Moderators: Elvis, DrVolin, Jeff
by nathan28 » Wed Feb 16, 2011 4:51 pm
by JackRiddler » Wed Feb 16, 2011 5:07 pm
nathan28 wrote:Greenwald writes for Cato periodically, I just realize. Attacking him, for focusing on civil rights and foreign policy, because the Chamber of Commerce doesn't like something he said, when he gets money from people who are in the same circle... These people are batshit insane. It's like H.L. Hunt funding the Nation of Islam and John Birchers at the same time.
by nathan28 » Wed Feb 16, 2011 6:01 pm
JackRiddler wrote:Remember, it's a biotope of networks pursuring different but usually convergent interests, and not a single structure that need make sense as such.
Chavern previously served as the Chamber’s chief of staff and vice president of its Capital Markets initiative, where he quickly became one of the nation’s leading voices on corporate governance and on the regulation of U.S. capital markets. Earlier, he served in several senior positions at the U.S. Export-Import (Ex-Im) Bank.
Harbert is the former assistant secretary for policy and international affairs at the U.S. Department of Energy (DOE). She was the primary policy advisor to the Secretary and to the department on domestic and international energy issues, including climate change, fossil, nuclear, and renewable energy and energy efficiency.
Harbert was also a member of DOE’s Executive Board as well as the Credit Review Board. She negotiated and managed bilateral and multilateral agreements with other countries and international agencies to further the nation’s energy security and research and development objectives. She was vice chairman of the International Energy Agency which advises its 27 member nations on energy policy issues and orchestrates international responses to energy supply disruptions....
In the private sector, Harbert worked for a developer of international infrastructure and power projects valued at more than $9 billion in countries in the Middle East, Asia, and Latin America. Harbert gained experience on issues associated with economic reform and privatization through earlier positions at the USAID, the Organization of American States, and the International Republican Institute.
Hirschmann leads the Chamber's initiative dedicated to making U.S. capital markets the most fair, efficient, transparent, and attractive in the world.
Lundberg served in the first Bush administration as principal deputy assistant secretary of commerce for Import Administration. Before that, he was international trade counsel with the Senate Finance Committee.
Rickard is leading the Coalition to Curb Global Forum Shopping, which seeks to stop the importation of foreign lawsuits to U.S. courts and stem the export of U.S.-style litigation features to other countries.
Miller manages all member activities for the Chamber’s Federation, which includes thousands of state, local, and metro chambers of commerce and hundreds of trade and professional associations. He oversees the Association Committee of 100, the most prestigious group of association CEOs and executives in the country; the Chamber of Commerce Committee of 100, an elite group of the nation’s leading chamber CEOs; as well as Institute for Organization Management, the nation’s premier nonprofit executive training program.
by nathan28 » Wed Feb 16, 2011 6:29 pm
During this time, Van Andel also was a prime architect of the recent global effort to develop the business strategy and restructure the operations of Amway Corp., culminating in the decision to create the sibling companies Access Business Group Inc. and Pyxis Innovations Inc. and join them with Amway and Quixtar Inc. under the Alticor banner. He currently serves as chairman of Alticor. He has been responsible for managing daily operations of the $5.1 billion company since 1995, when he was named Amway's chairman. Before that, Van Andel was Amway's vice president, Americas, overseeing the company's business operations in North and South America. He also served as vice president of marketing.
He also serves on the President's Council of the National Association of Manufacturers and on the National Advisory Council for the Boy Scouts of America. Milligan is international president of CBMC, a Christian marketplace ministry to business and professional leaders in 90 countries around the world.
Donohue established the U.S. Chamber Institute for Legal Reform, which has won significant legal reforms in the courts, at the state and federal levels, and in elections for state attorneys general and supreme court judges. The National Chamber Litigation Center, the Chamber's law firm, has become more aggressive in challenging anti-business measures in court. In 2009, it entered 134 new cases of significance to the business community and helped secure 52 victories.
Since joining Caterpillar in 1967, Shaheen has held numerous marketing and management positions both in the United States and Europe. At one time, he was responsible for Caterpillar's business in Europe, Africa, the Middle East, and the former Soviet Union. While living overseas, he was active in several international organizations and served on the board of directors of the International Enterprise Foundation of Geneva.
by nathan28 » Wed Feb 16, 2011 6:36 pm
JackRiddler wrote:.
Wait a minute, did I miss it before?! Did you say anywhere upthread that THIEL FOUNDED PALANTIR?! I'm sorry, so much shit to keep track of.
This one's a mother-fucking-lode!
Same guy who helped pay for the O'Keefe-Breitbart attack campaigns on ACORN and other targets also founded Palantir, which was an equal partner in the HBGary plots to attack activists, including Wikileaks and opponents of the Chamber, etc. etc., which also involve scraping his most famous investment, Facebook, for intel. (Meanwhile, Egyptians are putting that thing to better use!)
And in the middle of all that Thiel appears at an intellectuals' talk at Wikileaks to pretend he's for freedom of speech, long as the sacred property rights of corporations (people!) come first. Ha! In the talk he even pretends that he'd have had a hard time deciding what to do, if he had still been in charge of Paypal when the government started its anti-Wikileaks campaign! And this is while his own company is devising an anti-Wikileaks campaign!
Crazy shit. Wow. Given his spook-heavy investments, you might figure this guy at some point acquired a clearance with the government. So he can pretend to be Mr. Anti-Government at the same time.
.
by justdrew » Wed Feb 16, 2011 6:59 pm
by Plutonia » Wed Feb 16, 2011 7:06 pm
Who is Anonymous' Commander X? Not this guy
A San Francisco man was named by HBGary's Aaron Barr as the ringleader of Anonymous. Not so, says Ben de Vries.
February 16, 2011, 09:39 AM —
Benjamin Spock de Vries would like the world to know he is not a cyber terrorist.
But if you read some of the 40,000+ emails that were stolen from HBGary Federal by Anonymous and posted on Pirate Bay, you might think otherwise.
It seems Aaron Barr -- the CEO of HBGary Federal who thought he’d make a big splash by outing the leadership of Anonymous and instead ended up getting ridden hard and put away wet by the very hackers he sought to expose -- decided de Vries is in fact the mysterious Commander X, alleged puppetmaster of the Anonymous collective. So he said as much in some of the thousands of private email conversations the Anons just shared with the world.
[ See also: That new Facebook friend might just be a spy]
This did not make de Vries happy.
“I am not Anonymous,” de Vries told me during an agitated phone conversation last night. “I have never logged onto any Anonymous sites. I don’t use IRC. I couldn’t hack my way out of a paper bag.”
In fact, de Vries says he hadn’t even heard of the whole HBGary-Anonymous mishegas until Barr contacted him on February 5 via his Facebook alter ego, Julian Goodspeak (yes, really), and begged de Vries to please call off the DDOS attack on HBGary’s servers.
What attack? de Vries asked.
What followed was a weirdly elliptical conversation in which Barr chatted with the person he thought was Commander X while de Vries thought they were talking about something else entirely.
The reason Barr thought De Vries was the elusive X? Because de Vries is the founder and admin of a Facebook Group called Global Strike 2011, which appears to be popular with the Anons. That, or many of its members are just particularly enamored of Guy Fawkes masks and wicked cool handles like Anarcho Femmina and Anonomous AnonopsEsp (then again, who isn’t?).
Barr thought he had cracked the Anons by taking information from Facebook, Linked In, and Twitter and “correlating” it with activity inside IRC chats conducted by actual members of Anonymous. So he made what appears to be wildly inaccurate assumptions based on the facts that a) de Vries was the admin for Global Strike 2011, ii) fans of Anonymous frequented the site, and z) activity on that site occurred at more or less the same time as statements made inside IRC.
Ipso facto, de Vries is Commander X. Also, Justin Bieber is Lady Gaga’s love child. Pass it on.
I attempted to contact Mr. Barr for comment via email. I’m still awaiting his response.
Granted, de Vries is not your average Joe. He’s a Certified Permaculture Designer, which means he designs sustainable agricultural systems, as well as a bit of an anarchist. He says he wants to change the world not by computer hacking, but by “economic action of passive resistance, mainly by gardening.” He fears for his physical safety and claims he has holed up in a “crack hotel” to avoid unwelcome visits from HBGary henchmen.
This is a bizarre story that gets stranger with each passing day. Among the other tidbits gleaned from the purloined emails: HBGary Federal cooked up plans to topple WikiLeaks and target CNN journalist Glenn Greenwald. They had managed to obtain the code for the Stuxnet malware that bollixed Iran’s nuclear program (which, by the way, is now apparently in the hands of Anonymous – take a moment to ponder that). So the idea of them hiring hitmen to do away with a troublesome pest, while highly unlikely, is not entirely from Mars.
Ben de Vries would like to clear his name. He does not want the federales knocking down his door and charging him with felony trespass and unauthorized access of computer systems. And it’s pretty clear he’d like to cause Mr. Barr pain of both an emotional and economic nature.
On the hand, de Vries admits he has had no contact with law enforcement of any kind over his alleged involvement. Barr told the Financial Times he would not necessarily share his findings with the FBI, in part because of how he collected the information (ie, illegally). If the Feds really thought de Vries was Commander X, they’d have arrested him along with the 40 or so others they rounded up who are suspected of taking part in those DDOS attacks on the alleged enemies of WikiLeaks in December.
Is de Vries paranoid? Probably. Excitable? Most definitely. But the mastermind behind the many-headed hacktivist hydra that is Anonymous? That hardly seems possible.
The problem here is bigger than De Vries, Barr, HBGary, Anonymous or even WikiLeaks. It’s about what happens when you mine data from different sources, employ dubious assumptions, and leap to erroneous conclusions. It’s too easy to get the wrong guy. And if you think this doesn’t happen, ask Khaled Masri, a German citizen who was ‘rendered’ to Afghanistan by the CIA in 2003 and tortured for five months, based on a case of mistaken identity. Or Oregon attorney Brandon Mayfield, who was wrongly arrested for bombing a train in Madrid in 2004 and only got sprung because the Spanish police did their homework and found the actual bomber.
If you believe the NSA isn’t mining data to locate terrorist threats before they strike, you just haven’t been paying attention. If you fit the wrong profile or hit the wrong data points, you could be an innocent victim, like Masri, Mayfield, or de Vries. Let’s just hope they’re better at data mining than Aaron Barr is.
by hanshan » Thu Feb 17, 2011 8:27 am
Is de Vries paranoid? Probably. Excitable? Most definitely. But the mastermind behind the many-headed hacktivist hydra that is Anonymous? That hardly seems possible.
The problem here is bigger than De Vries, Barr, HBGary, Anonymous or even WikiLeaks. It’s about what happens when you mine data from different sources, employ dubious assumptions, and leap to erroneous conclusions. It’s too easy to get the wrong guy. And if you think this doesn’t happen, ask Khaled Masri, a German citizen who was ‘rendered’ to Afghanistan by the CIA in 2003 and tortured for five months, based on a case of mistaken identity. Or Oregon attorney Brandon Mayfield, who was wrongly arrested for bombing a train in Madrid in 2004 and only got sprung because the Spanish police did their homework and found the actual bomber.
If you believe the NSA isn’t mining data to locate terrorist threats before they strike, you just haven’t been paying attention. If you fit the wrong profile or hit the wrong data points, you could be an innocent victim, like Masri, Mayfield, or de Vries. Let’s just hope they’re better at data mining than Aaron Barr is.
by JackRiddler » Thu Feb 17, 2011 10:30 am
by Plutonia » Fri Feb 18, 2011 12:09 am
Wed Feb 16, 2011 at 10:56 PM EST
UPDATED: The HB Gary Email That Should Concern Us All
by Happy Rockefeller
As I wrote yesterday , there is a leaked email that has gotten surprisingly little attention around here. It's the one where Aaron Barr discusses his intention to post at Daily Kos - presumably something negative about Anonymous, the hacking group. But that's not the email I'm talking about here.
As I also mentioned yesterday, in some of the emails, HB Gary people are talking about creating "personas", what we would call sockpuppets. This is not new. PR firms have been using fake "people" to promote products and other things for a while now, both online and even in bars and coffee houses.
But for a defense contractor with ties to the federal government, Hunton & Williams, DOD, NSA, and the CIA - whose enemies are labor unions, progressive organizations, journalists, and progressive bloggers, a persona apparently goes far beyond creating a mere sockpuppet.
According to an embedded MS Word document found in one of the HB Gary emails, it involves creating an army of sockpuppets, with sophisticated "persona management" software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online.Persona management entails not just the deconfliction of persona artifacts such as names, email addresses, landing pages, and associated content. It also requires providing the human actors technology that takes the decision process out of the loop when using a specific persona. For this purpose we custom developed either virtual machines or thumb drives for each persona. This allowed the human actor to open a virtual machine or thumb drive with an associated persona and have all the appropriate email accounts, associations, web pages, social media accounts, etc. pre-established and configured with visual cues to remind the actor which persona he/she is using so as not to accidentally cross-contaminate personas during use.
And all of this is for the purposes of infiltration, data mining, and (here's the one that really worries me) ganging up on bloggers, commenters and otherwise "real" people to smear enemies and distort the truth.
This is an excerpt from one of the Word Documents, which was sent as an attachment by Aaron Barr, CEO of HB Gary's Federal subsidiary, to several of his colleagues to present to clients:To build this capability we will create a set of personas on twitter, blogs, forums, buzz, and myspace under created names that fit the profile (satellitejockey, hack3rman, etc). These accounts are maintained and updated automatically through RSS feeds, retweets, and linking together social media commenting between platforms. With a pool of these accounts to choose from, once you have a real name persona you create a Facebook and LinkedIn account using the given name, lock those accounts down and link these accounts to a selected # of previously created social media accounts, automatically pre-aging the real accounts.
Yes!!! That's how democracy and the first amendment are supposed to work.
In another Word document, one of the team spells out how automation can work so one person can be many personas:Using the assigned social media accounts we can automate the posting of content that is relevant to the persona. In this case there are specific social media strategy website RSS feeds we can subscribe to and then repost content on twitter with the appropriate hashtags. In fact using hashtags and gaming some location based check-in services we can make it appear as if a persona was actually at a conference and introduce himself/herself to key individuals as part of the exercise, as one example. There are a variety of social media tricks we can use to add a level of realness to all fictitious personas
I don't know about you, but this concerns me greatly. It goes far beyond the mere ability for a government stooge, corporation or PR firm to hire people to post on sites like this one. They are talking about creating the illusion of consensus. And consensus is a powerful persuader. What has more effect, one guy saying BP is not at fault? Or 20 people saying it? For the weak minded, the number can make all the difference.
And another thing, this is just one little company of assholes. I can't believe there aren't others doing this already. From oil companies, political campaigns, PR firms, you name it. Public opinion means big bucks. And let's face it, what these guys are talking about is easy.
Just today I was listening to Stand Up with Pete Dominic on XM's POTUS channel. He was talking about the Wisconsin labor attack and how he had seen a lot of people email and contact the show in support of the Teachers there. Then he added a "but": "I've also seen a lot of anti-labor people on Twitter..."
Really? I thought. How do we know if those are real people? Twitter has to be the easiest thing to fake and to automate with retweets and 180 characrer max sentences. To the extent that the propaganda technique known as "Bandwagon" is an effective form of persuasion, which it definitely is, the ability for a few people to infiltrate a blog or social media site and appear to be many people, all taking one position in a debate, all agreeing, for example, that so and so is not credible, or a crook, is an incredibly powerful weapon.
How many times have you seen a diary get posted that reports some revelatory yet unfavorable tidbit about someone only to see a swarm of commenters arrive who hijack the thread, distract with a bunch of irrelevant nonsense, start throwing unsubstantiated accusations and ad hominem attacks to where before you know it, everyone's pretty much forgotten what the diary said in the first place.
Some times diaries deserve to be swarmed. But what if a diary is swarmed and it's really just one asshole working for a law firm that represents the oil company your diary was attacking?
I don't know about you, but it matters to me what fellow progressives think. I consider all views. And if there appears to be a consensus that some reporter isn't credible, for example, or some candidate for congress in another state can't be trusted, I won't base my entire judgment on it, but it carries some weight.
That's me. I believe there are many people though who will base their judgment on rumors and mob attacks. And for those people, a fake mob can be really effective.
I have no idea what to do about this problem, except just make sure everyone knows its possible, and so watches out for it.
-------------------------------------
Lastly, some here are falling for the meme that HB Gary personel, and especially Aaron Barr himself, are incompetent buffoons. This is a mistake. While Mr Barr may be a fool, he was not the one who fell for a spear fishing attack that allow an, apparently, 16 year old girl to gain access to their servers.
I have rummaged through the leaked email, some of which contain resumes for employees there. These guys are recruiting people with incredibly advanced skills from many different agencies and top universities like MIT.
HB Gary and its subsidiary, HB Gary Federal, as well as Berinco and Palantir, employed a lot of extremely qualified people with backgrounds in the NSA and ATT and other major organizations/corporations. These guys are pros.
Aaron Barr may be a mockery to Anonymous for running his mouth off. As he should be. But he's not an idiot and he wasn't the one who gave out the company's keys to a 16 yo girl.
I wanted to make this clear because it is in the interests of government and propagandists, and anyone else who wants this story to go away to try and blow all this off as one little company who wrote a proposal no one even read and who isn't even competent enough to protect its own servers so no one should pay any attention at all to what they were up to.
That is the narrative being spun, even here on this site, and it is entirely fictitious.
We are under attack. And the attackers are damn good at what they do. Pretending they're not, or that this isn't happening isn't going to make it better.
I do believe there are limitation to the effectiveness of such an attack on this site and others like it. This isn't twitter, and bullshit only goes so far, no matter how many personas are spreading it.
But everyone needs to be aware that not only are sites like this a target of attack, but that Daily Kos has been mentioned specifically as a target of attack.
Maybe this whole thing will be liberating. Maybe people will develop stronger spines and not be so easily swayed by raving mobs.
UPDATE: From another email, I found a government solicitation for this "Persona Management Software".
This confirms that in fact, the US Gov. is attempting to use this kind of technology. But it appears from the solicitation it is contracted for use in foreign theaters like Afghanistan and Iraq. I can't imagine why this is posted on an open site. And whenthis was discovered by a couple of HB Gary staffers, they weren't too happy about it either:
The first email just had the title, "WTF Dude?"
The response email said, "This is posted on open source. Are you fucking serious?"
Here's the link to the solicitation at website "FedBizOps.gov". Yes, that name doesn't sound like cronyism at all...
LinkSolicitation Number:
RTB220610
Notice Type:
Sources Sought
Synopsis:
Added: Jun 22, 2010 1:42 pm Modified: Jun 22, 2010 2:07 pmTrack Changes
0001- Online Persona Management Service. 50 User Licenses, 10 Personas per user.
Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user's situational awareness by displaying real-time local information.
0002- Secure Virtual Private Network (VPN). 1 each
VPN provides the ability for users to daily and automatically obtain randomly selected
IP addresses through which they can access the internet. The daily rotation of
the user s IP address prevents compromise during observation of likely or
targeted web sites or services, while hiding the existence of the operation. In
addition, may provide traffic mixing, blending the user s traffic with traffic from
multitudes of users from outside the organization. This traffic blending provides
excellent cover and powerful deniability. Anonymizer Enterprise Chameleon or equal
0003- Static IP Address Management. 50 each
Licence protects the identity of government agencies and enterprise
organizations. Enables organizations to manage their persistent online personas
by assigning static IP addresses to each persona. Individuals can perform
static impersonations, which allow them to look like the same person over time.
Also allows organizations that frequent same site/service often to easily switch IP
addresses to look like ordinary users as opposed to one organization. Anonymizer IP Mapper License or equal
0004- Virtual Private Servers, CONUS. 1 each
Provides CONUS or OCONUS points of presence locations that are setup for
each customer based on the geographic area of operations the customer is
operating within and which allow a customer?s online persona(s) to appear to
originate from. Ability to provide virtual private servers that are procured using
commercial hosting centers around the world and which are established
anonymously. Once procured, the geosite is incorporated into the network and
integrated within the customers environment and ready for use by the customer.
Unless specifically designated as shared, locations are dedicated for use by
each customer and never shared among other customers. Anonymizer Annual Dedicated CONUS Light Geosite or equal
0005- Virtual Private Servers, OCONUS. 8 Each
Provides CONUS or OCONUS points of presence locations that are setup for
each customer based on the geographic area of operations the customer is
operating within and which allow a customer?s online persona(s) to appear to
originate from. Ability to provide virtual private servers that are procured using
commercial hosting centers around the world and which are established
anonymously. Once procured, the geosite is incorporated into the network and
integrated within the customers environment and ready for use by the customer.
Unless specifically designated as shared, locations are dedicated for use by
each customer and never shared among other customers. Anonymizer Annual Dedicated OCONUS Light Geosite or equal
0006- Remote Access Secure Virtual Private Network. 1 each
Secure Operating Environment provides a reliable and protected computing
environment from which to stage and conduct operations. Every session uses a
clean Virtual Machine (VM) image. The solution is accessed through sets of
Virtual Private Network (VPN) devices located at each Customer facility. The
fully-managed VDI (Virtual Desktop Infrastructure) is an environment that allows
users remote access from their desktop into a VM. Upon session termination,
the VM is deleted and any virus, worm, or malicious software that the user inadvertently downloaded is destroyed. Anonymizer Virtual Desktop Infrastructure (VDI) Solution or equal.
Contracting Office Address:
2606 Brown Pelican Ave.
MacDill AFB, Florida 33621-5000
United States
Place of Performance:
Performance will be at MacDIll AFB, Kabul, Afghanistan and Baghdad, Iraq.
MacDill AFB , Florida 33679
United States
by Plutonia » Fri Feb 18, 2011 3:33 am
FBO DAILY ISSUE OF JUNE 24, 2010 FBO #3134
MODIFICATION
70 -- Freedom of Information Act Support
Notice Date
6/22/2010
Notice Type
Modification/Amendment
NAICS
511210 — Software Publishers
Contracting Office
Department of the Air Force, Air Mobility Command, 6th Contracting Squadron, 2606 Brown Pelican Ave., MacDill AFB, Florida, 33621-5000, United States
ZIP Code
33621-5000
Solicitation Number
RTB220610
Archive Date
7/13/2010
Point of Contact
Russell Beasley, Phone: (813) 828-4729
E-Mail Address
russell.beasley-02@macdill.af.mil
(russell.beasley-02@macdill.af.mil)
Small Business Set-Aside
N/A
Description
0001- Online Persona Management Service. 50 User Licenses, 10 Personas per user. Software will allow 10 personas per user, replete with background, history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user's situational awareness by displaying real-time local information. 0002- Secure Virtual Private Network (VPN). 1 each VPN provides the ability for users to daily and automatically obtain randomly selected IP addresses through which they can access the internet. The daily rotation of the user s IP address prevents compromise during observation of likely or targeted web sites or services, while hiding the existence of the operation. In addition, may provide traffic mixing, blending the user s traffic with traffic from multitudes of users from outside the organization. This traffic blending provides excellent cover and powerful deniability. Anonymizer Enterprise Chameleon or equal 0003- Static IP Address Management. 50 each Licence protects the identity of government agencies and enterprise organizations. Enables organizations to manage their persistent online personas by assigning static IP addresses to each persona. Individuals can perform static impersonations, which allow them to look like the same person over time. Also allows organizations that frequent same site/service often to easily switch IP addresses to look like ordinary users as opposed to one organization. Anonymizer IP Mapper License or equal 0004- Virtual Private Servers, CONUS. 1 each Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated CONUS Light Geosite or equal 0005- Virtual Private Servers, OCONUS. 8 Each Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated OCONUS Light Geosite or equal 0006- Remote Access Secure Virtual Private Network. 1 each Secure Operating Environment provides a reliable and protected computing environment from which to stage and conduct operations. Every session uses a clean Virtual Machine (VM) image. The solution is accessed through sets of Virtual Private Network (VPN) devices located at each Customer facility. The fully-managed VDI (Virtual Desktop Infrastructure) is an environment that allows users remote access from their desktop into a VM. Upon session termination, the VM is deleted and any virus, worm, or malicious software that the user inadvertently downloaded is destroyed. Anonymizer Virtual Desktop Infrastructure (VDI) Solution or equal.
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AMC/6CS/RT ... sting.html)
Place of Performance
Address: Performance will be at MacDIll AFB, Kabul, Afghanistan and Baghdad, Iraq., MacDill AFB, Florida, 33679, United States
Zip Code: 33679
Record
SN02184732-W 20100624/100622235543-d7d528fbb946211d092a974ed0ff5cfb (fbodaily.com)
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
http://www.fbodaily.com/archive/2010/06 ... 184732.htm
by Simulist » Fri Feb 18, 2011 4:05 am
Plutonia wrote:Srsly, my head is exploding every single day since the aaronbarrforeveralone hack.Wed Feb 16, 2011 at 10:56 PM EST
UPDATED: The HB Gary Email That Should Concern Us All
by Happy Rockefeller
As I wrote yesterday , there is a leaked email that has gotten surprisingly little attention around here. It's the one where Aaron Barr discusses his intention to post at Daily Kos - presumably something negative about Anonymous, the hacking group. But that's not the email I'm talking about here.
As I also mentioned yesterday, in some of the emails, HB Gary people are talking about creating "personas", what we would call sockpuppets. This is not new. PR firms have been using fake "people" to promote products and other things for a while now, both online and even in bars and coffee houses.
But for a defense contractor with ties to the federal government, Hunton & Williams, DOD, NSA, and the CIA - whose enemies are labor unions, progressive organizations, journalists, and progressive bloggers, a persona apparently goes far beyond creating a mere sockpuppet.
According to an embedded MS Word document found in one of the HB Gary emails, it involves creating an army of sockpuppets, with sophisticated "persona management" software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online.Persona management entails not just the deconfliction of persona artifacts such as names, email addresses, landing pages, and associated content. It also requires providing the human actors technology that takes the decision process out of the loop when using a specific persona. For this purpose we custom developed either virtual machines or thumb drives for each persona. This allowed the human actor to open a virtual machine or thumb drive with an associated persona and have all the appropriate email accounts, associations, web pages, social media accounts, etc. pre-established and configured with visual cues to remind the actor which persona he/she is using so as not to accidentally cross-contaminate personas during use.
And all of this is for the purposes of infiltration, data mining, and (here's the one that really worries me) ganging up on bloggers, commenters and otherwise "real" people to smear enemies and distort the truth.
This is an excerpt from one of the Word Documents, which was sent as an attachment by Aaron Barr, CEO of HB Gary's Federal subsidiary, to several of his colleagues to present to clients:To build this capability we will create a set of personas on twitter, blogs, forums, buzz, and myspace under created names that fit the profile (satellitejockey, hack3rman, etc). These accounts are maintained and updated automatically through RSS feeds, retweets, and linking together social media commenting between platforms. With a pool of these accounts to choose from, once you have a real name persona you create a Facebook and LinkedIn account using the given name, lock those accounts down and link these accounts to a selected # of previously created social media accounts, automatically pre-aging the real accounts.
Yes!!! That's how democracy and the first amendment are supposed to work.
In another Word document, one of the team spells out how automation can work so one person can be many personas:Using the assigned social media accounts we can automate the posting of content that is relevant to the persona. In this case there are specific social media strategy website RSS feeds we can subscribe to and then repost content on twitter with the appropriate hashtags. In fact using hashtags and gaming some location based check-in services we can make it appear as if a persona was actually at a conference and introduce himself/herself to key individuals as part of the exercise, as one example. There are a variety of social media tricks we can use to add a level of realness to all fictitious personas
I don't know about you, but this concerns me greatly. It goes far beyond the mere ability for a government stooge, corporation or PR firm to hire people to post on sites like this one. They are talking about creating the illusion of consensus. And consensus is a powerful persuader. What has more effect, one guy saying BP is not at fault? Or 20 people saying it? For the weak minded, the number can make all the difference.
And another thing, this is just one little company of assholes. I can't believe there aren't others doing this already. From oil companies, political campaigns, PR firms, you name it. Public opinion means big bucks. And let's face it, what these guys are talking about is easy.
Just today I was listening to Stand Up with Pete Dominic on XM's POTUS channel. He was talking about the Wisconsin labor attack and how he had seen a lot of people email and contact the show in support of the Teachers there. Then he added a "but": "I've also seen a lot of anti-labor people on Twitter..."
Really? I thought. How do we know if those are real people? Twitter has to be the easiest thing to fake and to automate with retweets and 180 characrer max sentences. To the extent that the propaganda technique known as "Bandwagon" is an effective form of persuasion, which it definitely is, the ability for a few people to infiltrate a blog or social media site and appear to be many people, all taking one position in a debate, all agreeing, for example, that so and so is not credible, or a crook, is an incredibly powerful weapon.
How many times have you seen a diary get posted that reports some revelatory yet unfavorable tidbit about someone only to see a swarm of commenters arrive who hijack the thread, distract with a bunch of irrelevant nonsense, start throwing unsubstantiated accusations and ad hominem attacks to where before you know it, everyone's pretty much forgotten what the diary said in the first place.
Some times diaries deserve to be swarmed. But what if a diary is swarmed and it's really just one asshole working for a law firm that represents the oil company your diary was attacking?
I don't know about you, but it matters to me what fellow progressives think. I consider all views. And if there appears to be a consensus that some reporter isn't credible, for example, or some candidate for congress in another state can't be trusted, I won't base my entire judgment on it, but it carries some weight.
That's me. I believe there are many people though who will base their judgment on rumors and mob attacks. And for those people, a fake mob can be really effective.
I have no idea what to do about this problem, except just make sure everyone knows its possible, and so watches out for it.
-------------------------------------
Lastly, some here are falling for the meme that HB Gary personel, and especially Aaron Barr himself, are incompetent buffoons. This is a mistake. While Mr Barr may be a fool, he was not the one who fell for a spear fishing attack that allow an, apparently, 16 year old girl to gain access to their servers.
I have rummaged through the leaked email, some of which contain resumes for employees there. These guys are recruiting people with incredibly advanced skills from many different agencies and top universities like MIT.
HB Gary and its subsidiary, HB Gary Federal, as well as Berinco and Palantir, employed a lot of extremely qualified people with backgrounds in the NSA and ATT and other major organizations/corporations. These guys are pros.
Aaron Barr may be a mockery to Anonymous for running his mouth off. As he should be. But he's not an idiot and he wasn't the one who gave out the company's keys to a 16 yo girl.
I wanted to make this clear because it is in the interests of government and propagandists, and anyone else who wants this story to go away to try and blow all this off as one little company who wrote a proposal no one even read and who isn't even competent enough to protect its own servers so no one should pay any attention at all to what they were up to.
That is the narrative being spun, even here on this site, and it is entirely fictitious.
We are under attack. And the attackers are damn good at what they do. Pretending they're not, or that this isn't happening isn't going to make it better.
I do believe there are limitation to the effectiveness of such an attack on this site and others like it. This isn't twitter, and bullshit only goes so far, no matter how many personas are spreading it.
But everyone needs to be aware that not only are sites like this a target of attack, but that Daily Kos has been mentioned specifically as a target of attack.
Maybe this whole thing will be liberating. Maybe people will develop stronger spines and not be so easily swayed by raving mobs.
UPDATE: From another email, I found a government solicitation for this "Persona Management Software".
This confirms that in fact, the US Gov. is attempting to use this kind of technology. But it appears from the solicitation it is contracted for use in foreign theaters like Afghanistan and Iraq. I can't imagine why this is posted on an open site. And whenthis was discovered by a couple of HB Gary staffers, they weren't too happy about it either:
The first email just had the title, "WTF Dude?"
The response email said, "This is posted on open source. Are you fucking serious?"
Here's the link to the solicitation at website "FedBizOps.gov". Yes, that name doesn't sound like cronyism at all...
LinkSolicitation Number:
RTB220610
Notice Type:
Sources Sought
Synopsis:
Added: Jun 22, 2010 1:42 pm Modified: Jun 22, 2010 2:07 pmTrack Changes
0001- Online Persona Management Service. 50 User Licenses, 10 Personas per user.
Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user's situational awareness by displaying real-time local information.
0002- Secure Virtual Private Network (VPN). 1 each
VPN provides the ability for users to daily and automatically obtain randomly selected
IP addresses through which they can access the internet. The daily rotation of
the user s IP address prevents compromise during observation of likely or
targeted web sites or services, while hiding the existence of the operation. In
addition, may provide traffic mixing, blending the user s traffic with traffic from
multitudes of users from outside the organization. This traffic blending provides
excellent cover and powerful deniability. Anonymizer Enterprise Chameleon or equal
0003- Static IP Address Management. 50 each
Licence protects the identity of government agencies and enterprise
organizations. Enables organizations to manage their persistent online personas
by assigning static IP addresses to each persona. Individuals can perform
static impersonations, which allow them to look like the same person over time.
Also allows organizations that frequent same site/service often to easily switch IP
addresses to look like ordinary users as opposed to one organization. Anonymizer IP Mapper License or equal
0004- Virtual Private Servers, CONUS. 1 each
Provides CONUS or OCONUS points of presence locations that are setup for
each customer based on the geographic area of operations the customer is
operating within and which allow a customer?s online persona(s) to appear to
originate from. Ability to provide virtual private servers that are procured using
commercial hosting centers around the world and which are established
anonymously. Once procured, the geosite is incorporated into the network and
integrated within the customers environment and ready for use by the customer.
Unless specifically designated as shared, locations are dedicated for use by
each customer and never shared among other customers. Anonymizer Annual Dedicated CONUS Light Geosite or equal
0005- Virtual Private Servers, OCONUS. 8 Each
Provides CONUS or OCONUS points of presence locations that are setup for
each customer based on the geographic area of operations the customer is
operating within and which allow a customer?s online persona(s) to appear to
originate from. Ability to provide virtual private servers that are procured using
commercial hosting centers around the world and which are established
anonymously. Once procured, the geosite is incorporated into the network and
integrated within the customers environment and ready for use by the customer.
Unless specifically designated as shared, locations are dedicated for use by
each customer and never shared among other customers. Anonymizer Annual Dedicated OCONUS Light Geosite or equal
0006- Remote Access Secure Virtual Private Network. 1 each
Secure Operating Environment provides a reliable and protected computing
environment from which to stage and conduct operations. Every session uses a
clean Virtual Machine (VM) image. The solution is accessed through sets of
Virtual Private Network (VPN) devices located at each Customer facility. The
fully-managed VDI (Virtual Desktop Infrastructure) is an environment that allows
users remote access from their desktop into a VM. Upon session termination,
the VM is deleted and any virus, worm, or malicious software that the user inadvertently downloaded is destroyed. Anonymizer Virtual Desktop Infrastructure (VDI) Solution or equal.
Contracting Office Address:
2606 Brown Pelican Ave.
MacDill AFB, Florida 33621-5000
United States
Place of Performance:
Performance will be at MacDIll AFB, Kabul, Afghanistan and Baghdad, Iraq.
MacDill AFB , Florida 33679
United States
Heinous.
by wintler2 » Fri Feb 18, 2011 7:12 am
Plutonia wrote:Srsly, my head is exploding every single day since the aaronbarrforeveralone hack.
Chet Uber Contacted HBGary before He Publicized His Role in Turning in Bradley Manning
By: emptywheel Wednesday February 16, 2011 4:49 am
A reader found a very interesting email among the HBGary emails: Chet Uber emailed–after having tried to call–HBGary CEO Greg Hoglund on June 23, 2010.
> Sir,
>
>
>
> I would like to speak to Mr. Hoglund. My name is Chet Uber
> and I was given his name by common associates as someone I should speak with.
> The nature of our work is highly sensitive so no offense but I cannot explain
> the details of my call. I was given a URL and a phone number. I was not given
> his direct line and every time I try to get an attendant you phone system
> disconnects me. Would you please forward him this email to him. The links below
> are new and as much information as we have ever made public.
>
>
>
> Sorry for the mystery but in my world we are careful about
> our actions and this is something interpreted as rudeness. I am being polite,
> so any cooperation you can provide is greatly appreciated.
Uber copies himself, Mark Rasch, George Johnson, and Mike Tomasiewicz, and sends links to two stories about Project Vigilant, which had been posted on the two proceeding days.
In response to the email, Hoglund asks Bob Slapnick to check Uber out with someone at DOD’s CyberCrime Center.
Chet Uber, as you’ll recall, is the guy who held a press conference at DefCon on August 1 to boast about his role in helping Adrian Lamo turn Bradley Manning in to authorities. Mark Rasch is the former DOJ cybercrimes prosecutor who claims to be Project Vigilant’s General Counsel and who says he made key connections with the government on Manning.
Mind you, the multiple versions of Uber’s story of his involvement in turning in Manning are inconsistent. At least a couple versions have Lamo calling Uber in June, after Manning had already been arrested.
So there are plenty of reasons to doubt the Lamo and Uber story. And security insiders have suggested the whole Project Vigilant story may be nothing more than a publicity stunt.
Furthermore, this email may be more of the same. Uber may have been doing no more than cold-calling Hoglund just as he was making a big publicity push capitalizing on the Manning arrest.
But consider this.
Lamo’s conversations with Manning have always looked more like the coached questions of someone trying to elicit already-suspected details than the mutual boasting of two hackers. Because of that and because of the inconsistencies and flimsiness of the Project Vigilant story, PV all looked more like a cover story for why Lamo would narc out Bradley Manning than an accurate story. And Uber’s email here and his DefCon press conference may well be publicity stunts. But then, that’s what Aaron Barr’s research on Anonymous was supposed to be: a widely publicized talk designed to bring new business. But a key part of the PV story was the claim that Adrian Lamo had volunteered with the group working on “adversary characterization.”
Uber says Lamo worked as a volunteer research associate for Project Vigilant for about a year on something called adversary characterization, which involved gathering information for a project on devising ways to attribute computer intrusions to individuals or groups. He helped define the roles, tools and methods intruders would use to conduct such attacks.
While it is described as more technical, that’s not all that different from what Aaron Barr was doing with social media on Anonymous.
One more thing. Consider what DOJ has been doing since the time Lamo turned in Manning and now: asking social media providers for detailed information about a network of people associated with Wikileaks. That is, DOJ appears to have been doing with additional legal tools precisely what Barr was doing with public sources.
That’s likely all a big coinkydink. But these security hackers all seem to love turning their freelance investigations into big publicity stunts.
by Hammer of Los » Fri Feb 18, 2011 8:12 am
by JackRiddler » Fri Feb 18, 2011 12:47 pm
elfismiles wrote:
Air Force Wants Troll Persona Management Software
February 18th, 2011
Via: Federal Business Opportunities:
https://www.fbo.gov/index?s=opportunity ... e&_cview=1
Online Persona Management Service. 50 User Licenses, 10 Personas per user.
Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user’s situational awareness by displaying real-time local information.
http://cryptogon.com/?p=20609
[[SNIP]]
Which of course reminds us of this / which I don't think can be reposted enuf:
Booze Allen Hamilton and FOIA Distraction Strategems
http://parapolitical.wordpress.com/2007 ... trategems/
Psy-ops propaganda goes mainstream by Sharon Weinberger – Slate Magazine
http://anomalyaudio.wordpress.com/2008/ ... -magazine/
Users browsing this forum: No registered users and 151 guests