Hacker News new | past | comments | ask | show | jobs | submit login
How Covert Agents Infiltrate the Internet to Manipulate, Deceive (firstlook.org)
234 points by rdl on Feb 24, 2014 | hide | past | favorite | 139 comments



What was suspected about government abuse of power turns out to have been nothing compared to the scope of it.

Here are some of my suggestions in response: 1. Stand up on mass, digitally and in person, for what you believe in - don't shy from people sneering or judging that you are distrustful of the existing structures of powers. 2. Exclude the people who support this type of spookery, from investment bankers, to hawking politicians, from polite company. Whether you meet them at a party, or a plane, shun and shame them. 3. Crank up the noise. Write, make, do what you can to get more stuff out there. 4. Don't be singular. Be the complexity. 5. Never believe again. Demand evidence, oversight, & review processes. Demand transparency. 6. Commit to fixing what's broken. Fix the drug wars, fix the election system, fix the income inequalities, fix the racial divide. etc. 7. ? what else?

ps. Any obligatory comments about the obligatory NSA jokes?


> 2. Exclude the people who support this type of spookery, from investment bankers, to hawking politicians, from polite company. Whether you meet them at a party, or a plane, shun and shame them.

This is a remarkably effective method to alienate people who are "on the fence." These are precisely the people that you need for suggestion #1 to be effective.


I used to live by this idea, but recently I've found that if instead of spoon-feeding arguments until they click you just are outspoken and determined, those who were gonna join you just figure it out for themselves and you stop wasting time with those who will forever be milquetoast until it's safe. It's not as simple as you portray it.

this passage from Catch-22 comes to mind whenever I see someone desperately demanding moderation between a ruthless right and a radical left

Everyone agreed that Clevinger was certain to go far in the academic world. In short, Clevinger was one of those people with lots of intelligence and no brains, and everyone knew it except those who soon found it out. In short, he was a dope. He often looked to Yossarian like one of those people hanging out around modern museums with both eyes glued together on one side of a face. It was an illusion, of course, generated by Clevinger's predilection for staring fixedly at one side of a question and never seeing the other side at all. Politically, he was a humanitarian who did know right from left and was trapped uncomfortably between the two. He was constantly defending his Communist friends to his right-wing enemies, and his right-wing friends to his Communist enemies, and he was thoroughly detested by both groups, who never defended him to anyone because they thought he was a dope. He was a very serious, very earnest and very conscientious dope. It was impossible to go to a movie with him without getting involved afterwards in a discussion on empathy, Aristotle, universals, messages and the obligations of the cinema as an art form in a materialistic society. Girls he took to the theater had to wait until the first intermission to find out from him whether or not they were seeing a good or a bad play, and then found out at once. He was a militant idealist who crusaded against racial bigotry by growing faint in its presence. He knew everything about literature except how to enjoy it.


I guess I wasn't talking about people on the fence, I was thinking more about those that either participating by proxy, or participating directly. However, I may disagree with your claim that social pressure would alienate people on the fence. Bush's 'you are either with us or against us', was surprisingly effective politics at the time.


> Bush's 'you are either with us or against us', was surprisingly effective politics at the time.

I am curious how you came to this conclusion? Maybe this is more of a personal observations and is colored by your political leanings and those that you are surrounded by? I know a lot of people that were not turned on by the "with us or against us" line. I also think that it did not go over well in the international political arena.


Perhaps it only appeared effective in shifting the center in support of the war. It didn't have much effect on myself or those around me. But I think that there has to be a social function to be able to call out the people who are doing this work, or who are supporting this work. It's people who are doing this - not some nameless bureaucracy or some autonomous machine. People are responsible for this, and we need to find ways of holding them accountable. Socially or otherwise.


This is also one of the things that killed the British response during the American Revolutionary War, at least in the South. They forced people who would otherwise have stayed neutral (if not sympathetic to the Crown) to choose sides.... and they chose to keep their farms and land safe (i.e., they chose for the Patriots).


> Never believe again. Demand evidence, oversight, & review processes. Demand transparency.

We've found a reason to demand this stuff every single year for the past 200 years. At some point, you need to go beyond demanding it and actually get it.

> Commit to fixing what's broken. Fix the drug wars, fix the election system, fix the income inequalities, fix the racial divide. etc.

And I think this is the closest thing to the correct answer. I think privacy advocates would be absolutely shocked to discover that fixing things like this would naturally help fix NSA abuses. And TSA abuses. And police brutality.


> actually get it.

I agree absolutely. With everything you mention. These things are intertwined. The solutions need to be intertwined as well.


It's not broken, it's working as intended.


And we must never forget that this is simply criminal.

Nobody should get away with that.


I understand what you are saying. It's broken for us.


En masse


> “using online techniques to make something happen in the real or cyber world”

This isn't just an attack on the internet, as Greenwald portrays it, it's an attack on people and free will. It's intended to get people to do or say something that they might have done differently otherwise, in response to the "crime" of being a pain in the ass, or even a threat, to the powerful.

> In fact, the discussion of many of these techniques occurs in the context of using them in lieu of “traditional law enforcement” against people suspected (but not charged or convicted) of ordinary crimes or, more broadly still, “hacktivism”, ...

