Hacker News new | past | comments | ask | show | jobs | submit login
A Man Who Made the Mistake of Trying to Help Wikileaks (vice.com)
91 points by dsr12 on May 23, 2017 | hide | past | web | favorite | 82 comments



A systems administrator downloads a random zip file and a password cracker onto his work computer, when he works for the Department of Energy, gets caught and fired. The first part of the article is surprising only in that he found it so easy to get a good job in finance afterwards.

To be honest I'm not entirely sure what the point of the article is at all. He freely admits that the FBI had cause to be suspicious about his travel to Iceland, it coincided with a massive breach of information and he definitely fit the bill to warrant investigation. He and his associates all were afforded the right to counsel etc, in terms of US law enforcement stories this is more of an example of how things should be done within the context of the law as it stands.


The FBI raided his girlfriend's parents house and harassed and disrupted the lives of all his friends and family prior to him going to Iceland.

All he did was download a file. The FBI knew he was politically motivated but treated him like a criminal.

Sure his first employer is within their rights to fire him. But the hedge fund only fired him (despite him already giving notice to leave) after the FBI showed up to harass and disrupt his life.

This is not how law enforcement should work.


And yet, because of the prevailing attitude of the poster to whom you are replying, this is probably how law enforcement will remain.

"THEY GET WHAT THEY DESERVE" is an easy and natural philosophy to have, until it happens to you and your family.

And then still, many people are subtley and/or overtly pressured (terrorized) into not joining any kind of activist or opposition movement


I think the article has several points:

1: Downloading controversial data on a work computer is a bad idea.

2: When a agency like the FBI is targeting a person its very likely to cause significant harm. They do not harm minimize and can/will go after everyone you know, have meet, scare a company to fire you, ectra. The movie version where a single investigator is asking people nicely and discreetly can be a far cry from the real thing.

3: Because of the way those government agencies operate they are likely to push people into polar opposite political activity of the very goals the agency is trying to reach. Katz could likely been a tech founder here on HN, but because of the way FBI operated he now instead founded a large foreign political party with some very strong feelings about the US and the FBI.


3. I actually went on to work for a few startups here in Iceland and got stock in one of them so this didn't completely kill that trajectory, but yes the harassment certainly made certain future choices for me.


> To be honest I'm not entirely sure what the point of the article is at all.

To throw mud at Wikileaks, as if there aren't substantive criticisms they could be making.


> To be honest I'm not entirely sure what the point of the article is at all. He freely admits that the FBI had cause to be suspicious about his travel to Iceland, it coincided with a massive breach of information and he definitely fit the bill to warrant investigation.

Surprise, not all journalism is outrage porn and propaganda :)


In a police state we are all suspicious. If you'd lived in a communist/fascist country you'd know that.


I remember when this happened. I didn't get to talk to Katz for a year or more after the server got taken down. He confirmed later his move was basically due to fear of the feds trying to come down on him however they could while collecting scalps in response to the Wikileaks/Manning leaks. All of this wouldn't have been possible without Lamo feeding virtually useless information to the feds to try to score brownie points with them, and Strutt doing absolutely nothing to protect the server he hosted for his "friends" in the hacker community. It was a sad wake-up call.


Heya Jason here, have we talked in the past? I was actually already in the process of my way out of the states when all this went down. In a general sense Fedz rely on disrupting the support networks (familial and friend) of those persons whom they deem targets. It's a common pattern when they've got a high profile case and they're being pressed by administration for somebody, anybody to prosecute.


Hey this is cf. I had no idea this was all going on, and I appreciate you trying to shield me and other people from getting pulled into this. You dropped off Jabber and I worried if you were alright. I'm glad to see you thriving in Iceland.


oh hey! yea I definitely cut contact with a lot of folks without explaining to them that it was to keep them out of a position where they might inadvertently lie to LEO and themselves then be coerced into helping.

I don't think many people understand that lying to Federal officials, even innocuous ones can be prosecutable, depending on zealous they want to be.


