
Creepy Spying System Revealed by Wikileaks, Which Then Gets Hit by DDOS Attack - wmeredith
http://reason.com/blog/2012/08/10/creepy-spying-system-revealed-by-wikilea
======
andreyf
RT is, as usual, full of shit. TrapWire is no secret, but a public product,
available to any company who wants to pay for it (see www.trapwire.com).

 _"more accurate than modern facial recognition technology"_

 _"recorded digitally on the spot"_

 _"encrypted and instantaneously delivered to a fortified central database
center at an undisclosed location to be aggregated with other intelligence"_

 _"the corporation's ties are assumed to go deeper than even documented"_

It sounds a bit ominous, but what does any of that even mean? The security
video cameras have encrypted feeds into a central server, which does facial
recognition? Sounds nice, but I'd be surprised if it works well enough to be
useful (esp. if someone is wearing sunglasses), but not nearly as alarmed as
the tone of the RT article encourages. Sounds more like fantasy technology and
wasted tax money than anything else.

~~~
rdtsc
> RT is, as usual, full of shit.

"As usual" really? They are not an objective news source, for sure, but they
are decent. They often provide a good counter point on any US based and so
called "free" media news sources.

> TrapWire is no secret,

Not "secret" as in classified. Secret as in your average person on the street
probably doesn't know about, unless they of course read the "full of shit RT"
source instead of relying say on Fox News.

> Sounds nice, but I'd be surprised if it works

Alright so if we found out that China was using the technology would you be
saying the same "they have it, but no worries, it is probably not usable, so
we shouldn't worry about criticizing China for it"

~~~
andreyf
> "As usual" really? They are not an objective news source, for sure, but they
> are decent. They often provide a good counter point on any US based and so
> called "free" media news sources.

I don't read them much, but was pretty disappointed with their coverage of
CISPA linked on reddit a couple of months ago. It was very sparse on facts,
and very heavy editorialized, full of fear mongering and propaganda. Same
thing here.

------
zobzu
i'm a little scared that indeed, all mirrors are offline.

Why? because it means it's actually powerful people and not "random patriots
in the USA". Thus, I feel like it's a more direct hit to our freedom of
speech, etc.

It's also pretty obvious that no one would think Assange actually committed
crimes. You'd need to be both blind and deaf to not figured that he's been
framed into this ridiculous sex affair.

ps: hello trapwire auditors, have a nice day!

~~~
mike-cardwell
There is an up to date, official mirror running on Tor as a hidden service
that is still online here:

<http://isax7s5yooqgelbr.onion/>

I say it is "official", because the wikileaks Twitter stream mentioned it
here: <https://twitter.com/wikileaks/status/233859958767226880>

If you don't have Tor installed at the moment, it is _trivial_ to install it
nowadays. Just install the browser bundle from here
<https://www.torproject.org/download/download-easy.html> and you'll be viewing
the Wikileaks hidden service in a couple of minutes from now.

~~~
alter8
I'm too lazy to install Tor, so: <http://isax7s5yooqgelbr.onion.to/>

------
oconnore
Wikileaks needs to start distributing files encrypted before they announce
what's inside them. It wouldn't provoke a DDOS and distributing the password
after the announcement is much simpler.

~~~
Jach
They're in it for the fame, not the delivery. They could put it on public
torrent networks if they really wanted it out there. (They've done the "this
torrent is everything we have, encrypted, if something happens to Assange
we'll release the decryption key" before though.) Thanks to the Streisand
Effect the DDoS guarantees this will receive lots of attention.

~~~
derrida
It is on torrent networks, but the places hosting the torrents are being
attacked. This attack is above 10gbit/sec. It bought down the _datacentre_ of
one of the supporter sites. This could also take certain countries offline.
Saying that, their supporter sites are run by some pretty competent system
admins: here are the torrents <http://wikileaks-press.org:81/>

~~~
stephengillie
What level of network connections do most datacenters have?

~~~
derrida
T1. Yes. A T1 connection was bought down. Details and source if anybody needs
it. <http://pastie.org/4449905>

------
Xcelerate
I'm not sure if the system is as bad as it's made out to be. Check out
<http://trapwire.com>. It seems it's really just used for preventative
measures in high security areas (although any company can participate).

------
taybin
It is getting harder to tell who is actually suffering from paranoid delusions
and who is on to something. :(

~~~
white_devil
It's safe to assume there's something to most "conspiracy theories".

------
dm73
see for the leaked messages here:
<http://privatepaste.com/f9dd332518/weqwewqesada>
<https://privatepaste.com/942ba3fa3d/asdasdwqe> (source:
<http://cryptogon.com/?p=30775>)

~~~
notaddicted
as well, as far as I can tell the NYUD Wikileaks mirror is fine,
<http://88.80.13.160.nyud.net/> , and it links a directory of torrents which
is also up: <http://wlstorage.net/torrent/gifiles/> .

Anyway, I don't think wikileaks can seriously be stopped from disseminating
information if they choose to, there are a thousand ways to spread it and zero
ways to unspread it.

------
smashing
Sounds like a big waste of money for me. Too bad AI is so hard, and we are
experimenting with a human flagging system. Unlike DMCA notices in business
sector, this apparently doesn't even seem to depend have context to the
significance of the transgressions, as it appears to depend on automated
content collection from whatever sources they can muster.

I wish it was a big conspiracy by the EVIL GOVERNMENT. But alas, it is
probably a huge waste of the taxpayers' money.

~~~
wmeredith
Waste can be evil as well.

------
at-fates-hands
I'm wondering why it's a big surprise there are a group of anti-anonymous
hackers out there who want to shut WikiLeaks down.

The author loses credibility with me when he insinuates this must the
government. Trust me, if the government wanted the site down, they'd do it
themselves and not act like some sort of hacker group.

Is it such a stretch to think the Anon's aren't the only "experts" out there?

------
phreeza
Is there any way to verify externally that there is actually a DDoS of the
scale that WikiLeaks is claiming going on? Seems like it might just be a PR
stunt on their side... As mentioned in other comments, there are so many other
ways to distribute this type of info if you really want, and anyone savvy
enough to DDoS on this scale should be aware of that, plus the information
doesn't seem to be as hot as they make it out to be anyway.

~~~
7952
I would be surprised if a site like WikiLeaks wasn't under constant attack
from any number of different parties. Where is the evidence of causality?

------
fluxon
Internet Archive now seeds torrents of all new content, at honkin' speeds. But
weren't these files released in February? Or is this a new set?

------
NHQ
Has wikileaks ever heard of bit torrent?

~~~
dotmanish
They might have. But the problem for everyone would be proving authenticity of
the million clones these torrents would have then. Another trojan-distribution
opportunity?

~~~
chrismsnz
Something that seems easy to verify with a digital signature?

------
saurabhnanda
I don't know how modern DDoS works, but couldn't Wikilieaks just start
repeatedly broadcasting files over UDP streams. Like how it's done in Carl
Sagan's Contact?

------
tchunin
I'm sorry, but whats the point of DDOSing this release? Aren't there just a
million ways to push something out? How is this effective at all?

------
thatusertwo
This is science-fiction coming alive, TrapWire seems to be a little like
'Minority Report' and 'Person of Interest'.

------
lectrick
Instead of hacking Wired journalists and remotely wiping their devices (much
to their consternation), black hat folks should do this sort of thing. That I
can get behind.

------
smsm42
So let's see what this creepy thing does:

 _Every few seconds, data picked up at surveillance points in major cities and
landmarks across the United States are recorded digitally on the spot, then
encrypted and instantaneously delivered to a fortified central database center
at an undisclosed location to be aggregated with other intelligence._

Awful and scary, isn't it? Let's now take a deep breath and read it again.
We'll see how this article makes most mundane and unremarkable things sound
like a spy triller, it's a nice piece of work:

 _Former senior intelligence officials have created a detailed surveillance
system more accurate than modern facial recognition technology_

More accurate how? Than which modern facial recognition technology? All of
them together? Sounds unlikely that RT made a survey of all modern face
recognition technologies. But even if they did - what exactly it allows to do
more accurately and how much more accurately? From the descriptions it sounds
like it _is_ a facial recognition technology plus some pattern matching - but
99% of it is marketing-speak, so impossible to understand what it actually
does.

 _Every few seconds, data picked up at surveillance points in major cities and
landmarks across the United States are recorded digitally on the spot_

So we have some data recording happening in some locations in the US. We don't
know anything about these locations except that some of them are inside major
US cities and some other are in known places which aren't cities. For all we
know, it may be inside bank vaults in major cities, or inside private secure
structures - but the authors certainly make it sound as it is practically in
your bedroom. It's like they are in major cities and I am in a major city -
OMG!

Then these ominous surveillance points record video _digitally_. Oh noes! Just
like my digital camera! Must be made by CIA to spy on me too. And it does it
_on the spot!_ There must be some spy stuff going on. But you heard nothing
yet:

 _then encrypted_

As we all know, encryption is practically synonymous with shady business.
Nobody who has nothing to hide uses encryption. They do, ergo they are up to
something bad.

 _and instantaneously delivered_

Instantaneously! I mean, move over, physics, CIA is here! Oh, you mean they
just upload their videos to the central server over https using broadband
networks? Just like I do with Youtube clips? So that must mean Youtube is
under CIA control too, I guess.

 _to a fortified central database center_

Fortified center! Certainly sounds ominous - nobody ever that is up to any
good would have any physical security in his data center that stores millions
of dollars in hardware and information. Fortified means bad. It's like Mordor,
dude!

 _at an undisclosed location_

Undisclosed location? Did you ever hear "undisclosed location" in context that
meant anything good? It's or somebody is hiding from mafia hitmen, or some
spooks are meeting to discuss their spooky things. Or it's a conspiracy-speak
for "they didn't tell us where their data center is because they didn't think
it's our business to know where their data center is".

 _to be aggregated with other intelligence_

OMG, can it get _any_ worse? Other intelligence! What kind of other
intelligence? Who cares, it's obvious aggregating video with "other
intelligence" can only make it worse. Other intelligence is spookier than
anything else, just let your imagination run for a bit and you'd see how scary
"other intelligence" can get.

It's like that face.com startup that Facebook bought - that allowed to combine
facial recognition with "other intelligence" to sort facebook pictures or make
logins via face recognition APIs. I didn't know those guys were CIA, I
actually used them! Good thing facebook shut them down. Or maybe they just
were not supposed to show this technology to the people? After all, Facebook
is CIA too, so maybe they just went _underground_...

 _The employee roster at Arbaxas reads like a who’s who of agents once with
the Pentagon, CIA and other government entities according to their public
LinkedIn profiles, and the corporation's ties are assumed to go deeper than
even documented._

And now's this. Some employees of these companies worked for CIA or DoD (we
don't know in which capacity, but everybody that ever worked for DoD in any
capacity is up to no good, it's clear) or "other government entities" - you
know, Department of Education, EPA, NIH, Smithsonian, National Science
Foundation - those all are "government entities", so we can cover a lot of
ground here while sounding like we still talk about spies. And if we miss
something, we can always say "it is assumed" - by which we mean we just
assumed that because why not, but we will say it as if it is a known, even if
undocumented, fact.

So what we have is a regular video surveillance system with some algorithms
built on top, some company founded by people with govt connections, looking
probably into some juicy govt contracts on securing some of the numerous govt
facilities that need securing, and some creative writers making it all sound
like the CIA is out to get us while giving us next to zero information on
actually _what_ we are supposed to be afraid of and what new is in what they
tell us.

~~~
1gor
Can you share, which of Arthur Schopenhauer's stratagems have you used in your
reply? (<http://coolhaus.de/art-of-controversy/>)

From the last paragraph I got you're OK with having an unregulated
surveillance system in the US which records information about you and makes
god-knows-what conclusions from your movements, behaviour etc. And that's
absolutely fine, you are entitled to your opinion.

But you have taken much efforts trying to ridicule OP's use of words
"digital", "encrypted, "instantaneously", "undisclosed" etc. How is this
discussion tactics called?

~~~
tptacek
He's ridiculing the article's use of the words "digital", "encrypted",
"instantaneously", and "undisclosed" because the article's use of those words
_is in fact ridiculous_.

To understand why, log out of Hacker News, and then log back in. Your browser
and Paul Graham have conspired to instantaneously send sensitive encrypted
digital information to an undisclosed location. I hope it's fortified.

~~~
yequalsx
When Paul Graham has instruments of state power and coercion at his disposal
then the use of encrypted and undisclosed will be relevant. I do not wish for
the state to have access to this information. It being located in an
undisclosed location and being encrypted suggests to me that should the
government be ordered by a court to reveal the extent of this information it
will be hard to determine if full disclosure has occurred. The use of these
words my be needlessly alarmist but I don't see evidence of this. The
government ought not be engaging in this and it is worthwhile to be alarmed
and to try to get others to be alarmed.

~~~
smsm42
So you would prefer surveillance data (and let it be clear, security is not
possible without at least some surveillance being conducted on secured
facilities, for example - even a store like 7-11 has video surveillance
systems nowdays) be transmitted in the clear, stored accessibly to any
malicious intruder in a well-known location without any physical security to
speak of?

