers as clients, reflecting the narrative of those claiming to speak with knowledge of our business.

From there, the storyline grew to argue that these “clients,” corporate and government, provided Stratfor with classified intelligence that we reviewed. We were no longer an organization that analyzed the world for the interested public, but rather a group of incompetents and, conversely, the hub of a global conspiracy. The media focused on the first while the hacking community focused on the second.

This was why they stole our email, according to some of them. As one person said, the credit cards were extra, something they took when they realized they could. It was our email they were after. Obviously, we were not happy to see our emails taken. God knows what a hundred employees writing endless emails might say that is embarrassing, stupid or subject to misinterpretation. What will not appear is classified intelligence from corporations or governments. They may find, depending on what they took, that we have sources around the world, as you might expect. It is interesting that the hacker community is split, with someone claiming to speak for the official Anonymous condemning the hack as an attack on the media, which they don’t sanction, and another faction defending it as an attack on the rich and powerful.

The interpretation of the hackers as to who we are — if indeed that was their interpretation — was so wildly off base as to stretch credulity. Of course, we know who we are. As they search our emails for signs of a vast conspiracy, they will be disappointed. Of course we have relationships with people in the U.S. and other governments and obviously we know people in corporations, and that will be discovered in the emails. But that’s our job. We are what we said we were: an organization that generates its revenues through geopolitical analysis. At the core of our business, we objectively acquire, organize, analyze and distribute information.

I don’t know if the hackers who did this feel remorse as they discover that we aren’t who they said we were. First, I don’t know who they actually are, and second, I don’t know what their motives were. I know only what people claiming to be them say. So I don’t know if there is remorse or if their real purpose was to humiliate and silence us, in which case I don’t know why they wanted that.

And this points to the real problem, the one that goes beyond Stratfor’s own problem. The Internet has become an indispensible part of our lives. We shop, communicate, publish and read on it. It has become the village commons of the planet. But in the village commons of old, neighbors who knew and recognized each other met and lived together. Others knew what they did in the commons, and they were accountable.

In the global commons, anonymity is an option. This is one of the great virtues of the Internet. It is also a terrible weakness. It is possible to commit crimes on the Internet anonymously. The technology that enables the Internet also undermines accountability. Given the profusion of technical knowledge, the integrity of the commons is in the hands of people whose identities we don’t know, whose motives we don’t understand, and whose ability to cause harm is substantial. The consequence of this will not be a glorious anarchy in the spirit of Guy Fawkes, but rather a massive repression. I think this is a pity. That’s why I wonder who the hackers actually are and what cause they serve. I am curious as to whether they realize the whirlwind they are sowing, and whether they, in fact, are trying to generate the repression they say they oppose.

The attempt to silence us failed. Our website is back, though we are waiting for all archives to be restored, and our email is working again. Our failures have been reviewed and are being rectified. We deliberately shut down while we brought in outside consultants to rebuild our system from the ground up. The work isn’t finished yet, but we can start delivering our analyses. The handling of credit cards is being handed off to a third party with appropriate capability to protect privacy. We have acted to help our customers by providing an identity theft prevention service. As always, we welcome feedback from our supporters as well as our critics.

We are fortunate that we have the financial resources and staff commitment to survive the attack. Others might not. We are now in a world in which anonymous judges, jurors and executioners can silence whom they want. Take a look at the list of organizations attacked. If the crushing attack on Stratfor is the new model, we will not be the last. No security system is without flaws even if it is much better than Stratfor’s was.

We certainly expect to be attacked again, as we were last week when emails were sent out to members from a fake Stratfor address including absurd messages and videos. Our attackers seem peculiarly intent on doing us harm beyond what they have already done. This is a new censorship that doesn’t come openly from governments but from people hiding behind masks. Do not think we will be the last or that we have been the first.

We will continue to publish analysis and sell it to those who believe it has value. To our subscribers who have expressed such strong support, we express our deepest gratitude. To our critics, we assure you that nothing you have said about us represents a fraction of what we have said about ourselves. While there is much not to be proud of in this affair, I am proud beyond words of all my dedicated colleagues at Stratfor and am delighted to return our focus to analyzing critical international affairs.

To all, I dedicate myself to denying our attackers the prize they wanted. We are returning to the work we love, dedicated to correcting our mistakes and becoming better than ever in analyzing and forecasting how the world works.