I appreciate it. Anyway all my old email addresses still work if you want to get back in touch.


The words of yours which resonated with me were how your support network was rounded up and I had similar experience from a completely left field, but the same origin in as much LEO was desperate to have me charged with anything. Bit of explanation is in my recent comment history just the other day I realised that my personal privacy had been traded long ago unknown to me and the results I can only hope will be as recreative in my life.

I'm tempted to joke that the TL;Dr for all such encounters is Authority Cannot Afford Being Wrong But Isolated From Social Function Unable To Evaluate Reputation Risk.


Warning, this "website" eats 100% CPU every time you dare to scroll to read text.



This is an amazing service I didnt know about. Thank you.


Gee. Seems like a short time until publishers sue for infringement. Laughably, Outline's terms require that you (the browser) have [1] "all the rights to the Content".

[1] "You represent and warrant that you have all the rights to the Content and that none of the Content: (a) infringes, misappropriates or violates any Intellectual Property Rights; ..."


as long as they respond to DMCA takedown requests they are not legally liable


Christ that's janky, takes a good half a second to begin scrolling after I pull down on my trackpoint.

Javascript was a mistake.


I have all JS disabled by default. Site looks fine. :)


Same. Loads quickly too!


not on my browser. probably ad-block related, i.e. I'm using ad-block and the page doesn't eat all my CPU.


I have Ad Block and it spikes to 60% CPU


Have you tried uBlock Origin?


Ublock Origin here and no problems. That page needs some CPU when opening it, but then CPU usage drops significantly to less than 5%.


Same, and the scrolling is horribly laggy.

Using Reader-Mode in FireFox works, though.


Using uBlock Origin and Ghostery, seems to cut the vast majority of that... I do allow the comment services and media options though.


Unfortunate the clickbait headline says it was a "mistake". A mistake is something you wish you hadn't done.

"I don't regret my actions, because they led me on a really interesting journey."


It's not click bait, what you are defining is regret and regret is not needed for something to be a mistake.

I have made many mistakes in my life - some I regret, others I do not.


I disagree.


[flagged]


We detached this subthread from https://news.ycombinator.com/item?id=14404829 and marked it off-topic. We've asked you before not to post like this. We ban accounts that won't stop.


Wow you totally told me bro!


Has dang simply not seen this, or are the standards for incivility moderation significantly relaxed in cases where the sentiment is popular?

edit: disregard this.


I don't know, what did he say when you contacted him?


[dead]


I vouched for this comment. I don't know if I should have done so.

I find this whole story very confusing. Why won't wikileaks confirm or deny whether he worked for them? That would either put these conspiracy theories to rest, or provide significant evidence for them. Instead they seem to strongly hint that he might have been a leak, but won't outright confirm it. It's like they want to fuel conspiracy theories without feeling responsible for them.


There are three plausible reasons why Wikileaks wouldn't say anything:

1. They have a general policy of not confirming or denying such matters.

2. He worked for them, and they do not want to further conspiracy theories (or aid in bringing possible murders to justice).

3. He didn't work for them, and they do want to further conspiracy theories rather than eradicate them.

Given the way that they've operated recently, the third option does tend to seem more plausible than option #2.


>Why won't wikileaks confirm or deny whether he worked for them?

Because they have a lot to gain politically by hinting at it and adding fuel to the conspiracy theories while being able to say "we didn't actually say he was our source" if the actual data comes out proving he wasn't.

>It's like they want to fuel conspiracy theories without feeling responsible for them.

They do and your vouching this above comment is just helping these people smear a dead mans life.


Alright I undid it, mostly because I don't want to get in trouble with the mods. That does make a lot of sense. I have a friend who is really into this stuff and showed me videos about it. So I reacted negatively when the only discussion about it was flagged to hell, and all the comments were just telling him to "fuck off" with no argument.


Thank you for the support of free speech anyway. I do not claim it is true, I claim that there's enough 'hints' that it should warrant a proper investigation and not a coverup.

As for this guy's claims:

1) Assange all but confirms it: https://twitter.com/JulianAssange/status/866536275972689920

2) Seth Rich's parents want the truth and justice as well, instead of the coverup that was done so far: https://www.youtube.com/watch?v=IcKiYTq5Gho


Assange all but confirms it on his account:

https://twitter.com/JulianAssange/status/866536275972689920

As for the 'smearing a dead man's life', I don't see how it's smearing - if it gets proven to be true, that man is a national hero. And as for 'causing hardship to his family', which is probably the next angle you're gonna try to use, the dead man's parents want the truth too, and not a coverup of their son's death:

https://www.youtube.com/watch?v=IcKiYTq5Gho


Assange is very careful to give the impression of confirming it while never actually doing it because he wants to fuel the fires.

>I don't see how it's smearing

You're saying he isn't trustworthy and that he is a criminal.

>he dead man's parents want the truth too, and not a coverup of their son's death:

That video was thanking people for supporting the gofundme campaign and has nothing to do with the conspiracy theories. This fact has been posted everywhere the video has for days now so given your obvious interest I can only assume that you're posting it knowing this.

His family have threatened to sue fox and his brother wrote quite the letter to Hannity asking him to stop.


I am saying that he's a hero.

As for the threats to sue, they were issued by a DNC spokeperson, and not by the family: https://i.redd.it/2p4wvr9k9wxy.png


You believe the leaker is a hero. But what you are saying is that he hacked into his employers email accounts and stole their emails then distributed that information to a third party.

It's nice to see the DNC supporting his family. Search for his brothers letter.


> You believe the leaker is a hero. But what you are saying is that he hacked into his employers email accounts and stole their emails then distributed that information to a third party.

What do you think should happen to trump leaker?


Some people envision something like the punishment that Chelsea Manning received. Or even worse, given how many authoritarian bootlickers claim she "got off easy". Of course, that may already have happened...


What do you think I think should happen to the DNC leaker(assuming it is a leaker)? Because I haven't actually stated my opinion on that anywhere.



Your account appears to be using HN primarily for political and ideological battle. That's an abuse of this site, and we ban accounts that do it (regardless of political leaning) so please stop.


Wheeler: "I have no evidence but I'm pretty sure the police are hiding something!"

Foxnews corespondent: The family is begging me for help.

The family: https://www.washingtonpost.com/opinions/were-seth-richs-pare...


> As for the 'smearing a dead man's life', I don't see how it's smearing - if it gets proven to be true, that man is a national hero.

You're ignoring the inverse of that statement: if it's false, then you're actively trying to use a regular murder for pure political ends and abusing the justice system to do so.


It is not fair that Hacker News killed parent without discussion.



That rule makes no sense if the source is dead. Let alone murdered. The point is to protect their sources. But if there really is a conspiracy, they are only protecting the murders. This gives me a much lower opinion of wikileaks.


That does seem logical, but the other side is logical too - the leaker might not have been a 'lone wolf', and by officially confirming the leaker's identity, they could jeopardize leaker's helpers.

edit: and I forgot the main point, they need to keep the status/image they have, that they will NEVER give up leaker's identity, so they don't scare off future leakers.


That doesn't make sense. Confirming his identity wouldn't make it any easier to identify any helpers unless you believe all 3 of the following things: He leaked the emails, He was killed for leaking the emails, The killers won't know his identity unless Wikileaks confirmed it.


I will not try to claim I know their motivations. But it's a security/OPSEC rule, and just because it doesn't apply in specific cases doesn't mean it should be thrown out.

And like I said, I believe their main motive is to keep the trust of possible future leakers, in the sense of insisting that they will never officially confirm identity of their sources for any reason.


If they really believed in not releasing the details they wouldn't have hinted at all. They wouldn't have said anything because hinting at the identity is the same as confirming it if it is really the leaker.

The fact that they have but aren't actually confirming it says it all really.


Ugh, why do people peddle this stuff?


[flagged]


Assuming your standard for evidence is really that low, I find it disheartening that you think the connection between Trump and Russia has little or none. I'm forced to conclude that you are not weighing all the evidence for either with an open mind, and are starting from an existing conclusion on both.


What? Has any evidence of the Russia Election Interference/Hacking become available in the public domain?


Yes, technical analysis by leading security firms. Malware samples from compromised networks, strongly attributable phishing campaigns.


To add to this, here's a comprehensive list of everything related to just the 2016 US presidential campaign:

https://en.wikipedia.org/wiki/Russian_interference_in_the_20...

Nevermind their track record interfering elsewhere.

Cue the whataboutism WRT the US meddling in other's elections.


Can you provide a source please?

Edit: I was downvoted for kindly asking for a source?


https://www.crowdstrike.com/blog/bears-midst-intrusion-democ...

At this point it's essentially impossible to make a credible claim that Russia did not compromise the DNC network. At best you could try to argue that they weren't the only ones to do so, but that feels like grasping at straws.


You realize that crowdstrike retracted the report? They were called out by some kids on the internet and got some media coverage, Feinstein commented the next morning, regretfully admitting crowdstrike, the only evidence they had, had to retract, here is the 'hard evidence.'

https://weaponizedautism.wordpress.com/2017/04/09/trump-dns-...


You're talking about a different report, about the presence of X-agent in Ukrainian artillery. And it wasn't a full retraction, it was just a correction, which did not undermine the key points. https://www.crowdstrike.com/wp-content/brochures/FancyBearTr... The correction had to do with mis-representing the number of troops killed, it did not dispute that an X-agent variant was found on the artillery.


I have seen this and also the criticisms of it. I am not understanding what exactly is the definitive proof here, can you help me understand?

To be fair, the criticisms were that they were hired by the DNC after the DNC dragged their feet on giving the FBI access. For some reason they gave this firm the right of way. The original report has also since been revised and had portions retracted... So it wasn't a gold standard of evidence to begin with.

To be fair there are many respectable people (who are strongly anti-Trump) questioning this[1].

1-https://theintercept.com/2016/12/14/heres-the-public-evidenc...


That criticism is really lacking. The biggest evidence is that it was an X-agent variant that used a known APT 28 IP address as its C2. The author's argument about APT groups wanting to switch IP addresses around as quickly as possible doesn't make sense. If you're using an IP-address-based C2 you want to hold onto it for as long as possible, because the second you give it up you lose the ability to control all your malware. Reusing infrastructure is very common, and is not at all a sign "sloppiness" as the author claims. APT groups generally don't care if you can correlate their different attacks, because it doesn't actually affect them. And having a complete separation of all your infrastructure for every attack is time consuming and has a serious burden of effort that limits the pace at which you can attack, all for very little gain. Infrastructure gets reused all the damn time, as does malware, and even certificates.

Source: I'm a member of the security research community.


The FBI has still not been given access to the server... Comey just testified to that fact last week. They were stonewalled. They went to crowdstrike instead, eventually, who retracted the the only actual evidence which supported their claims just recently. Crowdstrike retracted upon the internet discovering the relevant dns records were most likely spoofed. Dare you to not refuse to read through this.... https://weaponizedautism.wordpress.com/2017/04/09/trump-dns-...


>I am not understanding what exactly is the definitive proof here, can you help me understand?

There's no definitive proof, there's evidence. This is as definitive as it gets, we've got a report by some of the best people in the field that's also been corroborated by the US DHS.

I'm sure this is far better evidence than anything that exists to the contrary, people get convicted on shakier grounds every day.

It is not disputable that DNC servers were infected by Russian government malware.


> There's no definitive proof, there's evidence. This is as definitive as it gets, we've got a report by some of the best people in the field that's also been corroborated by the US DHS.

Last time I checked the DHS hasn't seen the server yet.


> It is not disputable that DNC servers were infected by Russian government malware.

Because the signatures of 'Russian government malware' were found? Same signatures we recently found CIA can (and does) easily fake?


Did we? Care to cite a source? I'd be very surprised if anyone can fake IOCs and signatures well enough to fool an analyst.


Why is it definitive? Are you able to help me understand that?

Was the initial report they retracted more or less definitive?

Remember the Iraq War was also started with lies corroborated by the US Gvt and the courts did not pose an obstacle to it...

I dont care if men eith epilletes tell me so. I want to see the proof.


>Was the initial report they retracted more or less definitive?

At this point you're just trolling.

>The company removed language that said Ukraine's artillery lost 80 percent of the Soviet-era D-30 howitzers, which used aiming software that purportedly was hacked. Instead, the revised report cites figures of 15 to 20 percent losses in combat operations, attributing the figures to IISS.


Hey, hey now, I am kindly asking a reasonable question, and I and others are raising reasonable concerns and now you started to slinging mud. Do you actually have any technical facts to substantiate your "as definitive as it gets" statement? Because slinging mud makes you look unreasonable in my eyes and I'd like to know what facts stand behind your argument.


Crowdstrike has been wrong before and has some sketchy connections that are summed up nicely in the article here: http://archive.is/CogZx

The founder of Crowdstrike, Dimitri Alperovitch is a Senior fellow at the Atlantic Council. The Atlantic Council is funded by a guy named Victor Pinchuk who is a Ukrainian (and dislikes Russia), and he donated $25 million to the Clinton Foundation. (story found here: http://archive.is/DUtMN ). Furthermore (read the first link) the DHS report about the DNC hack given after a FOIA request amounted to TWO PAGES with information anyone could have googled from the internet.

If you just look at the wikipedia for the Atlantic Council ( https://en.wikipedia.org/wiki/Atlantic_Council ) it states several members have left the organization to work for the Obama Administration including Susan Rice. Susan Rice as you all know illegally unmasked members of the Trump campaign to hinder his presidency.

Finally I believe this article is very important: http://archive.is/DUtMN it shows the cozy relationship Victor Pinchuk had with the Clinton state department.


I think ill wait till a government agency can corroborate this, considering the current political climate I don't think you can trust a the conclusions of a hired company.



lol Crowdstrike is a total joke. Everything they do is to cover up the horrible truth.

DNC, Podesta and Hillary's got totally fucking pwnd by NSA's stolen virus arsenal. They were the Shadowbrokers very first target.

The whole "muh Russia" narrative is a big fat lie to cover for NSA's ass blowing in the wind.

Because what would happen if folks discovered it was NSA's direct fault for the election getting rigged on both sides?

NSA has gone so far in their extremism that now they can't let anyone blame them for their actual fuck ups that endanger all of us.

The weirdest thing about Guccifer isn't what he did, nor how he did it, nor why, but that he's is still, today, tweeting in public, mocking NSA, which I know they know, and yet they do nothing.

I won't tell you who. If you're smart, you'll find him. He loves puzzles, and he's the best I've ever seen at it. Think of it as a meritocracy. If you're worthy, you'll figure it out on your own and join the club.

The real story behind Guccifer is why NSA covered up for Guccifer. I don't know if Guccifer the Shadowbroker is ex-NSA or even active NSA, but whoever he is, there is no way to separate what he did from what NSA did.

Think I'm larping?

Then why do I have screenshots of Podesta's Gmail password reset 3 months before it happened, and the Clinton Foundation's Exchange admin panel and the CMS for their backup vendor?

Everything Crowdstrike has said is laughably wrong. They're so shitty at cyber they deserve to get popped like Sony.

Maybe it already happened, who knows? ;) Crowdstrike won't exist in less than 2 years. You'll see.


I didn't say it's got proof. I said it's got more proof than the Russia-Trump connection.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: