And here’s the timeline on how the South China Sea Cyber War happened:
The Diplomat reported in May that Chinese hackers, egged on by bombastic official statements on both sides, attacked the University of the Philippines’ website, leading to retaliation from Filipino hackers in the form of vandalism on Chinese websites. Back and forth attacks continued through May 11 with bilateral calls for sensibility going unheeded. In the Philippines’ case, President Aquino’s deputy spokesperson Abigain Valte, The Philippines’ Department of Science Technology and Information, and the Communications Technology Office all condemned the attacks and called for their end.
As a chart created by Hackmageddon.com shows (above), Philippine hacker organizations such as “PrivateX” and “Anonymous #OccupyPhilippines” carried out attacks on Chinese government infrastructure, while Chinese hackers defaced Philippine newspapers, conducted DDOS attacks and stole and published passwords of Philippine government administrators.
Call of Duty: Black Ops II will apparently feature Anonymous as enemy terrorists, hinting at as much in two promotional videos released this week. Kotaku reports:
A series of documentary style clips tackle different elements of technology and warfare; in two of them, the Guy Fawkes mask appears on screen.
In a clip titled “Synopsis”, Oliver North talks about his nightmare scenario, and when he says, “The enemy could be anywhere, and it could be anyone,” an individual wearing a Guy Fawkes appears on screen. I don’t worry about the guy who wants to hijack a plane,” North continues. “I worry about the guy who wants to hijack all the planes.”
In another clip, titled “When the Enemy Steals the Keys,” the Guy Fawkes mask pops up again. The footage is slightly different — it’s tighter, more of a close-up.
“You know, if there are guys out there who are smart enough to hack into our banks and people’s personal information, then certainly, eventually, there’s gonna be someone who’s smart enough to hack into our aircraft,” drone pilot Major Hercules Christopher says in the clip. “If you can hack a bank, you can hack a drone.”
The moment the pilot says “gonna be someone who’s smart enough”, the Guy Fawkes mask once again appears on screen, seeming to insinuate indirectly that Anonymous members are going to be smart enough to hack drones — or even want to. Once again, the Guy Fawkes mask is cast as the enemy.
We assume Vivendi has already anticipated, and adjusted for, the massive drop in sales that may result from so unimaginatively and dully vilifying their player base, and that they have secured their corporate servers from any objections that may arise to such ham-handed misrepresentation.
More troubling than the Fawkes iconography is the blithe use of known war criminal Oliver North as a spokesman for “peace” and “freedom”. The Kotaku commentors have this one in the bag:
May 2, 2012 at 10:39 PM
Was this the same Oliver North who sold guns to Iran to finance the actions of the Contra rebels in Nicaragua? The ones who regularly killed and tortured civilians?
The enemy could be anywhere, and he could be anyone, he says…
Activision: Lets hire a real-life convicted felon who caused multiple deaths to tell the general public that the real terrorists is a hacktivist group responsible for exposing government corruption.
Great Job, Activision. Alienating your customer base
37) [What I find attractive] A nerdy/geeky type with a cute face, a sense of humor that will put him in hell, knows what he’s doing and doesn’t give a flying fuck about what anyone says of it; confidence.
15) [Turn Ons] Not way too taller than me and they must be able to work me in the right way which isn’t too hard. As long as you’re able to last for half and hour in bed, you’re fine with me… in bed.
Anonymous asked: Do you consider a hookup as only having sex? Or is just fooling around considered hooking up as well?
My personal definition of hooking up is getting together for a sexual encounter. For me fooling around is just another synonym for flirting. Though I’m not some trick who just like to fuck/get fucked, I like to get to know the people I have sex with and I’m open to an LTR if/when the opportunity arises.
I’ve had worse, if you’re asking about my last one. But the worst had to been at 17, friend hooked me up with someone from either ElCo or South City High, turns out he was just an indecisive attention whore with a micropenis, not to say that having a micropenis is bad, just the attention whore part is.
WikiLeaks Uncovers Homeland Security Report on Occupy Movement
The transparency organization WikiLeaks has published an assessment report from the Homeland Security Department (DHS) on the Occupy movement that was put together in October of last year. The assessment was attached to a Stratfor email, one of five million or so emails the organization obtained and has been releasing since February 27.
The release of the report is timely, as it is being released just as Occupy supporters are mobilizing for demonstrations against the suppression of the Occupy movement by law enforcement and political leaders in the United States.
Put together by the Office of Infrastructure Protection under DHS, the report seems to have put together with the following presumption in mind, which appears in bold at the top of the report:
“Mass gatherings associated with public protest movements can have disruptive effects on transportation, commercial, and government services, especially when staged in major metropolitan areas. Large scale demonstrations also carry the potential for violence, presenting a significant challenge for law enforcement.”
The report proceeds to break down the risks and threats the Occupy movement poses to “critical infrastructure” by looking at their “impacts” on financial services, commercial facilities, transportation, emergency services and government facilities. The breakdown relied on news reports from sources like the New York Daily News, CBS, Associated Press, CNN, Chicago Tribune, Reuters, New York Times, Boston Globe, etc.
In the report’s summary, DHS concluded:
“The growing support for the OWS movement has expanded the protests’ impact and increased the potential for violence. While the peaceful nature of the protests has served so far to mitigate their impact, larger numbers and support from groups such as Anonymous substantially increase the risk for potential incidents and enhance the potential security risk to critical infrastructure (CI). The continued expansion of these protests also places an increasingly heavy burden on law enforcement and movement organizers to control protesters. As the primary target of the demonstrations, financial services stands the sector most impacted by the OWS protests. Due to the location of the protests in major metropolitan areas, heightened and continuous situational awareness for security personnel across all CI sectors is encouraged.”
Much like the threat government officials might allege WikiLeaks releases pose to national security, the threat is, for the most part, hype. Though the protests had been “peaceful,” Homeland Security determined that the fact that more and more citizens were turning out to support the cause of Occupy posed a possible threat to critical infrastructure and public order. The presence of supporters of Anonymous, which the FBI has been investigating, led Homeland Security to believe “potential incidents” or “potential security risks” could transpire. But, while Anonymous has claimed responsibility for cyber attacks, it has absolutely no history of violence in the world of non-virtual reality.
Abine - A Firefox / Internet Explorer plugin that blocks third party advertising networks, manages HTTP, DOM, and Flash cookies, and securely manages site logins. Currently in private beta, but invites aren’t hard to get. Abine Privacy Suite
Anonymouse - A Web search portal hosted on an island off the coast of Somalia. This PET seemingly allows you to access any webpage without leaving a trace. (I tried MSN.com and found that Ghostery detected no web bugs.) Anonymouse
aTube Catcher - Download videos and watch anytime and without needing to be online and thus frustrate tracking and monitoring aTube
BetterPrivacy Firefox Plug In - Add on for Firefox that creates “super-cookie blocker,” including flash cookies and most DOM storage objects. BetterPrivacy
BleachBit - BleachBit quickly frees disk space, removes hidden junk, and easily guards your privacy. Designed for Linux and Windows systems, it wipes clean 70 applications including Firefox, Internet Explorer, Flash, Google Chrome, Opera, Safari, Adobe Reader, APT, and more. BleachBit
BugMeNot - Bypass many webpages requiring free registration with the click of a button. BugMeNot
CCleaner - application for Windows. Analyzes and facilitates deletion of various items of data stored on your PC, including state management cookies (HTTP, flash and other), cached temporary Internet files, etc. CCleaner
Certificate Patrol - Firefox plugin that saves SSL certificates of pages when encountered to act like SSH’s “known_keys” feature and alarm the user when the presented certificate is different from the usual one .
Darik’s Boot and Nuke (DBN) - Free self-contained boot disk that securely and completely deletes the contents of any hard disk that it can detect. DBN
Diaspora - the privacy aware, personally controlled, do-it-all distributed open source social network Diaspora
Documents over HTTPS - View online documents over HTTPS, just enter web link after = GoogleDocs Alternatively upload document or enter URL through Zoho ViewerNote: ixquick and google search results do not provide direct links to view documents over https.
Eraser - Secure data removal tool for Windows. (Open Source) Eraser
FireGPG - FireGPG is a Firefox add-on which brings an interface to encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG. FireGPG
Freenet - Decentralized, censorship-resistant distributed data store which aims to provide freedom of speech through a peer-to-peer network with strong protection of anonymity. Freenet works by pooling the contributed bandwidth and storage space of member computers to allow users to anonymously publish or retrieve various kinds of information. Freenet
GoogleSharing - A system for anonymizing requests to Google services which don’t require a login. Consists of both a Firefox Addon and a free proxy. GoogleSharing
Hosts file domain blocking - A slightly technical (but very easy) procedure that provides you nearly complete invisibility from all data aggregation engines of your choosing. The principle behind the technique is simple: you use your own computer’s local domain name information repository (known as the hosts file) to associate a privacy-infringing domain (ie, doubleclick.net) with an incorrect IP address - usually your own. See the following link for more details and resources, including a pre-made hosts file that takes care of most of the technical details for you. MVPS.org
HTTPs Everywhere - A Firefox plugin that defaults supporting websites to HTTPs. HTTPs Everywhere
I2P - Mixed-license free and open source project to build an anonymous network that other applications can use to anonymously and securely send messages to each other. Uses include anonymous surfing, chatting, blogging and file transfers. I2P
IPREDator - “IPREDator is a network service that makes people online more anonymous using a VPN.” (Note: This service appears to involve a monthly fee. Added: it costs 50SEK/month - roughly $10) IPREDator
Internet Privacy Forum - Reports on what a website can know about you just by visiting it. IPF
Internet Proxy - Free internet web based proxy. Conceals your IP address from visited sites. Internet Proxy
Ixquick - Metasearch engine that returns the top ten results from multiple search engines. Can be used over encrypted SSL/HTTPS and has a facility to view search results via it’s SSL/HTTPS proxy option. Ixquick was the first search engine to delete private details of its users—IP addresses and other personal information are deleted within 48 hours of a search. Ixquick also does not share its users’ personal information with other search engines or with the provider of its sponsored results. IxquickNote: View docs over HTTPS Zoho Viewer or GoogleDocs
JonDoNym - German-based software that encrypts and mixes Internet communications to render them anonymous. Fee based and slower free services available JonDoNym
KeePass Password Safe - Open source password manager. KeePass Linux version KeepassX
MelonCard - Removes you from a vast number of people search and people lookup websites (e.g. RapLeaf, MyLife, Spokeo) for free. MelonCard automates the process of removing yourself from these websites, sending forms, letters, and faxes on your behalf. The basic level of service is free with an option to upgrade for additional opt-outs (e.g. Intelius and ZabaSearch) and monitoring for your information. MelonCard
Mixmaster - Type II anonymous remailer which sends messages in fixed-size packets and reorders them, preventing anyone watching the messages go in and out of remailers from tracing them. Mixmaster
MyTube - A free script for website designers intending to use embedded videos, which is designed to prevent cookies from being sent to external sites or advertising networks unless the embedded video is actually played. MyTube
NoScript - Firefox add on that protects against certain types of web hacks. NoScript
OptimizeGoogle - Firefox add-on to enhance Google search results, remove click-tracking, ads, spam, enable Google over https options and more. OptimizeGoogle
Password Generators (online) - Ultra High Security Password Generator GRC. Plus online password generators/hashers, using Master Keys that when remembered can be used to recover forgotten passwords! Password HasherPwdHashPassword Chart
Panopticlick - A tool for measuring how rare/unique a browser configuration is. Rare configurations may function as fingerprints that allow websites to track the browser even if the user limits or deletes cookies Panopticlick.
Peer Block - PeerBlock lets you control who your computer “talks to” on the Internet. You can block communication with advertising or spyware oriented servers, p2p activity monitors, even entire countries! They can’t get in to your computer, and your computer won’t try to send them anything either. Best of all, it’s free! Peer Block
pidder - A host-proof service that lets you build an encrypted, private social network where you stay in control what data you wish to share and with whom. Includes encrypted messaging and password management. Free Base Edition. pidder
Privacy Bird - Free software designed to automatically read full P3P privacy policies of websites and compare them to your personal privacy preferences, providing warning messages when a site’s policies do not match your own. Privacy Bird
PrivacyBox - The PrivacyBox provides primarily for journalists, bloggers and other publishers the possibility to offer non-tracked (and also anonymous) contact forms. privacybox.de
PrivacyChoice Opt-out - Gathers opt-out cookies from over 150 ad companies, with an optional Firefox add-on to preserve and automatically update preferences. Opt-out from all companies or opt-out selectively based on industry certifications and policy terms. PrivacyChoice Opt-out
PrivacyFinder - Privacy-enhanced search engine allowing users to state privacy preferences and order search results based on how sites’ computer-readable privacy policies comply. PrivacyFinder
Privatix Live-System - Free portable encrypted system on an usb flash drive or an external hard drive for safe editing and carrying along of sensitive data, for encrypted communication and anonymous web surfing. Privatix
Privoxy - Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks. Privoxy
Qubes - Open source operating system designed to provide strong security for desktop computing. (Under development) Qubes
RefControl - Control what gets sent as the HTTP Referer on a per-site basis. RefControl
RetroShare - Open Source cross-platform, private and secure decentralised communication platform. It lets you to securely chat and share files with your friends and family, using a web-of-trust to authenticate peers and OpenSSL to encrypt all communication. RetroShare
Scroogle.org - A service that functions as a search-engine proxy, taking your queries, passing them to google, and returning the results to you without ever passing along any identifying information. The service claims to scrub its own logs after 48 hours. Scroogle
Seeks - Open and social websearch infrastructure featuring anonymous nodes and proxies based on Privoxy. Seeks
SpoofStick - An explorer and Firefox plug in that helps detect phishing attacks. SpoofStick
Stealthier - A great new Firefox add on that can pause most online tracking activities. Stealthier
Swipe Toolkit - The Swipe Toolkit from Turbulence.org features several elegant tools to educate users on what personal information is collected about them and how it is used. There is a tool that decodes your license info and another that calculate the value of your PII. Swipe
TAILS: The (Amnesic) Incognito Live System - The (Amnesic) Incognito Live System (Live CD, Live USB) is aimed at preserving your privacy and anonymity, all outgoing connections to the Internet are forced to go through the Tor network, no trace is left on local storage devices unless explicitly asked. TAILS
Tor - Free software implementation of second-generation onion routing, a system enabling its users to communicate anonymously on the Internet. Tor
TrackerScan - Available as a Firefox extension or a bookmarklet (no download required), TrackerScan shows you ad companies present on any webpage, with summaries of key privacy policies, industry certifications, and opt-outs. TrackerScan
TrackMeNot - Browser extension that helps protect web searchers from surveillance and data-profiling by search engines. Hides users’ actual search trails in a cloud of ‘ghost’ queries, using noise and obfuscation to significantly increase the difficulty of aggregating such data into accurate or identifying user profiles. TrackMeNot
TrueCrypt - Free, open-source disk encryption software for Windows Vista/XP, Mac OS X, and Linux. Encryption is automatic, on-the-fly, and transparent. TrueCrypt
User Agent Switcher - The User Agent Switcher extension adds a menu and a toolbar button to switch the user agent of the browser. User Agent Switcher.
Vanish - Enhancing the Privacy of the Web with Self-Destructing Data (Under development) Proof of concept under development Vanish
Vuze - Browser plug-in designed to reveal network management practices. Vuze
Web of Trust - Firefox add on that warns users of risky websites. WOT
WhatApp.org - Website that reviews apps for privacy and security. WhatApp?
Wikileaks - Website that allows for the anonymous posting of documents. Wikileaks
Yauba Privacy Safe Search Engine - World’s first Privacy Safe Search engine, with no cookies, no storage of personal data, and built in anonymising proxy for private surfing of third party websites. Yauba is the only search engine in the world that offers this level of privacy protection. Yauba’s searches across multiple categories of filetypes including websites, videos, image files, social networks, pdf files, powerpoint files, word files, and more. Yauba
There are also a variety of resources describing or otherwise devoted to privacy enhancing technology. Please add your favorite.
Berkman Center - Harvard’s Berkman Center has put together this comprehensive report on the state of technologies that circumvent government monitored Internet connections. Circumvention Landscape Report
CDT - The Center for Democracy and Technology describes the role of PETs. CDT
EPIC - The Electronic Privacy Information Center has a very good list of PETs, not all of which appear above. EPIC
ICO - UK Information Commissioner’s Office discussion of PETs. ICO
PET Awards - Annual award through IPC of Ontario and Microsoft for best privacy enhancing technology. PET Awards
PRC - Privacy Rights Clearinghouse has assembled a list of info brokers and instructions on how to opt out of their activities. Opt Out List
Privacy Resources - Consultant Marcus Zillman has assembled a variety of privacy resources, including PETs. Privacy Resources
PrivacyChoice Index of Tracking Companies - A comprehensive index of companies involved in user tracking, including key privacy policies, industry certifications, tracking methodologies and opt-out specifications. Look up by company name or tracking domain. PrivacyChoice Index
Radialpoint.net - User community around protecting yourself and your computer from spyware, viruses, and fraud. Radialpoint
SSD - The Electronic Frontier Foundation has assembled resources around “Surveillance Self Defense,” including defensive technology. Surveillance Self Defense
Surfing Anonymously - A blog about surfing anonymously on the interner. It covers legal, technical, political discussion on how to protect your anonymity online Surfing Anonymously
“Responding to the violent police treatment of protesters during Occupy Oakland (video below), AntiSec supporters have leaked what appears to be the usernames, passwords, and email addresses of two city employees, while exposing a CMS that manages part of the City of Oakland’s website.
The data leaked by AntiSec supporters - along with a single statement of, “Problem #Oakland authorities? F—- you!” - contains a sample database record, and images taken from the admin area of the Senior Access Guide for Empowerment (SAGE) portal used by Oakland’s Department of Human Services (DHS).
One of the sample links is a copy of an active page, allowing others to access the entire backend by using one of the three administrator accounts provided. Google searches show that the SAGE pages have been in the public for some time.
According to the release, the City of Oakland is using eEye Digital Security’s SecureIIS webserver security suite, which promises, “…integrated multi-layered windows server protection [against] known and unknown exploits, zero day attacks, and unauthorized web access…”
SAGE is what appears to be an ASP driven application, created in-part with a tool called ASPMaker. One of the administrator accounts published by AntiSec supporters comes from T324, a web design and hosting firm located in Albany, California. When the SAGE section of the DHS site was developed by T324, they used version 4 of ASPMaker, which has long since been replaced by several revisions.
It’s possible that access to the user accounts stems from ASPMaker’s role in developing the SAGE portal used by Oakland’s DHS. In addition to IIS 6.0, the site stores all of its content in a MS Access Database.
The age of the development tool, as well as the site itself being publically available, could mean that what AntiSec supporters leaked to the Web is no longer used, or of no critical value to the City of Oakland. However, if it isn’t used or needed, the city needs to remove it. If there is value in the SAGE application, then it needs serious code modifications and protection.
On Tuesday evening, as shown in the video below, the police turned to violence in order to clear Occupy Oakland protesters out of their camp in front of City Hall. Tragically, one protester, an Iraq vet who served two tours and returned home in good health, 24 year-old Scott Olsen, was critically wounded by police.
Oakland PD fired rubber bullets, tear gas, and smoke canisters into the crowd. Olsen was struck in the head by one of the canisters, suffering a fractured skull according to doctors. He is listed in serious, but stable condition.
[The video shows an aerial view of police breaking up the crowd]
[This video shows what is said to be Olsen being attacked.]
“Popular activist movements attract all manner of scavengers and hangers-on, most of which seek to capitalize on the success of the more popular group to compensate for the fact that the majority of society regards them as a bunch of babbling kooks. The Occupy Movement is no different, with everyone from The American Spectator to Zeitgeist seeing the mass throng of people as easy pickings by which to enlarge their subscriber base and coffers. Some of these groups, however, see the Occupy Movement as a means to seek legitimacy for their own morally reprehensible causes, whether that takes the form of racism, fraud or selling out activists to the feds.
Here then, is a list of some of the most odious and dangerous groups and individuals currently sucking off the teat of the Occupy Movement. These people shouldn’t be considered part of the broader Occupy Movement, no matter what sort of “authority” they claim.