Is this the best we can do with this civilization, to wear away and destroy people because they're inconvenient to the powerful?


To me, the scariest part of JTRIG is how targets are "determined." The actions taken against said targets by the NSA/GCHQ seem extrajudicial yet they can ruin these peoples' lives. The word “hacktivism” is itself a moving target, which gives these opaque agencies unimaginable power.


> The actions taken against said targets by the NSA/GCHQ seem

> extrajudicial

That's why it's secret.



> This isn't just an attack on the internet, as Greenwald portrays it, it's an attack on people and free will. It's intended to get people to do or say something that they might have done differently otherwise, in response to the "crime" of being a pain in the ass, or even a threat, to the powerful.*

Isn't that a good definition for terrorism?


No.

"Terrorism is the systematic use of violence (terror) as a means of coercion for political purposes." https://en.wikipedia.org/wiki/Terrorism

They're not using violence, terror, they're using non-violent and subtle psy-ops. Terrorists want you to know who did it and why they did it. These psy-ops spies would prefer that they're never discovered.

Although if we were doing something like this, they would call that terrorism. Because anything that they can possibly insert themselves into automatically becomes terrorism.


> Although if we were doing something like this, they would call that terrorism. Because anything that they can possibly insert themselves into automatically becomes terrorism.

That's an interesting way of looking at it.

I would have said it the other way around: "If the 'good guys' found out the 'bad guys' were doing something like this, they'd call it terrorism.


We may have crossed a wire or two.

By "we" I meant everyone who is not a spy. By "they" I meant the spy agencies. And so, if the spy agencies take an interest in some activity, it becomes by (their) definition terrorism, so that they can claim that it's within their charter.


Gotcha, we're saying the same thing.

So, by definition if we agree the "good guys" would call this terrorism, then isn't this terrorism ?

(After all, the "good guys" are writing the history books, and they're making the definitions, because whatever the "good guys" say is obviously correct)


Well, if by "good guys" you mean the NSA, I think we've crossed some wires. :)

But no, it's not terrorism, especially not merely because they say it is. There's no violence, and the perpetrators not only don't want to be found out, they don't even want people to realize that something happened. Not all evil is terrorism (but all terrorism is evil).


> But no, it's not terrorism, especially not merely because they say it is. There's no violence, and the perpetrators not only don't want to be found out, they don't even want people to realize that something happened. Not all evil is terrorism (but all terrorism is evil).

You're going by the dictionary definition, I'm going by "it's whatever they say it is".


Wherefore art thou tptacek? I can't wait to hear how this is totally not surprising at all and how this is absolutely what spies have been doing since forever and therefore no action need be taken. I'm also missing my daily dose of his irrelevant ad hominem FUD against Greenwald, Barret Brown, Snowden et al.


The Stasi has done the exact same thing, it's called "Zersetzung". http://www.ddr-wissen.de/wiki/ddr.pl?MfS-Richtlinie_1-76


Is this a good thing or a bad thing that the Stasi has pursued a similar course of action?

Personally, I am disgusted by not surprised that the same authoritarianism can be found all over the world, even in a nominal democracy like the US.


Ruining someone's reputation is not something only a government could do. Companies with enough money and a few (black-hat) SEO experts might be able to pull a large-scale reputation-kill to anyone who is an upcoming competitor or a pain-in-the-ass person. Small-scale reputation hacks happen all the time. What the heck, there is an industry where you can pump your own reputation up legally.

So the question is: how can we protect ourselves from any of these efforts (may or may not be coming from a government)?


how can we protect ourselves from any of these efforts

Good question.

One is to live as honestly as possible. Including making others aware of attacks on your character. This may mean admitting your own faults or deviations, which can be painful, but it deprives your opponents of a lever or fulcrum against you.

Reading the FBI blackmail letter to Martin Luther King recently, I was struck by how similar the language was to that of many modern-day trolls. Some tactics simply don't change.

I'm looking for some good guides, though I'm not aware of any in particular (and the Albert Einstein Institution seems oddly silent on this point).

This page has some good bits (under "WHAT CAN WE DO ABOUT IT?"): http://forum.prisonplanet.com/index.php?action=printpage;top...


> So the question is: how can we protect ourselves from any of these efforts (may or may not be coming from a government)?

What's been working for me so far is just being pretty boring. Although I guess I could be even more boring (e.g. less arguing online ;).


The question one day may devolve to: how can we use these techniques in reverse?


1. Get a government contracting job with a high-level security clearance and broad levels of access.

2. Assimilate significant quantities of incriminating information.

3. Disseminate this to the world via a leaking portal or sympathetic journalist.

4. Profit!


Once again, let's not go overboard.

This is real, but so is companies just having people online who naturally do these things. God knows you can't poke Google around too much without a Googler making an impassioned plea for them. Same goes for Facebook, or any of the other large SV employers.

And then there's just fans. Seems like I remember Amazon coming to the conclusion, after digging through spurious bad reviews of products, that many of them were just from people who had other brands and didn't like that one. So they made up fake reviews. That's not some mysterious spy agency; that's the guy who runs the garage down the street.

And that's why these things are so effective -- they blend into the noise that is the crap that is the internet at large.

I'm concerned about this in general, but I need more information about how this is being used as part of an extra-judicial punishment before I start bouncing off the walls.


Not sure how I feel about this.

1. If you're stupid enough to get caught up doing illegal crap online in PUBLIC domains then...yeah...I mean do you think they're NOT looking?

2. this is actual spy-craft and when applied abroad, I have NO qualms about using it to the USA's advantage

3. How is any of this new information? After Operation Mockingbird, how is anyone surprised?


Since the source document is from GCHQ (Britain's NSA, if you like) it seems valid to ask whether similar workarounds by internationalisation are in place for disinfo (which this manifestly is about, right?) as seem to be in place for collection.

Which is to say that US netizens are quite likely among the prime targets here.

The practices alluded to - a battery of psychological techniques designed to influence group dynamics of, and disrupt the sharing of information by, online communities - seem at least as suitable for controlling dissent as for action against overtly illegal activities. How does destroying the reputation of a company help with the latter, for example?

I'll tell you what though, fascinating though this is, I wish we had got the 'real poop' - materials which must surely exist for the training alluded to, fleshing out the practical details, with illustrative examples!


Frankly, even though this is clear proof of what ANY informed person SHOULD HAVE ALREADY KNOWN...I want the REAL raw information.

I want the data on false flag stuff and covert James Bond missions.

Snowden needs to drop the REAL gems.


I agree.

Hey, any GCHQ 'magicians' here? C'mon, the cat's out of the bag... Lighten up! Strut your magic here and show us how it's done!

You know that story about the soccer match between the trenches.. This could be that, right?


The Christmas Truce is a fascinating subject. See eg https://en.wikipedia.org/wiki/Christmas_truce (I can recommend http://www.amazon.de/Der-kleine-Frieden-Gro%C3%9Fen-Krieg/dp... if you can read German.)


Please don't forget that Snowden gave all his documents away and is no longer in possession of them or disseminating them (other than his rumored insurance file). Future documents rely upon the few people he gave the documents too.

As a side note, this has been standard practice since the time of Hammurabi, where political asylum was granted but only if the seeker stopped agitating against his original state.


The whole point is that the targets of this activity have not been caught "doing illegal crap online." If they had been caught, the government would actually charge them with a crime.

Also note that the article is about the GCHQ, so anyone in the U.S. is "abroad" to them.


About your point 2:

You say it's fine if it's applied abroad. But assume that someone abroad is applying it to what is to them "abroad", that is, what to us is domestically. But it's a foreign operation trying to influence domestic policy. That is, to apply this against foreign operators, it may well need to be applied domestically.

Now, the gotcha: I see the need. But do I trust the NSA/CIA/FBI/whoever to apply it only against foreign-controlled domestic operations? No, I don't.


First, these people have not necessarily done anything illegal.

But let's say your facebook suddenly has "accidental" porn searches for "big black gay cocks". Or your picture mysteriously turns up in a set of pictures for Occupy Wall Street (dirty hippy!) even when you were not there.

However, the only good about this is that the more revelations come out the more courts and people will ignore internet "evidence". And that's as it should be.


> this is actual spy-craft and when applied abroad, I have NO qualms about using it to the USA's advantage

This is from the British spies. So using it abroad would be eg against the US.

(And why are foreigners worth less caring than Americans anyway?)


You could make an 'Illuminati' card-game expansion set out of a few of these slides.


Is it just me or do these slides make GCHQ look like a bunch of frustrated PUAs? Jump forward to the slide following the text "The documents lay out theories of how humans interact" to see what I mean.


Both GCHQ and "frustrated" PUAs deal with human interaction, it is unsurprising if they write about the same things.


It's tough being taken seriously for GCHQ when compared to the likes of NSA.


Everything in (press coverage about) the docs so far makes it seem pretty clear GCHQ punches way above their weight class (in terms of budget, and general UK military strength) compared to NSA.


They also seem more brazen than NSA. GCHQ scares me more than NSA does. NSA is existentially terrified over losing budget. GCHQ doesn't act like they're worried about anything at all.


NSA is bankrolling GCHQ and in most respects the latter seems incredibly subservient to the former. In light of that, your position doesn't make much sense to me.


I wonder if their internal cryptonym for themselves is "Honey Badger".


I wonder how Israel's spies stack up. (But I guess they might have some actual work to do, and thus don't have as much time spying on ordinary citizens.)


Unit 8200 is very well regarded. I've only encountered them post-8200 service in the commercial world, though -- I'm sure the unit itself is very focused on domestic and near-abroad threats.


Is this not just what spies and covert agents have been doing for centuries? But now with extra * INTERNET !!! * added, which somehow makes it worse? I would be more worried if our spy agencies and intelligence organisations did not have this sort of capability, and could only manipulate and deceive using TV, newspapers, talking, joining societies, clubs and associations, following people and so on.


And now thanks to Mr. Greenwald's reporting, citizens & elected officials, policy wonks & pundits, scholars & laymen alike, can all discuss actual facts instead of relying on grkvit's assumptions about how government spy programs operate.


The net permits it to be done with unprecedented precision, scale, ease, and deniability.


It isn't just the net though. It's also deep pockets of the defence industry.

If we really want reform, the uncomfortable truth is that the only way to reform the system is to reduce the amount of money flowing to defence contractors. Unfortunately I think, aside from a total economic collapse, pigs will sooner evolve wings.


Computers do. Networks too, but the NSA and military have had networks far longer than the rest of us.

The only thing that has really "scaled" here is the people themselves, and I don't find it strange that all the normal real-life problems have followed people as they migrated online.


We have always been at war with citizens.


Do you ever get tired of being so sarcastic?

As if this nation of 300M+ people is all on the same page?


In the 20th century CIA could assassinate people...and in the 21st century the same CIA can assassinate 1000x more people with drones. So what's the big deal? It's "the same". And it's their job.

See the fallacy of your logic there?

> The broader point is that, far beyond hacktivists, these surveillance agencies have vested themselves with the power to deliberately ruin people’s reputations and disrupt their online political activity even though they’ve been charged with no crimes, and even though their actions have no conceivable connection to terrorism or even national security threats.


By thet logic, lots of people had `jobs' in Gulags and concentrations camps, too.


The "Five Eyes Alliance" bothers me. What lines in the sand are drawn in each country? Are there some that the NSA isn't allowed to cross but GCHQ can?

Is it a matter of saying "Hey GCHQ we have a guy who is in the US who we can't do these things to but he's related to this guy over here in foreign country ?" Wouldn't traditionally that example include the CIA/FBI instead? Or for less oversight would it make more sense to use one of the Five Eyes Alliance nations. I think that in that example that's troublesome in that it undermines what for better or worse where bureaucracy protects the citizenry of the US.

Edit to include the CIA


"What lines in the sand are drawn in each country?"

The line is drawn officially at the point they can use legalese verbiage to avoid any problems. So that line was supposed to be, at least for the NSA and CIA, "Never spy on American's without a warrant." (according to William Binney, Thomas Drake, et al) The real line though, is whatever they can get away with. The USUK (five eyes) was setup in 1947, and has been used as a giant loophole of sharing ever since.

The real issue though, the one everyone likes to ignore, is the origins of the US and British intelligence world in the first place, as a covert arm for banker elites in Wall Street and in The City (London). These are entities and groups of entities who have very little allegiance to a single nation (British aristocratic royalists as the rare exception) and use nation against nation as if they were simply pieces on what Zbigniew Brzezinski calls the "Grand Chessboard'.

I am continually awaiting the day that everyone realizes the NSA/CIA/DIA/DoD...etc violations of privacy are simply a small part of a larger issue, namely, that the supranational corporate elite realized that technology has finally gotten to the point where if they make a power play now, they or their grandchildren can be "gods" among the proletariat masses. Our entire American government system of checks and balances is utterly corrupt, including all three branches and the fourth estate.

I used to be part of their action arm (USMC combat vet), and it took many years of study since I got out to come to these conclusions. What really frustrates me though, is that, just like the NSA issues before Snowden, no one is going to realize or admit these things until they stare them in the face. The irony is that the main reason people won't is because of the much larger than realized mass propaganda efforts (including the efforts described in this latest documentation) which keep a large enough of percentage of the populous distracted, apathetic, afraid, or even complicit enough to render any real opposition power null and void.

The main issue I have been debating for the past few years is: "Should we be going underground subversive now, or should we make one last stand?" Either way, I fear freedom will be a long lost memory until the days that people can travel in space freely, if we don't destroy the planet and the species by then.

As cliched as it is, the rabbit hole is not only deeper than most realize, but it's actually really uncomfortable to explore. (especially when you have a hand in the game, like many on HN)


More foil hat nutter stuff that is turning out to be quite real...


If you RTFA, calling out someone was a tin foil hatter is one of their techniques.


Honest question: is it poor logic or not that I tend to believe these slides are truly from the government they are supposed to be from based solely on how large of an eyesore the design is?

However, surely by now people like Glen Greenwald have heard such feedback so if someone from the other side of the aisle wanted to reverse false flag they would just use atrocious designs.

However, now the govt. has read THIS, so I clearly cannot choose the cup in front of me...


One would think that if the documents were fabrications, they would be dismissed as such by the people and organizations that they indict.

I mean, I could fabricate documents that detail how the moon landing was faked, but I would be called out on my fabrication immediately. In this case however the only people floating the "the documents are fake" theory are third parties with no unique insight into the allegations, notably not the accused.


That's not really true b/c even leaked to the public top secret documents remain top secret in government circles. It's why government employees are specifically told not to seek out wikileaks or snowden documents - you can't gain "legitimate" access to those documents through the public.

Unless through all the noise I've missed where the govt. has said this or that document in particular is in fact genuine. I'm not saying it hasn't happened but I haven't seen it. Even acknowledgement of a program (PRISM, for example) isn't acknowledgement of PRISM slide #4, although it does make it's authenticity more likely than not.


Counterintelligence people are still allowed to look at the leaked documents, and (through the proper channels) make statements about them. It's the rank-and-file people who aren't supposed to look at this stuff, and that's mainly to avoid two things:

1) Disclosing additional information, or inadvertently attesting to the validity of documents. (obvious attack: release two plausible contradictory "top secret" documents" which cover the whole space you care about; when people discredit one, you have strong evidence of the latter.)

2) Complicating later CI investigations -- if MAJ Snuffy has downloaded wikileaks docs onto his personal laptop, and a scan finds a bunch of TS/NOFORNicate documents on it (heh), it will be a false positive. If SSG Evil wants to exfiltrate documents, she can just fill a laptop with wikileaks stuff and her own documents and then, if caught, claim it was just wikileaks downloads.

But CI investigators are allowed to touch this stuff. Just like some FBI people see child porn all the time (which has to be one of the shittiest jobs in infosec).


Yeah, I'm not talking about random DoD employees calling out the documents as fabrications on Reddit...

My point is that although the government has not officially declared the documents to be authentic, their failure to merely laugh them off as obvious fakes created by a kook is more than telling.


> My point is that although the government has not officially declared the documents to be authentic, their failure to merely laugh them off as obvious fakes created by a kook is more than telling.

Um. It's ridiculously bad PR to respond to every such claim. The best possible scenario is that a couple people will take your word for it. Most people will instead just take such a response as a legitimization of the criticism. You might be particularly credulous and accept the government's say-so, but I wouldn't.


> "Um. It's ridiculously bad PR to respond to every such claim."

There have been responses, just no accusations of fabrication....


You say "the only parties" claiming these are fake as if there isn't the third option of being in a holding pattern until more can be determined as to the authenticity of the documents, or not. But that's what I'd do if I were in the govt's place - not immediately say one way or another and actually think about how wrong that could go.


Except they are not in a holding pattern. Rather they are trying to justify everything. If these were really fake, it would not be taking this long for us to hear about it. If these documents being fakes is really your theory, then you are delusional.


If you think the slides are bad now, try digesting them on government coffee.


I assume he is depending on the provenance marker that these are part of a big pile of documents provided by Snowden.


just so we're clear, what is the provenance marker specifically in these slides?

I'm seeing .pngs when I click the slides where, if I was thinking there's a proveable origin, it would be a digitally signed pdf or something like what the GPO (government printing office) uses, but for secret things of course...


That Snowden handed it to you is the provenance marker. He claims to have jacked a whole bunch of shit from NSA, and has given no one particular reason to doubt him. If this is one file on media which he handed GG back in May 2013, GG has good reason to believe it was in fact jacked from NSA by Snowden.

Falsification would be a lot more likely if anyone handed you docs after Snowden went public, but before it was public, it was either a set up (by Snowden), or pretty strongly authenticated.

The arrow of time cannot be defeated.


I'm talking about from MY or YOUR perspective. Let's first set up the stage:

-Snowden hands you paper/digital files, possibly with no trail that you can verify (besides govt. acknowledgment of any specific document)

- You (likely) immediately make (many) digital copies, this is a trail others can verify later - like with an md5 sum or something (not my forte, obviously).

- Before you assist with releasing the whole cache and risk another wikileaks-style attack for not being more sensitive to the content in each document, you start the long process of reviewing each document.

- You find acceptable publications

- You publish the documents from step 2 (which have a digital trail to verify they were handed to GG from Snowden at the time they say they were)

That last step hasn't happened as far as I know, we're getting pictures of documents...


From what Schneier and others have published, the documents are being handled in an offline "data room" way. You do have to trust both Snowden and some subset of {Greenwald, Poitras, Unindicted co-conspirators in Berlin}, but I don't see any particular reason not to do so in this case.


I'll hold off until I learn more about the way they've set that up then. Surely, they've been transparent about it and haven't just said "we do it in an offline data room way."

I could google but if you wouldn't mind linking anything you might have offhand in that regard, I'd appreciate it.



"never directly connect it to the Internet again"

but not, "never directly connect it to the Internet"? Seems odd to me since you can use the same air-gap to configure the computer for your needs in the first place instead of turning a networked computer into an air-gapped one.

"But for Windows full-disk encryption it's that..."

But not an open-source operating system with access to the exact same security solutions? Why isn't using Tails or other Linux something that's at a minimum instead of a "you could if you like".

No mention of better air-gapping the computer by keeping modules attached to the motherboard to a minimum (usb cd-drives, removable 3.5" media readers).

Overall: I am by no means a security expert, but as a lawyer who has to do due diligence on cloud providers (most fail as far as what they advertise or in being truly eligible), I would consider his described setup as very weak if the motive that makes you consider air-gapping in the first place is your first priority. It seems more like his second or third priority...


1) It's a huge pain to set up a single Windows system for offline updates now.

2) My opinion of Schneier's technical competence, at least on a tactical level, is not actually (nor has it ever been) particularly high. He's a Windows guy, and "management level". He is a good politician and spokesperson. He's still good enough for this particular thing, and much better at the human side, and essentially famous/rich enough to be immune from legal action as long as he's careful, and well known to people like GG. So, a good choice.


"He's a Windows guy" simply does not sit well with me in that scenario. What does it say that he can't be either inconvenienced or convinced by Greenwald or convinced by the very documents he's examining or recognize in the process of writing his post to take more precaution.

It's like he's trying to air-gap in the way that I try a tomato every 7 years to see if my taste buds have changed. They haven't, so I'll stick to what tastes good. But if a famine overtakes the world and tomatoes are somehow part of a new staple diet, I'll allow myself to be inconvenienced if it means that much to my survival.


Uh, Greenwald is even more of an idiot technically by orders of magnitude.


I think we should make a new list of laws. Basically, a list of laws that still apply to the US Government. The "does not apply" list is getting a little top-heavy.



So, besides tptacek who are the other astroturf accounts used to infiltrate and manipulate HN?


There is no source or link to the actual slides. They might be authentic but this site might also be doing the very thing they claim the agencies are doing. Its essentially a blog with some slides with "top secret" written all over it with damning information.

No source, no link, nothing.



A slideshow does not an original document make.


Please see my discussion below b/c I agree. We deserve more than .pngs of these slides.


metabunk.org . nuff said


If you want to look for examples of companies in the US and elsewhere engaging in activities mentioned in this article against political dissidents, look no further than the HB Gary email leak of years back. I referenced such works here[0] after Obama's announcement of NSA 'reforms' that hinted at offloading more sensitive data to private companies.

I would like to bring the attention of people who read this article back to the tactics such as the real-time spying on Wikileaks viewers. Tactics discussed by the likes of HB Gary's Aaron Barr like going after activists by their families and careers, or the US Chamber of Commerce's interest in such work.

There is a profound amount of moral hazards here that companies are wading deep into for cash and possible immunity such as what AT&T was granted.

[0] https://news.ycombinator.com/item?id=7078402


Do note that those emails were all talk. Other than the failed attempt to expose the "leadership" of Anonymous, none of Barr's big plans were even tried, let alone successfully carried out. His own employees (all two of them) mocked him and refused to participate. Aaron Barr was one guy, dealing with a failed marriage and a failing company, and he just lost the plot there for a bit.


Since this appears to be the basis of the notion that Palantir is a branch of the NSA: the one Palantir person known to have been involved was a 27 year old sales engineer who was subsequently terminated from the company and rehired after the legal investigation Palantir launched on itself for coming within a mile of Aaron Barr cleared him. (This is based on reporting of what happened, not any kind of firsthand knowledge about Palantir, of which I have none).


Ok, so we had one small email leak, and 2 gung-ho morons trying to do this really bad idea in order to make a name for themselves.

If we leaked more emails from inside the NSA, how many more gung-ho morons would there be pushing the envelope to make a name for themselves?

You've gotta get ahead somehow. Make some waves, you know?


Palantir is not a branch of the NSA, they are backed by the CIA[0].

[0] http://finance.yahoo.com/news/cia-backed-palantir-technologi...


So was Decru. I suppose storage encryption is also a CIA plot. So was FireEye. I suppose killing zero-day is also a CIA plot. So was Inktomi. I suppose caching web traffic, &c &c.

I could go on, if you like. In-Q-Tel has backed a lot of stuff.


In-Q-Tel is an interesting company. They've invested in Google (OSINT), and Keyhole (GEOINT/IMINT). Google went on to acquire Keyhole, to create Google Earth [1].

[1] http://www.wired.com/dangerroom/2010/07/exclusive-google-cia...


I hear this DARPA thing has been pretty active in sponsoring some stuff as well that's hit the commercial sector.


Nice to tptacek is still alive and kicking. I kinda missed him.


23 skidoo!


Why did you make like light of Michael Hasting's death then denigrate Barrett Brown[0] after irrelevantly bringing up Monsanto and Nickelback[1] in that thread 36 days ago instead of discussing the topic (or not engaging) like a reasonable person?

You could of had the advantage of people not knowing more about this type of work enlisted by governments/carried out by for-profit concerns, instead you choose to be highly corrosive in an attempt to elicit some reaction.

But by golly here you are again doing the same. So while your attention is clearly engaged upon me, could you answer the question above?

[0] https://news.ycombinator.com/item?id=7084938

[1] https://news.ycombinator.com/item?id=7082094


Because Michael Hastings was killed for his unpublished work on chemtrails, not the reporting he'd done on CIA, and Barrett Brown is no hero: he's out to immanentize the eschaton! Hail Eris!

If you're going to write a conspiracy theory for us, "streetnigga", at least do it with some style. Throw an "Ewige Blumenkraft" or two in there.


I am torn between wanting to up vote this comment in honor of Wilson and other associated Popes and wanting to down vote it because it contributes nothing and distracts from the various crimes highlighted in the article.

Have Karl Koch and a downvote: http://en.wikipedia.org/wiki/Karl_Koch_(hacker)


How many drinks have you had this evening?


Zero, but thanks for putting the idea in my head. :)

I have a very hard time taking people who believe in the Michael Hastings conspiracy seriously, and that's just one of the goofy conspiracy theories the parent commenter has promoted on HN.


Happy to help. This is Free Liquor Week (aka RSA), but you're probably wise enough to avoid it.

I agree the most likely situation with Hastings was he had personal issues, but maybe got spooked by someone calling him or otherwise being threatening, and crashed his car. After writing some pretty good articles. And Barrett Brown has some serious issues as well, although (like aaronsw and weev, and manning's pre-trial detention conditions) the way the legal system is being used is itself unconscionable.

I still think "punch up" applies.


I would rather eat a live wriggling cockroach than attend RSA or, for that matter, be in the same city as RSA.

I don't understand where you're even coming from regarding Hastings. He had a history of abusing drugs and alcohol. His car crashed. A bunch of Internet conspiracy theorists decided that crashed cars don't burst into flames the way video showed Hastings car had, even as other Internet people, including (here on HN) an EMT, pointed out that they actually do exactly that surprisingly often; some even presented videos. The LA Coroner released a report that pointed out Hastings had amphetamines and cannabis in his system when his car crashed.

From where, exactly, do you get the notion that he received a threatening phone call? Is there any evidence anywhere at all that that ever happened, or does it just make for a good story?


I just meant he might have been driving even worse than usual due to (founded or unfounded paranoia). Or meth. Or both.

(I recall reading somewhere that he was convinced someone was monitoring him. But I suspect occam's razor in this case was being used to cut up lines.)


Well played.

Also: are you seriously telling me you haven't read Robert Anton Wilson? You seem like, I don't know, the type.


I have, although not in the past ~10 years -- I think I read the Illuminatus trilogy in ~3 days at the MIT SFS library; I haven't read Schroedinger's Cat. I often get two of my favorite characters (Celine and Danneskjold) mixed up, though.


So, you've spent enough effort studying the details of the Michael Hastings case that you can actually conclude the conspiracy angle is so outlandish that it can even be used as a reliable indicator of a broken general reasoning process? That is a mighty strong claim, and I'm surprised that the quality of evidence is high enough to support it and that you were so interested in it.

I haven't, and don't really have feelings on the case either way - it seems inactionable and thus uninteresting. But it seems to me that the reasonable uninvolved opinion should be to treat views on Michael Hastings's death as unindicative of much else at all.


Hastings died in a car crash. Hastings was a journalist who had covered national security topics. Therefore, Hastings was killed by the US government.

That is the entirety of the Hastings conspiracy theory, which the commenter leading this thread has promoted on HN in the past.


No it isn't, your syllogism is a straw man. Hastings died under what are commonly known as "suspicious circumstances", which you omit in your rush to denigrate. A more accurate summary:

Hastings was a journalist who had covered "national security" topics. Hastings sent the following email:

"Hey (redacted names) -- the Feds are interviewing my "close friends and associates." Perhaps if the authorities arrive "BuzzFeed GQ," er HQ, may be wise to immediately request legal counsel before any conversations or interviews about our news-gathering practices or related journalism issues. Also: I'm onto a big story, and need to go off the rada[r] for a bit. All the best, and hope to see you all soon. Michael"

Hasting died 14 hours later at 4:20 AM when his speeding car veered into one of the many trees lining the road. There were no skidmarks, suggesting that the vehicle was under control. Nobody knows why he was driving at that time.

It's hardly ironclad proof of a conspiracy, but you are not contributing to the discussion.


You are the one that brought up conspiracy in reference to Hastings[0]. Stop lying as if I was the one to inject it into the topic of spying. This disinformation bull your are pulling is seriously detrimental to any possible discussion.

To everyone not tptacek: Look at my comments, none suggest Hastings died due to tptacek suggested conspiracy.

[0] https://news.ycombinator.com/item?id=7294895


How much have you studied leprechauns? Do you feel qualified to comment on them? What would you think of me if I insisted that leprechauns were behind all the major world events of the last decade?

There are lots of things we can't prove or disprove, and it's good to acknowledge that. But that doesn't make ideas based on huge logical leaps and not much evidence reasonable. It's possible (in the sense of not impossible) that leprechauns are real and do manipulate human history, but the reasons anyone would think so right now are so paltry that even if it did somehow turn out to be the case, the people who supported the theory right now would still not seem any more credible than a broken clock.


I would honestly be interested in the first 0.5-10 minutes of your leprechaun theory (depending on beer consumption, and if I'd heard similar things before), then I would try to change the subject and hope that there was more to you. And the same would apply if you were to go on a rant about how people who take joy in the idea of leprechauns are positively stupid.

It's not that true/false are equally credible, it's that assertion of either one starts off utterly non-credible. Extraordinary claims require extraordinary evidence and all that. This applies to proving the existence of leprechauns. But it also applies to positively disproving the existence of (a specific definition of) leprechauns, especially with the goal of using that result to imply something else.

Insisting the definitiveness of either take on a middleground is akin to rooting for sports teams (not that that isn't fun, but don't think you're helping spread truth).


You are the one that brought up his death as if it was a conspiracy[0] in response to my linking[1] of one Hasting's reports on spying[2]. No one asked you to believe in a conspiracy. You deflected from the original topic of spying with it, and continue to do so by stating I was the one that promoted it.

Retract your outright fallacy.

[0] https://news.ycombinator.com/item?id=7084938

[1] https://news.ycombinator.com/item?id=7083406

[2] http://www.buzzfeed.com/mhastings/why-democrats-love-to-spy-...


Hey, cool! That's exactly the kind of behavior that GCHQ is bragging about to their partners.

That's even better than Tang from the space program!


One wonders if Glenn's persistence in reporting this issue is due to being targeted by NSA contractors like Palantir, regarding Palantir's work against US activists. A "Spotlight" as the email says: http://1.bp.blogspot.com/-2LJZSZknE-I/TVpg4sNeUHI/AAAAAAAAC6... Via street nigga's thread.


Someone will be along shortly to tell us all that Palantir would rather everybody just forget about their dalliance there.


Exactly what is Palantir --- specifically Palantir, not nutball HBGaryFederal head Aaron Barr --- accused of doing unlawfully or unethically in this "dalliance"? Collecting public information for law firms isn't unethical.

Having one of your 27-year-old SEs eagerly working alongside Barr to move a deal forward has bad optics. But believing that Glenn Greenwald should be thwarted is an opinion that, while obviously objectionable on HN, not actually unethical.


Thwarting a journalist from reporting by targeting him and his career, not actually unethical according to tptacek.


Could you explain exactly how Palantir is accused of attempting to unethically damage Glenn Greenwald's career? In more detail than "one of their SEs was in an email thread with Aaron Barr"? Because what you just wrote is a straw-man version of my comment.


I'm sorry but I am responding to this:

"believing that Glenn Greenwald should be thwarted is an opinion that, while obviously objectionable on HN, not actually unethical."

Are you trying to say that an employee for NSA contractor Palantir discussing targeting a journalist because of his work on a topic is separate from the employee's beliefs, therefore is not actually unethical?

How exactly did the journalist, or his career get brought up in a conversation between federal contractors about solicitation for work again? Was it to talk about of the reports they liked from him?


Here is a reason one might ethically believe Greenwald should be thwarted: because they believe that Greenwald is deeply dishonest, making up details about stories in order to fill in the gaps of his narrative and reporting them as if they were facts, so that half the Internet now believes that Google, the one big Internet company known to have actually invested real resources in opposing dragnet surveillance, is instead in league with the NSA, and instead of using Google Mail we should all support incompetent kooks like Ladar Levison.

Now, some important caveats:

(1) It is obviously possible to unethically thwart any writer's agenda. Publishing things you know to be untrue, even in the service of what you believe is a higher truth, is unethical; it's exactly what someone might accuse Greenwald of having done. For that matter, invading Greenwald's privacy by, I don't know, stealing his bank records would also be deeply unethical. But Palantir hasn't been accused of either of these, or, for that matter, anything else unethical w/r/t Greenwald. Feel free to enlighten me here.

(2) If you can't tell, I'm not a major Greenwald fan. Having said that, I also believe the best antidote for bad speech is good speech, so orchestrating a campaign to suppress him doesn't seem like a good strategy to me. It apparently sounded like a good idea to one of Palantir's SEs, which ended up getting the guy fired.


While many misinterpret the the facts, there's a kernel of truth in those discussions that you gloss over.

GMail is not secure against the NSA or even a state judge's warrant. That has numerous advantages for society but regardless it's not and never will be secure against government orders. That's never been its design. Levinson's service was secure against them for certain clients.

The reason the anti-NSA crowd is intrigued by him is the same reason sources told their secrets to Bob Woodward. He proved willing to protect Deep Throat's identity despite immense effort to out it. Similarly Levinson was willing to risk his business and contempt proceedings to protect Snowden.


Am I reading this comment correctly? Is this a comment that argues that Lavabit, which "encrypted" mails serverside and didn't even have forward secrecy enabled in its TLS configuration, was more secure than Google Mail?


I'd assume not since your reply misses the point.

The government's wiretap order and the subsequent contempt proceedings suggests that despite the technical problems of Lavabit, the government did not get the data they sought. Had Snowden used GMail, do you believe the government would have received the information they sought?

This isn't security in the sense you'd use it in an audit. It's just a design decision. In the vernacular, designs that permit the release of private information are sometimes called insecure.


Lavabit was just as susceptible to a state warrant though. That's why Levison had to shut it down (despite having no objection with complying with other warrants previously).


Here is a reason one might ethically believe Greenwald should be thwarted: because they believe that Greenwald is deeply dishonest, making up details about stories in order to fill in the gaps of his narrative and reporting them as if they were facts

Weren't the people trying to (order people to) thwart him in the best position to know whether details were actually made up?


You seem to think the US warrant process hasn't been made subservient to enabling dragnet surveillance.

Unless a service enables you to put your data really truly out of reach of any demand for it, those NSA slides about which companies are part of the Prism program are probably an accurate list of companies enabling dragnet surveillance.


No, I am not assuming that.


Decoys, diversions, repetition, statistics, mimic, story fragments, baiting, ruses, exploits, feigned incompetence, gaming rankings, creating bottlenecks, disruption, infiltration, plausible denials, leaks, honey traps, spoofing, fake victim, fake rescue, competitor surveillance...

All of these are standard practise in business. Any business that doesn't do them get demolished or taken over by one that does.

And any person who doesn't do them gets knifed by one who does, not only in business but also in open source software so I've found out. Perhaps the NSA/GCHQ have simply been taken over by business people.


You are working for the wrong companies.




Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: