Takedowns of Shadow Brokers Files Affirm Files as Stolen

I’ve been wondering something.

Almost immediately after the Shadow Brokers posted their Equation Group files, GitHub, Reddit, and Tumblr took down the postings of the actual files. In retrospect, it reminded me of the way Wikileaks was booted off PayPal in 2010 for, effectively, publishing files.

So I sent email to the three outlets asking on what basis they were taken down. GitHub offered the clearest reason. In refreshingly clear language, its official statement said,

Per our Terms of Service (section A8), we do not allow the auction or sale of stolen property on GitHub. As such, we have removed the repository in question.

Mind you, A8 prohibits illegal purpose, not the auction of stolen property:

You may not use the Service for any illegal or unauthorized purpose. You must not, in the use of the Service, violate any laws in your jurisdiction (including but not limited to copyright or trademark laws).

Moreover, at least in its Pastebin explanation, Shadow Brokers were ambiguous about how they obtained the files.

How much you pay for enemies cyber weapons? Not malware you find in networks. Both sides, RAT + LP, full state sponsor tool set? We find cyber weapons made by creators of stuxnet, duqu, flame. Kaspersky calls Equation Group. We follow Equation Group traffic. We find Equation Group source range. We hack Equation Group. We find many many Equation Group cyber weapons. You see pictures. We give you some Equation Group files free, you see. This is good proof no? You enjoy!!! You break many things. You find many intrusions. You write many words. But not all, we are auction the best files.

They state they “found” the files, or at least traces of the files, and only say they “hacked” to obtain them to get to the latest stage. If they (in the Russian theory of the files) were “found” on someone’s own system, does that count as “stealing” property?

Tumblr wasn’t quite as clear as GitHub. They said,

Tumblr is a global platform for creativity and self-expression, but we have drawn lines around a few narrowly defined but deeply important categories of content and behavior, as outlined in our Community Guidelines. The account in question was found to be in violation of these policies and was removed.

But it’s not actually clear what part of their user guidelines Shadow Brokers violated. They’ve got a rule against illegal behavior.

I guess the sale of stolen property is itself illegal, but that goes back to the whole issue of Shadow Brokers’ lack of clarity of how they got what they got. Their property specific guidelines require someone to file a notice.

Intellectual property is a tricky issue, so now is as good a time as any to explain some aspects of the process we use for handling copyright and trademark complaints. We respond to notices of alleged copyright infringement as per our Terms of Service and the Digital Millennium Copyright Act; please see our DMCA notification form to file a copyright claim online. Please note that we require a valid DMCA notice before removing content. Parties asserting a trademark infringement claim should identify the allegedly infringing work and the legal basis for their claim, and include the registration and/or application number(s) pertaining to their trademark. Each claim is reviewed by a trained member of our Trust and Safety team.

If we remove material in response to a copyright or trademark claim, the user who posted the allegedly infringing material will be provided with information from the complainant’s notice (like identification of the rightsholder and the allegedly infringed work) so they can determine the basis of the claim.

The tech companies might claim copyright violations here (or perhaps CFAA violations?), but the files came down long before anyone had publicly IDed them as the victims. So the only “owner” here would  be the NSA. Did they call Tumblr AKA Verizon AKA a close intelligence partner of the NSA?

Finally, Shadow Brokers might be in violation of Tumblr’s unauthorized contests.

The guidelines say you can link to whackjob contest (which this is) elsewhere, but you do have to make certain disclosures on Tumblr itself.

One more thing about Tumblr, though. It claims it will give notice to a user before suspending their content.

Finally, there’s Reddit, which blew off my request altogether. Why would they take down Shadow Brokers, given the range of toxic shit they permit to be posted?

They do prohibit illegal content, which they describe as,

Content may violate the law if it includes, but is not limited to:

  • copyright or trademark infringement
  • illegal sexual content

Again, GitHub’s explanation of this as selling stolen property might fit this description more closely than copyright infringement, at least of anyone who would have complained early enough to have gotten the files taken down.

The more interesting thing about Reddit is they claim they’ll go through an escalating series of warning before taking down content, which pretty clearly did not happen here.

We have a variety of ways of enforcing our rules, including, but not limited to

  • Asking you nicely to knock it off
  • Asking you less nicely
  • Temporary or permanent suspension of accounts
  • Removal of privileges from, or adding restrictions to, accounts
  • Adding restrictions to Reddit communities, such as adding NSFW tags or Quarantining
  • Removal of content
  • Banning of Reddit communities

Now, don’t get me wrong. These are dangerous files, and I can understand why social media companies would want to close the barn door on the raging wild horses that once were in their stable.

But underlying it all appears to be a notion of property that I’m a bit troubled by. Even if Shadow Brokers stole these files from NSA servers — something not at all in evidence — they effectively stole NSA’s own tools to break the law. But if these sites are treating the exploits themselves as stolen property, than so would be all the journalism writing about it.

Finally, there’s the question of how these all came down so quickly. Almost as if someone called and reported their property stolen.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

The Two Tales of Russia Hacking NYT

Yesterday, CNN posted this “first on CNN” story:

Hackers thought to be working for Russian intelligence have carried out a series of cyber breaches targeting reporters at The New York Times and other US news organizations, according to US officials briefed on the matter.

The intrusions, detected in recent months, are under investigation by the FBI and other US security agencies. Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said.

Here’s what the NYT’s own account of the hacking (attempt) is:

The New York Times’s Moscow bureau was the target of an attempted cyberattack this month. But so far, there is no evidence that the hackers, believed to be Russian, were successful.

“We are constantly monitoring our systems with the latest available intelligence and tools,” said Eileen Murphy, a spokeswoman for The Times. “We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised.”

[snip]

The New York Times’s Moscow bureau was the target of an attempted cyberattack this month. But so far, there is no evidence that the hackers, believed to be Russian, were successful.

“We are constantly monitoring our systems with the latest available intelligence and tools,” said Eileen Murphy, a spokeswoman for The Times. “We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised.”

So CNN tells an alarming story about specific reporters being targeted that fits into a larger narrative, citing both the FBI (in which Evan Perez has very good sources) and “other US security agencies,”  which presumably means the NSA. NYT tells an entirely different story, stating that an attack on its bureau in Russia was targeted unsuccessfully, relying solely on official sources as the FBI. One wonders why the NYT story required Nicole Perloth and David Sanger, and also why David Sanger didn’t cite any of his extensive sources at NSA, where these allegations appear to derive.

It’s quite possible both of these stories are misleading. But they do raise questions about why the spooks want to sensationalize these Russian hacks while NYT chooses to downplay them.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

North Dakota and Feds Suppress Native American Pipeline Protesters

[top: planned Dakota Access pipeline route, via Dakota Access LLC; bottom: Keystone XL pipeline, via Independent-UK]

[top: planned Dakota Access pipeline route, via Dakota Access LLC; bottom: Keystone XL pipeline, via Independent-UK]

What’s the difference between these two pipelines? Only variations are the origin of the oil they may transport and their location as far as I can tell since they are described as competing pipelines.

Oh, and the Keystone XL pipeline was vetoed by President Obama a year ago this past February because Congress tried to ram through approval, attempting to “circumvent longstanding and proven processes for determining whether or not building and operating a cross-border pipeline serves the national interest,” according to the president.

In both cases — Keystone XL and the Dakota Access — the planned pipelines traversed Native American tribal lands and/or water systems upon which these sovereign nations relied. The affected tribes have protested the credible threats these pipelines pose to their health and safety as well as their heritage and sovereignty.

The threat is real; there have been 11 pipeline accidents since 2000 on lines carrying oil or gasoline across the Dakotas. One of those pipeline accidents resulted in roughly 20,000 barrels or 865,000 gallons of oil spilling beneath a farm in North Dakota in 2013. There was a ten-day lag after the farmer brought the spill to the company’s attention until the state’s governor heard about the accident — ridiculous, considering North Dakota is the 47th largest state in terms of population, at less than 800,000 residents. It’s not like there were a lot of people in the way. The spill covered an area equal to seven football fields and clean-up is still under way and may not be completed until some time in 2017. The North Dakota Tesoro pipeline oil spill is one of the largest in the U.S. to date.

Oil producers and pipeline owners/operators have frankly been lousy in their responsibilities to the public. It’s not just the 11 pipeline accidents in the Dakotas since 2000; it’s a rather lengthy list of them across the entire country and a lengthy track record of crappy response to the damage done to the environment. My state, Michigan, which is surrounded by the largest bodies of fresh water in the world, is also the site of the largest oil pipeline spill in the U.S. In 2010, more than 1.1 million gallons of oil spilled, much of it into a waterway. Alarms notifying the pipeline’s owner, Enbridge, of the spill were initially ignored for 17 hours, blown off as operation notifications.

Simply unacceptable.

The Native American tribes have no reason whatsoever to believe oil producers and pipeline owners/operators will act with any more care than they have to date. Further, they have no reason to trust the U.S. government about these pipelines, either. They have been betrayed and damaged again and again by the U.S. — excessive and mortal police brutality, theft of human remains, theft and mismanagement of billions in assets, the indignity of fighting to remove the name of a mass murderer from public lands, the catastrophic contamination of the San Juan River supplying water to the Navajo nation — the insults are endless.

The latest insult: North Dakota’s Governor Jack Dalrymple signed an executive order to obtain more funding for additional police to deter approximately 1,500 protesters. The state has pulled water supplies used by the protesters and refused to allow portable toilets to be emptied. This follows a temporary restraining order granted to Dakota Access LLC by a federal district court against protesters’ interference with pipeline work. Native Americans have also been prevented from leaving reservation land, which may be a violation of civil rights and treaties.

Native Americans have legitimate concerns with the Dakota Access pipeline. For one, its planned route crosses the Missouri River which serves as the entire water source for the Standing Rock Sioux Tribe; the Army Corp of Engineers (ACOE) approved 200 water crossings by the pipeline in spite of requests by the Sioux to deny construction permits. The ACOE, however, reviewed and rejected an alternate pipeline route crossing the Missouri River near Bismarck as it was deemed a threat to the municipal water supply. This looks like outright racism on the face of it; the pipeline is a threat to 92% white Bismarck, but not a sovereign Native American tribe?

Secondly, the ACOE has been asked by U.S. Environmental Protection Agency (EPA), the U.S. Department of Interior (DOI) and the Advisory Council on Historic Preservation to conduct an investigation and prepare a formal Environmental Impact Statement (EIS), requiring consultation with the affected tribes. No EIS appears to have been conducted to date. In addition to the health and environmental safety concerns related to the pipeline’s installation and operation, the historical significance of the area is inadequately documented. The lack of a thorough assessment means the current Dakota Access pipeline plan may disrupt an older Mandan village site where Mandan may be buried. The site has cultural and religious significance to tribes and should be protected by the Advisory Council on Historic Preservation under federal law.

Dakota Access LLC is pressing for this pipeline to reduce the costs of oil. Shipping crude oil from North Dakota’s Bakken Shale reserve by rail or truck is more expensive than shipping by pipeline.

That is until ALL the true costs and externalities are added, like the spills, remediation, short- and long-term health and environmental problems are added. These costs haven’t been added to the true cost of oil and are instead a gamble which humans living nearest to the pipeline must pay if there is a failure.

[10-year monthly price of WTI per barrel via Megatrends]

[10-year monthly price of WTI per barrel via Megatrends]

While the oil producers and pipeline operators continue to hammer away at the cost of oil, the price of oil has fallen. They can’t drop the cost fast enough and deep enough to realize a return on investment. They will cut corners as much as possible as the price of oil falls — and it will, if demand for oil also falls as it has with the rise of hybrid and electric vehicles. Cutting corners means there will be greater risk the pipeline will not be adequately monitored or maintained, just as it wasn’t in Michigan.

As more and more alternative, green energy resources come on line along with the technology to use them, it will make even less sense to invest in pipelines which may not carry all that much oil. The Bakken Shale reserve is estimated at several hundred billion barrels of oil, but the amount which can be recovered readily and economically is much less than 10% of the estimated total reserve. If the oil is too expensive to extract AND competing energy resources are both cheaper and available, why build this pipeline at all? How is enabling our continuing addiction to oil in the long-term best interests of our country?

It will take some spine to do the right thing and force this project to slow down for a full EIS assessment. It will take even more spine to point out we are both at the end of fossil fuel and at the limit of our disregard for Native Americans’ lives. It can be done, however; just ask Canada’s Justin Trudeau how he did it.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Monday: Build That Wall

Poor Ireland. Poor Inishturk. To be forced to consider the onslaught of refugees fleeing political upheaval should one loud-mouthed, bigoted, multi-bankrupt idiot with bad hair win the U.S. presidency. I’m amused at how the Irish in this short film mirror the U.S. albeit in a more placid way. There are some who are ardently against him, some who’d welcome the business, and the rest cover the spread between the extremes though they lean more to the left than the right.

I find it appalling, though, that Trump would install a sea wall *now* after the golf course development has already been established, rather than do his homework upfront before investing in real estate which relies on natural dune formation. This kind of thoughtlessness is completely absurd, and the disgust evident in this film is well merited.

Keep your volume control handy; hearing Trump blathering may set your teeth on edge. Mute for a moment and continue.

Schtuff happens
I couldn’t pull a cogent theme out of the stuff crossing my desk today. I’m just laying it down — you see if you can make any sense out of it.

  • Ramen can get you killed in private prisons (Guardian) — The federal government may have to do more than simply stop using private prisons for federal criminal incarceration. This report by a doctoral candidate in the University of Arizona’s school of sociology suggests states’ prisons operated by private industry may be violating prisoners’ civil rights by starving them. Ramen noodles have become a hot commodity for this reason. Not exactly a beacon of morality to the rest of the free world when incarcerated citizens must scrap for ramen noodles to make up for caloric shortfalls.
  • World Anti-Doping Agency may have been attacked by same hackers who poked holes in the DNC (Guardian) — “Fancy Bear” allegedly had a fit of pique and defaced Wada after Russian athletes were banned at Rio. This stuff just doesn’t sound the same as the hacking of NSA-front Equation Group.
  • New Mexico nuclear waste accident among most costly to date (Los Angeles Times) — Substitution of an organic kitty litter product for a mineral product two years ago set off a chemical reaction un an underground waste storage area, contaminating 35% of the surrounding space. Projected clean-up costs are $2 billion — roughly the amount spent on Three Mile Island’s meltdown.
  • Build that wall! Americans blown ashore in Canada by high winds (CBC) — Participants riding flotation devices on the St. Clair River in the annual Port Huron Float Down were pushed by high winds into Sarnia, Ontario. About 1,500 Americans had to be rescued and returned to the U.S. by Canadian police, Coast Guard, and Border Service. Just a test to see if Canada’s ready for the influx of refugees should Trump win in November, right?
  • Paternity test reveals a father’s sperm actually made him an uncle (Independent) — Upon discovering a father’s DNA only matched 10% of his child’s DNA, further genetic ancestry revealed the ‘father’ had an unborn twin whose DNA he had absorbed in the womb. His twin’s DNA matched his child’s. This is not the first time paternity testing has revealed chimerism in humans.

Commute-or-lunch-length reads

  • Walmart is a crime magnet (Bloomberg) — Holy crap. Communities should just plain refuse to permit any more Walmarts until they clean up their act. Bloomberg’s piece is a virtual how-to-fix-your-bullshit task list; Walmart has zero excuses.
  • It’s in your body, what version is it running? (Backchannel) — Before the public adopts anymore wearable or implantable medical devices, they should demand open access to the code running inside them. It’s absurd a patient can’t tell if their pacemaker’s code is jacked up.
  • Dirty laundry at Deutsche Bank (The New Yorker) — This you need to read. Parasitic banking behavior comes in many forms — in this case, Deutsche Bank laundered billions.

There, we’re well on our way this week. Catch you tomorrow!

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

The Government Uses FISCR Fast Track to Put Down Judges’ Rebellion, Expand Content Collection

Since it was first proposed, I’ve been warning (not once but twice!) about the FISCR Fast Track, a part of the USA Freedom Act that would permit the government to immediately ask the FISA Court of Review to review a FISC decision. The idea was sold as a way to get a more senior court to review dodgy FISC decisions. But as I noted, it was also an easy way for the government to use the secretive FISC system to get a circuit level decision that might preempt traditional court decisions they didn’t like (I feared they might use FISCR to invalidate the Second Circuit decision finding the phone dragnet to be unlawful, for example).

Sure enough, that’s how it got used in its first incarnation — not just to confirm that the FISC can operate by different rules than criminal courts, but also to put down a judges rebellion.

As I noted back in 2014, the FISC has long permitted the government to collect Post Cut Through Dialed Digits using FISA pen registers, though it requires the government to minimize anything counted as content after collection. PCTDD are the numbers you dial after connecting a phone call — perhaps to get a particular extension, enter a password, or transfer money. The FBI is not supposed to do this at the criminal level, but can do so under FISA provided it doesn’t use the “content” (like the banking numbers) afterwards. FISC reviewed that issue in 2006 and 2009 (after magistrates in the criminal context deemed PCTDD to be content that was impermissible).

At least year’s semiannual FISC judges’ conference, some judges raised concerns about the FISC practice, deciding they needed to get further briefing on the practice. So when approving a standing Pen Register, the FISC told the government it needed further briefing on the issue.

Screen Shot 2016-08-22 at 5.39.13 PM

The government didn’t deal with it for three months until just as they were submitting their next application. At that point, there was not enough time to brief the issue at the FISC level, which gave then presiding judge Thomas Hogan the opportunity to approve the PRTT renewal and kick the PCTDD issue to the FISCR, with an amicus.

Screen Shot 2016-08-22 at 5.43.08 PM

This minimized the adversarial input, but put the question where it could carry the weight of a circuit court.

Importantly, when Hogan kicked the issue upstairs, he did not specify that this legal issue applies only to phone PRTTs.

Screen Shot 2016-08-22 at 5.45.02 PM

At the FISCR, Mark Zwillinger got appointed as an amicus. He saw the same problem as I did. While the treatment of phone PCTDD is bad but, if properly minimized, not horrible, it becomes horrible once you extend it to the Internet.

Screen Shot 2016-08-22 at 5.59.12 PM

The FISCR didn’t much care. They found the collection of content using a PRTT, then promising not to use it except to protect national security (and a few other exceptions to the rule that the government has to ask FISC permission to use this stuff) was cool.

Screen Shot 2016-08-22 at 5.47.34 PM

Along the way, the FISCR laid out several other precedents that will have really dangerous implications. One is that content to a provider may not be content.

Screen Shot 2016-08-22 at 5.55.29 PM

This is probably the issue that made the bulk PRTT dragnet illegal in the first place (and created problems when the government resumed it in 2010). Now, the problem of collecting content in packets is eliminated!

Along with this, the FISCR extended the definition of “incidental” to apply to a higher standard of evidence.

Screen Shot 2016-08-22 at 6.07.50 PM

Thus, it becomes permissible to collect using a standard that doesn’t require probable cause something that does, so long as it is “minimized,” which doesn’t always mean it isn’t used.

Finally, FISCR certified the redefinition of “minimization” that FISC has long adopted (and which is crucial in some other programs). Collecting content, but then not using it (except for exceptions that are far too broad), is all good.

Screen Shot 2016-08-22 at 6.01.41 PM

In other words, FISCR not only approved the narrow application of using calling card data but not bank data and passwords (except to protect national security). But they also approved a bunch of other things that the government is going to turn around and use to resume certain programs that were long ago found problematic.

I don’t even hate to say this anymore. I told privacy people this (including someone involved in this issue personally). I was told I was being unduly worried. This is, frankly, even worse than I expected (and of course it has been released publicly so the FBI can start chipping away at criminal protections too).

Yet another time my concerns have been not only borne out, but proven to be insufficiently cynical.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Blame It On The Bossa Nova: Lochte and Brazilian Police

The travails of the Ryan Lochte gang of American Swimmers has been playing out for a full week now. The result has been almost universal scorn, if not hatred, for Lochte et. al, and almost complete credulous acceptance of the somewhat dubious, if extremely strident, pushback and claims of the Brazilian Police.

Frankly, neither side’s story ever sat quite right with me. But Lochte’s story, among other exaggeration/fabrication, always, from the start, indicated that the swimmers were pulled from a taxi at gun point, by people in uniform with badges, who pointed guns at them, and took money from them.

And then came the dog and pony show press conference staged by the Brazilian Police for a worldwide audience during mid-day on Thursday August 18. It was a bizarre and rambling presser, that was nearly comical in its staging during its opening portion. It did, however, make clear that there was a lot more to the full story than Lochte had told, and that some of his story was flat wrong. But, if you listened carefully, as I am wont to do with cops making self serving statements, it, along with previous statements made by the police, also pretty much confirmed the swimmers were pulled from a taxi at gun point, by people in uniform with badges, who pointed guns at them, and took money from them.

So, then the question was what “crimes” and/or “vandalism” had Lochte and the swimmers really caused? There was an early news crew, I think NBC, that went to the site and did not really find all that much damage. As the statements by both Lochte and the other swimmers, notably Gunnar Bentz, came out, it was clear that there was a real question as to what, if any, real damage was done. And a question of who engaged in exactly what criminal behavior at that gas station in the early morning of August 15.

Well, now it is starting to come out. And, as expected, the Brazilians have ginned up every bit as much “over-exaggeration” as Ryan Lochte. From today’s USA Today Investigative Team of Taylor Barnes and David Meeks, which confirms some of the work previously seen from (again, I believe) NBC. It is a pretty thorough and convincing report:

But a narrative of the night’s events – constructed by USA TODAY Sports from witness statements, official investigations, surveillance videos and media reports – supports Lochte’s later account in which he said that he thought the swimmers were being robbed when they were approached at a gas station by armed men who flashed badges, pointed guns at them and demanded money.

A Brazilian judge says police might have been hasty in determining that the security guards who drew guns on the swimmers and demanded money did not commit a robbery. A lawyer who has practiced in Brazil for 25 years says she does not think the actions of Lochte and teammate Jimmy Feigen constitute the filing of a false police report as defined under Brazilian law.

An extensive review of surveillance footage by a USA TODAY Sports videographer who also visited the gas station supports swimmer Gunnar Bentz’s claim that he did not see anyone vandalize the restroom, an allegation that in particular heightened media portrayals of the four as obnoxious Americans behaving recklessly in a foreign country. Meanwhile, Rio authorities have declined to identify the guards or offer any details beyond confirming they are members of law enforcement who were working a private security detail.

Now, we can’t compare that with everything the Brazilian police have, because they have been hiding a lot of their material and, apparently, misrepresenting substantial portions of it from the start. But everything within the USA Today piece corresponds with the various videos obtained by the various media outlets, whether Brazilian, American or international, and corresponds with Gunnar Bentz’s statement, which nobody, even, quite notably the Brazilians, including police, seems to contest in the least.

In short, the overall picture of the incident seems to be bigger and more complex, with some outrageous conduct by not just the American swimmers, but also, and substantially, the Brazilians. Oh, and about that “bathroom trashing damage”? That appears to be vapor too:

At a news conference Thursday, Rio police chief Fernando Veloso characterized the athletes’ actions at the gas station as vandalism. He said they also had broken a soap dispenser and mirror inside the restroom. Reports quickly grew that the Americans had trashed the restroom.

A USA TODAY Sports videographer who visited the bathroom Thursday found no damage to soap dispensers and mirrors and said none of those items appeared to be new. Some media accounts suggested the men had broken down a door, which USA TODAY Sports also did not observe.

Bentz said in his statement that he believes there are surveillance videos shot from different angles that have not been released. He also said he did not see anyone damage the bathroom or even enter it.

Oh, and that much ballyhooed “sign” supposedly damaged? Reports are that it was a minor crack in a cheap plastic cover and that the swimmers were made to pay out somewhere between $100 to $400 to cover what appears to be mostly ginned up nonsense. Additionally, irrespective of what the “security guards” extracted from the swimmers at gunpoint, swimmer James Feigan was made to pay the amount of $11,000 as a “donation” simply in order to leave the country and return home. That is not a “donation”, that is a flat out outrageous extortion demand and payment extracted by Brazilian authorities.

I wonder what bloviating sports columnists so full of righteous outrage and apologia will say now? Brazil is to be commended for putting on a great Olympics, and doing so under difficult constraints and conditions. But for the green pools (that affected nothing in the long run), they really pulled off a fantastic, admirable and beautiful show. Even the rain did not phase or slow down the glorious closing ceremonies Sunday night.

But one point on which Brazilian authorities “over-exaggerated”, overreacted, and failed to acquit themselves well on was in relation to the randy American swimmers. According to the USA Today report, even judges in Rio are wondering if they were hoodwinked in the rush of outrage by the authorities.

The distress of the Brazilian authorities over the emerging story from the swimmers is perfectly understandable given the dynamics. But, if an international scandal was created by this incident, it appears as if it is every bit as much the fault of the Brazilan police and authorities as it is the American swimmers.

It took two for this little tango.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Breaking from Saudi Arabia!!! Two Month Old Misleading News

This Reuters exclusive is getting a lot of careless attention. Here’s what a careless reader learns:

Exclusive: U.S. withdraws staff from Saudi Arabia dedicated to Yemen planning

From that headline, particularly the use of the present tense, you might assume that the US is in the process of withdrawing its Yemen-related staff from Saudi Arabia, perhaps in response to the Saudi war crimes earlier this week.

But here’s what the story actually reports: the staff withdrawal happened in June, and was in no way a response to this week’s war crimes.

The June staff withdrawal, which U.S. officials say followed a lull in air strikes in Yemen earlier this year, reduces [sic] Washington’s day-to-day involvement in advising a campaign that has come under increasing scrutiny for causing civilian casualties.

In spite of the fact that this “exclusive” — which has since been reported by other outlets with similarly misleading headlines — describes two month old news, it nevertheless obscures that fact with its editorial choices, as here where it suggests the move “reduces,” in present tense, staff numbers, or the headline which hides that, in fact, the US already withdrew these staffers.

In fact, the report goes on to admit that this was not a response (which would have required a time machine in any case).

U.S. officials, speaking on condition of anonymity, said the reduced staffing was not due to the growing international outcry over civilian casualties in the 16-month civil war that has killed more than 6,500 people in Yemen, about half of them civilians.

But the Pentagon, in some of its strongest language yet, also acknowledged concerns about the conflict, which has brought Yemen close to famine and cost more than $14 billion in damage to infrastructure and economic losses.

“Even as we assist the Saudis regarding their territorial integrity, it does not mean that we will refrain from expressing our concern about the war in Yemen and how it has been waged,” Stump said.

I’d also suggest that reports about what non-uniformed US personnel are doing in Yemen’s immediate neighborhood would be a better gauge of the support we’re giving Saudi Arabia beyond refueling their aistrikes, the latter of which has not stopped at all.

It’s not until the last line two paragraphs of the story that we learn what this misleading news is really about:

U.S. Representative Ted Lieu, a Democrat from California and a colonel in the Air Force Reserve, said he believed such strikes could help galvanize votes for limiting arms transfers to Saudi Arabia.

“When its repeated air strikes that have now killed children, doctors, newlyweds, patients, at some point you just have to say: Either Saudi Arabia is not listening to the United States or they just don’t care,” Lieu said.

Not long ago, the US announced $1.5 billion in new arms sales to Saudi Arabia. Congress has a narrow window to affirmatively veto that sale, and people like Ted Lieu and Rand Paul and Chris Murphy are trying to do just that. The arms sale was announced such that Congress has just one day after they come back in session to reject the transfer. Stories like this — suggesting the US is not as involved in this war as it really is — will make the task all the more difficult.

The reality remains that the US, even the overt uniformed operations, continues to provide key support to Saudi Arabia’s war, and therefore to its war crimes. Selling it more arms in the wake of these most recent war crimes only doubles down on the complicity.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Wealthy Elites and Blowjobs

I haven’t seen this part of the Shadow Broker files get mentioned. The files themselves are addressed to, “!!! Attention government sponsors of cyber warfare and those who profit from it !!!!” with a description of the auction for further files (which most people believe to be fake).

But at the end of the Pastebin file from them, they include this rant.

We have final message for “Wealthy Elites”. We know what is wealthy but what is Elites? Elites is making laws protect self and friends, lie and fuck other peoples. Elites is breaking laws, regular peoples go to jail, life ruin, family ruin, but not Elites. Elites is breaking laws, many peoples know Elites guilty, Elites call top friends at law enforcement and government agencies, offer bribes, make promise future handjobs, (but no blowjobs). Elites top friends announce, no law broken, no crime commit. Reporters (not call journalist) make living say write only nice things about Elites, convince dumb cattle, is just politics, everything is awesome, check out our ads and our prostitutes. Then Elites runs for president. Why run for president when already control country like dictatorship? What this have do with fun Cyber Weapons Auction? We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what “Equation Group” can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites? Maybe with dumb cattle? “Do you feel in charge?” Wealthy Elites, you send bitcoins, you bid in auction, maybe big advantage for you?

Ostenisbly, the rant serves to warn that if such tools get out, people might target banks and financial systems, specifically mentioning the hacks on SWIFT (not to mention suggesting that if the other claimed files get out someone might target finance).

Along the way it includes a reference to elites having their top friends announcing “no law broken, no crime commit.” And right before it, this: “make promise future handjobs, (but no blowjobs).”

Maybe I’m acutely sensitive to mentions of blowjobs, especially those received by Bill Clinton, for reasons that are obvious to most of you. But the reference to handjobs but no blowjobs in the immediate proximity of getting off of a crime followed closely by a reference to running for President seems like an oblique reference to the Clintons.

If so, it would place this leak more closely in line with the structure of the other leaks targeting Hillary.

That’s in no way dispositive, but the blowjobs references does merit mentioning.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Friday: Smells Like

With the lights out, it’s less dangerous
Here we are now, entertain us
I feel stupid and contagious
Here we are now, entertain us
A mulatto, an Albino
A mosquito, my libido, yeah


— excerpt, Smells Like Teen Spirit by Nirvana

Been a rough week so I’m indulging myself with some double bass — and because it’s Friday, it’s jazz. This is 2009 Thelonious Monk Competition winner Ben Williams whose ‘Teen Spirit’ is both spirited and minimalist. Check out this set with Home and Dawn Of A New Day, the first embued with a hip-hoppy beatmaking rhythm.

More Shadows on the wall
While Marcy has some questions about the recent alleged Shadow Brokers’ hack of NSA-front Equation Group and malware staging servers, I have a different one.

Why is Cisco, a network equipment company whose equipment appears to have been backdoored by the NSA, laying off 20% of its workforce right now? Yeah, yeah, I hear there’s a downturn in networking hardware sales due to Brexit and the Chinese are fierce competitors and businesses are moving from back-end IT to the cloud, but I see other data that says 50-60% of ALL internet traffic flows through Cisco equipment and there are other forecasts anticipating internet traffic growth to double between now and 2020, thanks in part to more video streaming and mobile telecom growth replacing PCs. Sure, software improvements will mediate some of that traffic’s pressure on hardware, but still…there’s got to be both ongoing replacement of aging equipment and upgrades (ex: Southwest Airlines’ router-fail outage), let alone new sales, and moving the cloud only means network equipment is consolidated, not distributed. Speaking of new sales and that internet traffic growth, there must be some anticipation related to increased use of WiFi-enabled Internet of Things stuff (technical term, that — you know, like Philips’ Hue lighting and Google Nest thermostats and Amazon Echo/Alexa-driven services).

Something doesn’t add up. Or maybe something rolls up. I dunno’. There are comments out on the internet suggesting competitor Huawei is hiring — that’s convenient, huh?

AI and Spy

  • Data security firm working on self-tweeting AI (MIT Review) — The software can generate tweets more likely to illicit response from humans than the average phishing/spearphishing attempt. Seems a little strange that a data security company is working on a tool which could make humans and networks less secure, doesn’t it?
  • Toyota sinks a bunch of cash into AI project at U of Michigan (ReadWrite) — $22 million the automaker pledged to development of self-driving cars, stair-climbing wheelchairs and other mobility projects. Toyota has already invested in similar AI development programs at Stanford in Palo Alto, CA and MIT in Cambridge, MA. Funding academic research appears to be a means to avoid a bigger hit to the corporation’s bottom line if the technologies do not yield commercially viable technology.
  • Steganography developed to mask content inside dance music (MIT Review) — Warsaw University of Technology researcher co-opted the rhythm specific to Ibiza trance music genre. The embedded Morse code buried in rhythm could not be audibly detected by casual listeners as long as it did not distort the tempo by more than 2%.

Sci-like-Fi

  • New theory suggests fifth force of nature possible (Los Angeles Times) — The search for a “dark photon” may have led to a new theory explaining the existence and action of dark energy and dark matter, which together make up 95% of the universe. I admit I need to hunt down a better article on this; this one doesn’t make all the pieces snap into place for me. If you’ve seen a better one, please share in comments.
  • Sound wave-based black hole model may show Hawking radiation at work (Scientific American) — Can’t actually create a real black hole in the lab, but a model like this one created by an Israeli scientist using phonons (not photons) may prove Stephen Hawking was right about information leakage from black holes. The work focuses on the actions of quantum-entangled particle pairs which are separated on either side of the event horizon. Beyond adding to our understanding of the universe, how this work will be used isn’t quite clear. But use of quantum entanglement in cryptography is an important and growing field; I wouldn’t be surprised to see this finding shapes cryptographic development.
  • Pregnant women’s immune system response may affect fetus’ neurological system (MedicalXpress via Phys.org) — While an expectant mother’s immune system may prevent a virus from attacking her fetus, the protective process may still affect the fetus long term. Research suggests that some neurological disorders like schizophrenia and autism may be associated with maternal infections pre-birth.

Late adder: Travel Advisory issued for pregnant women to avoid Miami Beach area according to CDC — Five more cases of Zika have been identified and appeared to have originated in the newly identified second Zika zone, this one east of Biscayne Bay in the Miami Beach area. The initial Zika zone was on the west side of Biscayne Bay. The CDC also discouraged pregnant women and their sex partners from traveling to Miami-Dade County as a whole; the county has now had a total of 36 cases of Zika.

In the video in the report linked above, FL Gov. Rick Scott pokes at the White House about additional Zika assistance, but Scott previously reduced spending on mosquito control by 40%. Now he’s ready to pay private firms to tackle mosquito spraying. Way to go, Republican dirtbag. Penny wise, pound foolish, and now it’s somebody else’s job to bat cleanup.

Longread: Stampede at JFK
A firsthand account of the public’s stampede-like reaction to a non-shooting at New York’s JFK International Airport. To paraphrase an old adage, if all you have is a gun, everything looks and sounds like a shooting.

Let go of your fear and let the weekend begin.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Where Are NSA’s Overseers on the Shadow Brokers Release?

As Rayne has been noting, a group calling itself the Shadow Brokers released a set of NSA hacking tools. The release is interesting for what it teaches us about NSA’s hacking and the speculation about who may have released so many tools at once. But I’m just as interested by Congress’ reticence about it.

Within hours of the first Snowden leak, Dianne Feinstein and Mike Rogers had issued statements about the phone dragnet. As far as I’ve seen, Adam Schiff is the only Gang of Four member who has weighed in on this

U.S. Rep. Adam Schiff, the ranking Democrat on the House Intelligence Committee, also spoke with Mary Louise. He said he couldn’t comment on the accuracy of any reports about the leak.

But he said, “If these allegations were true, I’d be very concerned about the impact on the intelligence community. I’d also obviously want to know who the responsible parties were. … If this were a Russian actor — and again, this is multiple ‘ifs’ here — we’d have to ask what is causing this escalation.”

Say, Congressman Schiff. Aren’t you the ranking member of the House Intelligence Committee and couldn’t you hold some hearings to get to the bottom of this?

Meanwhile, both Feinstein (who is the only Gang of Four member not campaigning for reelection right now) and Richard Burr have been weighing in on recent events, but not the Shadow Brokers release.

The Shadow Brokers hack should be something the intelligence “oversight” committees publicly engage with — and on terms that Schiff doesn’t seem to have conceived of. Here’s why:

The embarrassing story that the VEP doesn’t work

Whatever else the release of the tools did (and I expect we’ll learn more as time goes on), it revealed that NSA has been exploiting vulnerabilities in America’s top firewall companies for years — and that whoever released these tools likely knew that, and could exploit that, for the last three years.

That comes against the background of a debate over whether our Vulnerabilities Equities Process works as billed, with EFF saying we need a public discussion today, and former NSA and GCHQ hackers claim we ignorant laypeople can’t adequately assess strategy, even while appearing to presume US strategy should not account for the role of tech exports.

We’re now at a point where the fears raised by a few Snowden documents — that the NSA is making tech companies unwitting (the presumed story, but one that should get more scrutiny) or witting partners in NSA’s spying — have born out. And NSA should be asked — and its oversight committees should be asking — what the decision-making process behind turning a key segment of our economy into the trojan horse of our spooks looks like.

Mind you, I suspect the oversight committees already know a bit about this (and the Gang of Four might even know the extent to which this involves witting partnership, at least from some companies). Which is why we should have public hearings to learn what they know.

Did California’s congressional representatives Dianne Feinstein, Adam Schiff, and Devin Nunes sign off on the exploitation of a bunch of CA tech companies? If they did, did they really think through the potential (and now somewhat realized) impact it would have on those companies and, with it, our economy, and with it the potential follow-on damage to clients of those firewall companies?

The embarrassing story of how NSA’s plumbers lost their toolbox

Then there’s the question of how the NSA came to lose these tools in the first place. While the initial (and still-dominant) presumption about the release is that somehow Russia did this, since then, there have been a lot of stories that feel like disinformation.

First there was David Sanger’s piece wondering about NSA being hacked — based entirely on speculative claims of three security experts (including Edward Snowden) — which nevertheless read like this.

Snowden Snowden Snowden Snowden Snowden Snowden Snowden Snowden Snowden Snowden Snowden

Shortly thereafter, there were a series of stories based on anonymous former NSA people also speculating, which had the effect of denying that those tools would be available external to NSA in one place.

The source, who asked to remain anonymous, said that it’d be much easier for an insider to obtain the data that The Shadow Brokers put online rather than someone else, even Russia, remotely stealing it. He argued that “naming convention of the file directories, as well as some of the scripts in the dump are only accessible internally,” and that “there is no reason” for those files to be on a server someone could hack. He claimed that these sorts of files are on a physically separated network that doesn’t touch the internet; an air-gap. (Motherboard was not able to independently verify this claim, and it’s worth bearing in mind that an air-gap is not an insurmountable obstacle in the world of hacking).

That is this story serves to deny what I and others, including Snowden, think is most likely: that someone at the NSA forgot to pack his hammer and screwdriver in his toolbox and his toolbox in his truck after he “fixed” someone’s kitchen sink or, more accurately, a forward deployment got compromised. Which would be embarrassing because we shouldn’t let forward deployments get compromised before we burn all the interesting toys and documents there. But also, we may find out, we’re not supposed to be that far forward deployed. And if we have been, we sure as heck ought not let those we’re forward deploying against find out.

We may learn more about specific targets that make this more clear, which would seem to be the extra bonus that would make compromising all these tools and alerting the NSA that you had them.

The impact of NSA exploiting American firewall companies should have been the subject of public Intelligence Committee oversight hearings when we learned of Juniper Networks vulnerabilities (with whispered comments about the great deal of damage those vulnerabilities had done to US agencies and companies). Given this release, the urgency of some public accountability — from both those at NSA and those purporting to oversee NSA — is overdue.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone