Spitfire List Web site and blog of anti-fascist researcher and radio personality Dave Emory.

For The Record  

FTR #923 The Obverse Oswald and the High Profile Hacks: Update on the Adventures of Eddie the Friendly Spook (Weighing in for The Trumpenkampfverbande, Part 2)

Dave Emory’s entire life­time of work is avail­able on a flash dri­ve that can be obtained HERE. The new dri­ve is a 32-giga­byte dri­ve that is cur­rent as of the pro­grams and arti­cles post­ed by ear­ly win­ter of 2016. The new dri­ve (avail­able for a tax-deductible con­tri­bu­tion of $65.00 or more.) (The pre­vi­ous flash dri­ve was cur­rent through the end of May of 2012.)

WFMU-FM is pod­cast­ing For The Record–You can sub­scribe to the pod­cast HERE.

You can sub­scribe to e‑mail alerts from Spitfirelist.com HERE.

You can sub­scribe to RSS feed from Spitfirelist.com HERE.

You can sub­scribe to the com­ments made on pro­grams and posts–an excel­lent source of infor­ma­tion in, and of, itself HERE.

This broad­cast was record­ed in one, 60-minute seg­ment.

Lee Harvey Oswald: Ersatz Communist

Lee Har­vey Oswald: Ersatz Com­mu­nist

borisandnatashaiIntro­duc­tion: In past dis­cus­sion of “Eddie the Friend­ly Spook,” we have char­ac­ter­ized him as “the Obverse Oswald.

Sup­ple­ment­ing and sum­ming up the exhaus­tive “Eddie the Friend­ly Spook” series, this pro­gram sets forth the Snow­den “psy-op” and the high-pro­file hacks against the back­ground of Lee Har­vey Oswald, the U.S. spy infil­trat­ed into the Sovi­et Union and then into left­ist orga­ni­za­tions in the Unit­ed States. Oswald was framed for JFK’s assas­si­na­tion and then killed before he could defend him­self.

Where­as Oswald was por­trayed as a vil­lain, Eddie the Friend­ly Spook’s oper­a­tion is the obverse, with Snow­den decamp­ing first to Chi­na and then to Rus­sia and being por­trayed as a hero. Snow­den is not only a spy but a fas­cist, who advo­cates the elim­i­na­tion of Social Secu­ri­ty and the return to the gold stan­dard.

Snow­den’s Russ­ian sojourn appears to have been arranged by Wik­iLeaks, which also appears to have arranged his flight to Chi­na from Hawaii. (Snow­den’s jour­ney to Hawaii appears to have been facil­i­tat­ed by Jacob Apple­baum, who may be behind the “Shad­ow Bro­kers” alleged hack of NSA cyber­weapons.) It was Snow­den’s jour­ney to Moscow that threw Oba­ma’s “reboot” with Rus­sia under the bus.

In this pro­gram, we exam­ine infor­ma­tion indi­cat­ing that Rus­sia has been framed for the “Shad­ow Bro­kers” alleged hack of the NSA, much as it appears to have been framed for the DNC hack. Indeed, with both the DNC hack and the “Shad­ow Bro­kers” non-hack of the NSA, the evi­dence points increas­ing­ly toward “Team Snow­den” and Eddie the Friend­ly Spook him­self.

In that con­text, we again point to “The Obverse Oswald.”  We strong­ly sus­pect that “Team Snow­den” may have had some­thing to do with this. Snow­den is in Rus­sia and work­ing for a com­put­er firm. The (frankly lame) fram­ing of Rus­sia for the DNC hack and the “Shad­ow Bro­kers” non-hack of the NSA reminds us of the process of “paint­ing Oswald Red.”

borisandnatashaiiborisandnatashaiiiWe have cov­ered this in numer­ous broad­casts, includ­ing The Guns of Novem­ber, Part 1AFA #15 and FTR #‘s 777 and 876. (An excel­lent book on the JFK assas­si­na­tion that presents an excel­lent break­down of “the paint­ing of Oswald Red” is JFK and the Unspeak­able: Why He Died and Why It Mat­ters.)

In a tran­si­tion­al ele­ment from FTR #922, the last of our pro­grams deal­ing with the Trumpenkampfver­bande, we note that Don­ald Trump’s ide­ol­o­gy and rhetoric are a devel­op­ment and ampli­fi­ca­tion of what we termed “The Paulis­tin­ian Lib­er­tar­i­an Orga­ni­za­tion.”  In FTR #‘s 755, 758 and 759, we have fur­ther devel­oped the rela­tion­ship between the Ron Paul milieu and WikiLeaks/Team Snow­den. Trump sup­port­er David Duke is inex­tri­ca­bly linked with this milieu.

” . . . Trump’s style and posi­tions — endors­ing and con­sort­ing with 9/11 truthers, pro­mot­ing online racists, using fake sta­tis­tics— draw on a now-obscure polit­i­cal strat­e­gy called “pale­olib­er­tar­i­an­ism,” which was once quite pop­u­lar among some Repub­li­cans, espe­cial­ly for­mer pres­i­den­tial can­di­date Ron Paul. . . .The fig­ure whose ideas uni­fy Pauline lib­er­tar­i­ans and today’s Trump­ists is the late Mur­ray Roth­bard, an econ­o­mist who co-found­ed the Cato Insti­tute and is wide­ly regard­ed as the cre­ator of lib­er­tar­i­an­ism. . . . Almost imme­di­ate­ly after its cre­ation [by Mur­ray Roth­bard, the Mis­es Insti­tute (head­quar­tered in Auburn, Ala.) began pub­lish­ing crit­i­cism of “com­pul­so­ry inte­gra­tion,” attacks on Abra­ham Lin­coln and apolo­gia for Con­fed­er­ate lead­ers. Insti­tute schol­ars have also spo­ken to racist groups such as the League of the South. Roth­bard even pub­lished a chap­ter in his book “The Ethics of Lib­er­ty” in which he said that “the pure­ly free soci­ety will have a flour­ish­ing free mar­ket in chil­dren,” although he didn’t spec­i­fy the races of the chil­dren who might be sold. . . . All of these pale­olib­er­tar­i­an posi­tions were offered in Duke’s 1990 Sen­ate cam­paign and 1991 guber­na­to­r­i­al cam­paign. But they were also offered by anoth­er politi­cian Roth­bard admired: Ron Paul, the Lib­er­tar­i­an Party’s pres­i­den­tial can­di­date in 1988. . . .

It should come as no sur­prise to see Snow­den and Wik­iLeaks work­ing for Trump, and that, indeed appears to under­lie the false attri­bu­tion of the DNC hack and the Shad­ow Bro­kers affair on Rus­sia.

Under­stand­ing the process of “paint­ing Oswald red” gives us per­spec­tive on the crude decep­tion involved with the “Shad­ow Bro­kers” non-hack, as well as giv­ing us an under­stand­ing of the DNC hack. Review­ing why Rus­sia is an unlike­ly cul­prit in the DNC hack: ” . . . A crit­i­cal look expos­es the sig­nif­i­cant flaws in the attri­bu­tion. First, all of the tech­ni­cal evi­dence can be spoofed. Although some argue that spoof­ing the mound of uncov­ered evi­dence is too much work, it can eas­i­ly be done by a small team of good attack­ers in three or four days. Sec­ond, the tools used by Cozy Bear appeared on the black mar­ket when they were first dis­cov­ered years ago and have been recy­cled and used against many oth­er tar­gets, includ­ing against Ger­man indus­try. The reuse and fine-tun­ing of exist­ing mal­ware hap­pens all the time. Third, the lan­guage, loca­tion set­tings, and com­pi­la­tion meta­da­ta can eas­i­ly be altered by chang­ing basic set­tings on the attacker’s com­put­er in five min­utes with­out the need of spe­cial knowl­edge. None of the tech­ni­cal evi­dence is con­vinc­ing. It would only be con­vinc­ing if the attack­ers used entire­ly nov­el, unique, and sophis­ti­cat­ed tools with unmis­tak­able indi­ca­tors point­ing to Rus­sia sup­port­ed by human intel­li­gence, not by mal­ware analy­sis.

The DNC attack­ers also had very poor, almost com­i­cal, oper­a­tional secu­ri­ty (OPSEC). State actors tend to have a qual­i­ty assur­ance review when devel­op­ing cyber­at­tack tools to min­i­mize the risk of dis­cov­ery and leav­ing obvi­ous crumbs behind. Russ­ian intel­li­gence ser­vices are espe­cial­ly good. They are high­ly capa­ble, tac­ti­cal­ly and strate­gi­cal­ly agile, and ratio­nal. They ensure that offen­sive tools are tai­lored and pro­por­tion­ate to the sig­nal they want to send, the pos­si­bil­i­ty of dis­clo­sure and pub­lic per­cep­tion, and the odds of esca­la­tion. The shod­dy OPSEC just doesn’t fit what we know about Russ­ian intel­li­gence. . . . Giv­en these argu­ments, blam­ing Rus­sia is not a slam dunk. Why would a coun­try with some of the best intel­li­gence ser­vices in the world com­mit a whole series of real­ly stu­pid mis­takes in a high­ly sen­si­tive oper­a­tion? Why pick a tar­get that has a strong chance of lead­ing to esca­la­to­ry activ­i­ty when Rus­sia is known to pre­fer incre­men­tal actions over dras­tic ones? Why go through the trou­ble of a false flag when doing noth­ing would have been arguably bet­ter?. . . ”

The appar­ent “non-hack” of the NSA by “The Shad­ow Bro­kers” also makes no sense. Note also, the clum­sy, Boris and Natasha-like bro­ken Eng­lish used to try and por­tray this as a “Russ­ian” oper­a­tion. In addi­tion, as we will see, that this does­n’t appear to be a “hack” at all.

“. . . Their claim to have ‘hacked’ a serv­er belong­ing to the NSA is fishy. Accord­ing to ex-NSA insid­ers who spoke with Busi­ness Insid­er, the agency’s hack­ers don’t just put their exploits and toolk­its online where they can poten­tial­ly be pil­fered. The more like­ly sce­nario for where the data came from, says ex-NSA research sci­en­tist Dave Aitel, is an insid­er who down­loaded it onto a USB stick. . . . When hack­ers gain access to a serv­er, they keep qui­et about it so they can stay there. . . .One of the many strange things about this inci­dent is the very pub­lic nature of what tran­spired. When a hack­er takes over your com­put­er, they don’t start acti­vat­ing your web­cam or run­ning weird pro­grams because you’d fig­ure out pret­ty quick­ly that some­thing was up and you’d try to get rid of them. . . .

 . . . If the Shad­ow Bro­kers owned the NSA’s com­mand and con­trol serv­er, then it would prob­a­bly be a much bet­ter approach to just sit back, watch, and try to piv­ot to oth­er inter­est­ing things that they might be able to find. . . . Instead, the group wrote on Paste­bin, a web­site where you can store text, that “we fol­low Equa­tion Group traf­fic. We find Equa­tion Group source range. We hack Equa­tion Group. We find many many Equa­tion Group cyber weapons,” which imme­di­ate­ly sig­nals to this alleged NSA hack­er group that they have a big prob­lem. [Note the remark­able bro­ken Eng­lish used in the post, rem­i­nis­cent of Boris and Natasha–D.E.] . . . Peo­ple sell exploits all the time, but they hard­ly ever talk about it. . . . Most of the time, an exploit is either found by a secu­ri­ty research firm, which then writes about it and reports it to the com­pa­ny so it can fix the prob­lem. Or, a hack­er look­ing for cash will take that found exploit and sell it on the black mar­ket. So it would make sense for a group like Shad­ow Bro­kers to want to sell their trea­sure trove, but going pub­lic with it is beyond strange. . . .”

Notice, how­ev­er, that Edward Snow­den not only opined that this was, indeed, a hack, where­as the evi­dence points in a dif­fer­ent direc­tion, but that “Rus­sia was behind the hack.” Do not fail to take stock of the fact that Snow­den is fore­shad­ow­ing a pos­si­ble con­tro­ver­sy over the hack­ing of vot­ing machines, echo­ing the pro­nounce­ments of Don­ald Trump, the suc­ces­sor to Eddie the Friend­ly Spook’s Pres­i­den­tial can­di­date of choice, Ron Paul. “ . . . If you ask ex-NSA con­trac­tor Edward Snow­den, the pub­lic leak and claims of the Shad­ow Bro­kers seem to have Russ­ian fin­ger­prints all over them, and it serves as a warn­ing from Moscow to Wash­ing­ton. The mes­sage: If your pol­i­cy­mak­ers keep blam­ing us for the DNC hack, then we can use this hack to impli­cate you in much more.

“That could have sig­nif­i­cant for­eign pol­i­cy con­se­quences,” Snow­den wrote on Twit­ter. “Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed US allies. Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed elec­tions.” . . . .”

The dat­ing of the code used in con­nec­tion with the cyber­weapons dates to 2013, when Snow­den down­loaded NSA files onto USB sticks and went to Hong Kong from Hawaii. Note, again, that Snow­den points to hack­ing, rather than the much more like­ly sce­nario of some­one down­load­ing infor­ma­tion onto USB sticks, as Snow­den did. ” . . . . Snow­den also not­ed that the released files end in 2013. ‘When I came for­ward, NSA would have migrat­ed offen­sive oper­a­tions to new servers as a pre­cau­tion,’ he sug­gest­ed — a move that would have cut off the hack­ers’ access to the serv­er. . . .” 

There is an impor­tant legal prin­ci­ple that is worth con­sid­er­ing, the con­cept of “con­scious­ness of guilt.” If some­one can be proved to have tak­en steps to cov­er up the com­mis­sion of a crime, that is con­sid­ered suf­fi­cient evi­dence to indict the per­son for the orig­i­nal crime. Here, we have Snow­den say­ing “Yup, Rus­sia did it” in spite of indi­ca­tions that such was not the case and “Yup, it was a hack” where­as that appears unlike­ly.

Evi­dence points in the direc­tion of “Team Snow­den,” the WikiLeaks/Snowden/Greenwald milieu we have been research­ing for years.

Per­haps no oth­er author/investigator has done as much writ­ing about NSA as James Bam­ford. In his obser­va­tions about “The Shad­ow Bro­kers” non-hack, he high­lights the actions of Jacob Apple­baum, the Wik­iLeak­er who appears to have been deeply involved with get­ting Snow­den from Hawaii to Hong Kong. Apple­baum is also a fierce oppo­nent of Hillary Clin­ton.

“ . . . . Experts who have ana­lyzed the files sus­pect that they date to Octo­ber 2013, five months after Edward Snow­den left his con­trac­tor posi­tion with the NSA and fled to Hong Kong car­ry­ing flash dri­ves con­tain­ing hun­dreds of thou­sands of pages of NSA doc­u­ments. . . . There also seems to be a link between Assange and the leak­er who stole the ANT cat­a­log, and the pos­si­ble hack­ing tools. Among Assange’s close asso­ciates is Jacob Appel­baum, a cel­e­brat­ed hack­tivist and the only pub­licly known Wik­iLeaks staffer in the Unit­ed States – until he moved to Berlin in 2013 in what he called a “polit­i­cal exile” because of what he said was repeat­ed harass­ment by U.S. law enforce­ment per­son­nel. In 2010, a Rolling Stone mag­a­zine pro­file labeled him “the most dan­ger­ous man in cyber­space.”

In Decem­ber 2013, Appel­baum was the first per­son to reveal the exis­tence of the ANT cat­a­log, at a con­fer­ence in Berlin, with­out iden­ti­fy­ing the source. That same month he said he sus­pect­ed the U.S. gov­ern­ment of break­ing into his Berlin apart­ment. He also co-wrote an arti­cle about the cat­a­log in Der Spiegel. But again, he nev­er named a source, which led many to assume, mis­tak­en­ly, that it was Snow­den. . . .

. . . . Short­ly there­after, he turned his atten­tion to Hillary Clin­ton. At a screen­ing of a doc­u­men­tary about Assange in Cannes, France, Appel­baum accused her of hav­ing a grudge against him and Assange, and that if she were elect­ed pres­i­dent, she would make their lives dif­fi­cult. “It’s a sit­u­a­tion that will pos­si­bly get worse” if she is elect­ed to the White House, he said, accord­ing to Yahoo News. . . .”

The “Shad­ow Bro­kers” also went after Hillary Clin­ton in the Boris and Natasha-like bro­ken Eng­lish: ” . . . . In hack­tivist style, and in what appears to be pho­ny bro­ken Eng­lish, this new release of cyber­weapons also seems to be tar­get­ing Clin­ton. It ends with a long and angry ‘final mes­sage” against ‘Wealthy Elites . . . break­ing laws’ but ‘Elites top friends announce, no law bro­ken, no crime commit[ed]. . . Then Elites run for pres­i­dent. Why run for pres­i­dent when already con­trol coun­try like dic­ta­tor­ship?’ . . . .”

Anoth­er piece of cir­cum­stan­tial evi­dence point­ing in the direc­tion of “Team Snow­den” con­cerns the fact that the “Shad­ow Bro­kers” used a Ger­man e‑mail provider.

Since Appel­baum is cur­rent­ly liv­ing in Berlin it’s worth not­ing that the email address that appears to be used by the Shad­ow Bro­kers is a Ger­man email provider with a pol­i­cy of coop­er­at­ing with legal author­i­ties as lit­tle as pos­si­ble and only hand­ing over encrypt­ed data when giv­en a court order.

In addi­tion to Apple­baum (who appears to have assist­ed Snow­den in get­ting from Hawaii to Hong Kong), Lau­ra Poitras (Glenn Green­wald’s asso­ciate), Sarah Har­ri­son (Assange’s ex-girl­friend who assist­ed Snow­den in his flight from Hong Kong to Moscow) and Peter Sunde (who found­ed the Pirate Bay web­site on which Wik­iLeaks held forth) are all res­i­dent in Ger­many at this time.

“ . . . He said Tutan­o­ta had only ever been forced to hand over encrypt­ed data of its users a few times and it has a trans­paren­cy report where it dis­clos­es those cas­es. ‘How­ev­er, we release data only in very, very few cas­es … And when we have to pro­vide the data due to a court order, it is still encrypt­ed,’ Pfau added, going on to explain the company’s stance on sur­veil­lance. . . .”

Against this back­ground, we again take stock of the fact that Roger Stone, the Trump cam­paign’s vet­er­an GOP dirty-tricks spe­cial­ist, has reit­er­at­ed that he is work­ing direct­ly with Julian Assange to tor­pe­do the Clin­ton cam­paign.  “. . . . On the C‑SPAN show, Stone told Politico’s Alex Isen­stadt of his com­mu­ni­ca­tion to Assange ‘through an intermediary—somebody who is a mutu­al friend’ —regard­ing the 30,000 emails the Clin­ton staff delet­ed before turn­ing over the con­tents of the serv­er to Jus­tice Depart­ment inves­ti­ga­tors[Who might that “mutu­al friend” be–D.E.]. . .

‘Well, first of all, I think Julian Assange is a hero; I think he’s tak­ing on the deep state, both Repub­li­can and Demo­c­rat,’ Stone began. He went on to say, ‘I believe that he is in pos­ses­sion of all of those emails that Huma Abe­din and Cheryl Mills, the Clin­ton aides, believe they delet­ed. That and a lot more. These are like the Water­gate tapes…’ (Video below: Go to time­stamp 15:15.)

Stone knows a thing or two about the Water­gate scan­dal, in which he played a minor role before mov­ing on to big­ger oper­a­tions, such as the 2000 ‘Brooks Broth­ers riot’ in Flori­da, when Stone orga­nized dozens of Repub­li­can con­gres­sion­al staffers to storm the elec­tion board in Mia­mi-Dade Coun­ty, Flori­da, where a recount of pres­i­den­tial elec­tion bal­lots was tak­ing place.

‘I don’t know that this is going to hap­pen in Octo­ber,’ Stone said of a poten­tial Wik­iLeaks dump of Clin­ton cor­re­spon­dence. ‘There is an enor­mous amount of mate­r­i­al here. Mr. Assange could, the­o­ret­i­cal­ly, drop a tranche of doc­u­ments before each one of [the pres­i­den­tial] debates.’ . . . .”

Pro­gram High­lights Include:

1. In a tran­si­tion­al ele­ment from FTR #922, the last of our pro­grams deal­ing with the Trumpenkampfver­bande, we note that Don­ald Trump’s ide­ol­o­gy and rhetoric are a devel­op­ment and ampli­fi­ca­tion of what we termed “The Paulis­tin­ian Lib­er­tar­i­an Orga­ni­za­tion.”  In FTR #‘s 755, 758 and 759, we have fur­ther devel­oped the rela­tion­ship between the Ron Paul milieu and WikiLeaks/Team Snow­den.

“Where Did Don­ald Trump Get His Racial­ized Rhetoric? From Lib­er­tar­i­ans” by Matthew Sheffield ; The Wash­ing­ton Post; 9/02/2016.

The inter­sec­tion of white nation­al­ism, the alt-right and Ron Paul

Hillary Clin­ton and her cam­paign have been going out of their way to make a sur­pris­ing argu­ment about Don­ald Trump: He’s not real­ly a Repub­li­can.

At the Demo­c­ra­t­ic con­ven­tion, sev­er­al speak­ers said Trump rep­re­sent­ed a com­plete break from the con­ser­v­a­tive tra­di­tions of the GOP. Last month, Clin­ton deliv­ered a sim­i­lar mes­sage in a speech link­ing Trump to the white-nation­al­ist polit­i­cal move­ment known as the “alt-right.” “This is not con­ser­vatism as we have known it,” she assert­ed.

Accord­ing to Clin­ton — and many con­ser­v­a­tive intel­lec­tu­als who oppose Trump — the con­spir­a­to­r­i­al, wink­ing-at-racists cam­paign he has been run­ning rep­re­sents a nov­el depar­ture from Repub­li­can pol­i­tics.

That’s not quite true, though. Trump’s style and posi­tions — endors­ing and con­sort­ing with 9/11 truthers, pro­mot­ing online racists, using fake sta­tis­tics— draw on a now-obscure polit­i­cal strat­e­gy called “pale­olib­er­tar­i­an­ism,” which was once quite pop­u­lar among some Repub­li­cans, espe­cial­ly for­mer pres­i­den­tial can­di­date Ron Paul.

For­mal­ly, Sen. Rand Paul (R‑Ky.) may be his father’s polit­i­cal heir. But there’s no ques­tion that the para­noid and semi-racial­ist mien fre­quent­ly favored by Trump orig­i­nates in the fevered swamps that the elder Paul dwelled in for decades. Most peo­ple who back Trump don’t do so for racist rea­sons, but it’s incred­i­ble how many of the same white nation­al­ists and con­spir­a­cy the­o­rists to whom Ron Paul once catered are now ardent Trump sup­port­ers. It’s because Trump and Paul speak the same lan­guage.

Main­stream lib­er­tar­i­ans have been ago­niz­ing over this lega­cy among them­selves for some time, hop­ing that either the elder or younger Paul would defin­i­tive­ly denounce the movement’s racial­ist past, but no such speech has ever come. Instead, the pale­olib­er­tar­i­an strat­e­gy con­coct­ed decades ago as a way to push for min­i­mal gov­ern­ment threat­ens to replace right-wing lib­er­tar­i­an­ism with white nation­al­ism.

* * *

The fig­ure whose ideas uni­fy Pauline lib­er­tar­i­ans and today’s Trump­ists is the late Mur­ray Roth­bard, an econ­o­mist who co-found­ed the Cato Insti­tute and is wide­ly regard­ed as the cre­ator of lib­er­tar­i­an­ism.

Nowa­days, many lib­er­tar­i­ans like to por­tray their ide­ol­o­gy as one that some­how tran­scends the left-right divide, but to Roth­bard, this was non­sense. Lib­er­tar­i­an­ism, he argued, was noth­ing more than a restate­ment of the beliefs of the “Old Right,” which res­olute­ly opposed the New Deal and any sort of for­eign inter­ven­tion in the ear­ly 20th cen­tu­ry. Many of its adher­ents, such as essay­ist H.L. Menck­en, espoused racist view­points, as well.

As mod­er­ate Repub­li­cans such as Dwight Eisen­how­er and “New Right” Chris­t­ian con­ser­v­a­tives such as William F. Buck­ley became more influ­en­tial with­in the Repub­li­can Par­ty in the 1950s and ’60s, the future cre­ators of lib­er­tar­i­an­ism grav­i­tat­ed instead toward the work of sec­u­lar anti-com­mu­nist thinkers such as econ­o­mist Lud­wig von Mis­es and nov­el­ist Ayn Rand.

There had always been some sym­pa­thy for racism and anti-Semi­tism among lib­er­tar­i­ans — the movement’s house mag­a­zine, Rea­son, ded­i­cat­ed an entire issue in 1976 to “his­tor­i­cal revi­sion­ism,” includ­ing Holo­caust revi­sion­ism. It also repeat­ed­ly ran arti­cles in defense of South Africa’s then-seg­re­ga­tion­ist gov­ern­ment (though by 2016, the mag­a­zine was run­ning arti­cles like “Don­ald Trump Enables Racism”). But it was Rothbard’s found­ing of the Lud­wig von Mis­es Insti­tute in 1982 that enabled the fledg­ling polit­i­cal move­ment to estab­lish affin­i­ty with the neo-Con­fed­er­ate Lost Cause move­ment.

Almost imme­di­ate­ly after its cre­ation, the Mis­es Insti­tute (head­quar­tered in Auburn, Ala.) began pub­lish­ing crit­i­cism of “com­pul­so­ry inte­gra­tion,” attacks on Abra­ham Lin­coln and apolo­gia for Con­fed­er­ate lead­ers. Insti­tute schol­ars have also spo­ken to racist groups such as the League of the South. Roth­bard even pub­lished a chap­ter in his book “The Ethics of Lib­er­ty” in which he said that “the pure­ly free soci­ety will have a flour­ish­ing free mar­ket in chil­dren,” although he didn’t spec­i­fy the races of the chil­dren who might be sold.

These and many oth­er con­tro­ver­sial views advo­cat­ed by Mis­es writ­ers make sense from a fanat­i­cal lib­er­tar­i­an view­point. But they also orig­i­nate in a polit­i­cal cal­cu­la­tion Roth­bard revealed in a 1992 essay lament­ing the defeat of Repub­li­can white nation­al­ist and for­mer Ku Klux Klan leader David Duke in the 1991 Louisiana governor’s race by a bipar­ti­san coali­tion.

Expand­ing on themes raised two years ear­li­er by his long­time part­ner and friend Llewellyn “Lew” Rock­well, an edi­tor and fundrais­er for lib­er­tar­i­an caus­es, Roth­bard argued that Duke’s can­di­da­cy was vital­ly impor­tant because it made clear that the “old Amer­i­ca” had been over­thrown by “an updat­ed, twen­ti­eth-cen­tu­ry coali­tion of Throne and Altar” and its “State Church” of gov­ern­ment offi­cials, jour­nal­ists and social sci­en­tists.

Besides com­mend­ing Duke as an exem­plar of the kind of can­di­date he was look­ing to sup­port, Roth­bard also invoked the “excit­ing” for­mer sen­a­tor Joe McCarthy of Wis­con­sin — not because of his eco­nom­ic views but because he was a brash pop­ulist prone to doing errat­ic things. Rothbard’s descrip­tion of McCarthy seems eeri­ly sim­i­lar to the cam­paign that Trump has been run­ning:

“The fas­ci­nat­ing, the excit­ing, thing about Joe McCarthy was pre­cise­ly his ‘means’ — his right-wing pop­ulism: his will­ing­ness and abil­i­ty to reach out, to short-cir­cuit the pow­er elite: lib­er­als, cen­trists, the media, the intel­lec­tu­als, the Pen­ta­gon, Rock­e­feller Repub­li­cans, and reach out and whip up the mass­es direct­ly. … With Joe McCarthy there was a sense of dynamism, of fear­less­ness, and of open-end­ed­ness, as if, whom would he sub­poe­na next?”

To solve the prob­lem that few Amer­i­cans are inter­est­ed in small gov­ern­ment, Roth­bard argued that lib­er­tar­i­ans need­ed to align them­selves with peo­ple they might not like much in order to expand their num­bers. “Out­reach to the Red­necks” was need­ed to make com­mon cause with far-right Chris­t­ian con­ser­v­a­tives who hat­ed the fed­er­al gov­ern­ment, dis­liked drugs and want­ed to crack down on crime.

All of these pale­olib­er­tar­i­an posi­tions were offered in Duke’s 1990 Sen­ate cam­paign and 1991 guber­na­to­r­i­al cam­paign. But they were also offered by anoth­er politi­cian Roth­bard admired: Ron Paul, the Lib­er­tar­i­an Party’s pres­i­den­tial can­di­date in 1988.

Roth­bard and Paul had known and worked with each oth­er in the 1970s, when they came to know Rock­well. Rock­well would work close­ly with both men, serv­ing as Paul’s con­gres­sion­al chief of staff until he left to found the Mis­es Insti­tute with Roth­bard.

Rock­well also was the edi­tor of a series of print­ed newslet­ters for both men in the ensu­ing decades. Paul’s pub­li­ca­tions became famous dur­ing his Repub­li­can pres­i­den­tial cam­paigns. Their con­tro­ver­sial nature is no sur­prise, giv­en that Paul had coy­ly endorsed the pale­olib­er­tar­i­an strat­e­gy short­ly after it was devised.

Sold under var­i­ous titles, the high­ly lucra­tive newslet­ters fre­quent­ly stoked racial fears, sim­i­lar to what Trump has been doing this year, though they went fur­ther — one even gave advice on using an unreg­is­tered gun to shoot “urban youth.” Anoth­er issue mocked black Amer­i­cans by propos­ing alter­na­tive names for New York City such as “Zooville” and “Rapetown,” while urg­ing black polit­i­cal demon­stra­tors to hold their protests “at a food stamp bureau or a crack house.”

The pub­li­ca­tions also repeat­ed­ly pro­mot­ed the work of Jared Tay­lor, a white nation­al­ist writer and edi­tor who is today one of Trump’s most promi­nent alt-right back­ers. Arti­cles also fea­tured anti-Semit­ic con­spir­a­cy the­o­ries and fre­quent rants against gay men.

Paul lat­er said he didn’t write the newslet­ters. But regard­less of their author­ship, the image they cre­at­ed made him attrac­tive to white nation­al­ists. Those sup­port­ers weren’t numer­ous enough to get Paul the GOP pres­i­den­tial nom­i­na­tion, how­ev­er, and pale­olib­er­tar­i­an­ism began fiz­zling out.

In the past few years, how­ev­er, it’s been reborn as the alt-right, as a new gen­er­a­tion of lib­er­tar­i­ans dis­cov­ered their hid­den her­itage and began embrac­ing racism and con­spir­a­cy the­o­ries. Many alt-right writ­ers trace their roots to Roth­bard. As one of them, Gre­go­ry Hood, put it, pale­olib­er­tar­i­an the­o­ries about race and democ­ra­cy “helped lead to the emer­gence [of the] Alter­na­tive Right.” Rothbard’s call for “sov­er­eign nations based on race and eth­nic­i­ty” is very sim­i­lar to beliefs Trump’s alt-right sup­port­ers express today.

In 2016, many, if not most, of the extrem­ists who for­mer­ly sup­port­ed Paul have ral­lied to Trump’s side. In 2007, Paul won an endorse­ment and a $500 cam­paign con­tri­bu­tion from Don Black, the own­er of Storm­front, a self-described “white pride” Web forum. Despite a tor­rent of crit­i­cism, Paul refused to return the mon­ey. This March, Black encour­aged his radio lis­ten­ers to vote for Trump, even if he wasn’t per­fect.

After Rand Paul came to the Sen­ate in 2011, and as he even­tu­al­ly began plan­ning his own pres­i­den­tial cam­paign, there was some spec­u­la­tion that con­ser­v­a­tives might be enter­ing a “lib­er­tar­i­an moment.” Things didn’t turn out that way. Instead, the Amer­i­can right seems to have entered a pale­olib­er­tar­i­an moment.

2. Roger Stone recent­ly gave anoth­er inter­view where he repeat­ed his claim that he’s in con­tact with Julian Assange and hint­ed at the like­ly nature of a pos­si­ble Wik­ileaks “Octo­ber Sur­prise”, although he not­ed that it might hap­pen soon­er than Octo­ber and Assange might just do strate­gic dumps before the three pres­i­den­tial debates.

Stone also briefly men­tioned one top­ic that is like­ly going to be in at least one of those leaks: “I believe that he is in pos­ses­sion of all of those emails that Huma Abe­din and Cheryl Mills, the Clin­ton aides, believe they delet­ed. That and a lot more. These are like the Water­gate tapes.” Keep in mind that the right-wing has long tried to smear Huma Abe­din with Mus­lim Broth­er­hood ties and Roger Stone recent­ly sug­gest­ed she’s a ter­ror­ist agent. While there may very well be a num­ber of leaks  over the next cou­ple of months, at least one of them may to try to sug­gest that Hillary is a ter­ror­ist agent:

“Trump Dirty Trick­ster Roger Stone: How ‘Hero’ Assange Could Help Our Cam­paign” by Adele M. Stan; Alter­Net; 8/22/2016.

The con­spir­acist reveals he’s been in touch with the Wik­iLeaks founder regard­ing Clin­ton emails—and when to dump them on the media.

In an inter­view that aired Sun­day on C‑SPAN’s “News­mak­ers” pro­gram, Roger Stone, the off-the-books Trump advis­er, reit­er­at­ed his claim that he has been in touch with Wik­iLeaks founder Julian Assange.

Assange post­ed the hacked emails of the Demo­c­ra­t­ic Nation­al Com­mit­tee to his site, as well as a data­base of emails from Hillary Clinton’s pri­vate email serv­er, which the for­mer sec­re­tary of state used to com­mu­ni­cate with State Depart­ment aides dur­ing her tenure in the Cab­i­net.

Stone, a long­time Repub­li­can polit­i­cal oper­a­tive and dirty trick­ster, pur­port­ed­ly either resigned or was fired from the pres­i­den­tial cam­paign of Don­ald Trump last year but con­tin­ues to be deeply involved with the cam­paign, espe­cial­ly the ele­ments of its mes­sag­ing that advance the con­spir­a­cy the­o­ries of the right. In the inter­view, he described his rela­tion­ship to the Trump cam­paign this way: “I count myself as a Trump friend—kind of like Sid­ney Blu­men­thal [is to the Clin­tons]; I have no for­mal nor infor­mal role, but I do have access to all the right peo­ple.”

On the C‑SPAN show, Stone told Politico’s Alex Isen­stadt of his com­mu­ni­ca­tion to Assange “through an intermediary—somebody who is a mutu­al friend”—regard­ing the 30,000 emails the Clin­ton staff delet­ed before turn­ing over the con­tents of the serv­er to Jus­tice Depart­ment inves­ti­ga­tors. (Clin­ton main­tains that only emails of a per­son­al nature were delet­ed.) Asked to cor­rob­o­rate Assange’s threat of “an Octo­ber sur­prise” to stem from that trove, Stone offered a sug­ges­tion he clear­ly deemed to be more help­ful to the Trump cam­paign.

“Well, first of all, I think Julian Assange is a hero; I think he’s tak­ing on the deep state, both Repub­li­can and Demo­c­rat,” Stone began. He went on to say, “I believe that he is in pos­ses­sion of all of those emails that Huma Abe­din and Cheryl Mills, the Clin­ton aides, believe they delet­ed. That and a lot more. These are like the Water­gate tapes…” (Video below: Go to time­stamp 15:15.)

Stone knows a thing or two about the Water­gate scan­dal, in which he played a minor role before mov­ing on to big­ger oper­a­tions, such as the 2000 “Brooks Broth­ers riot” in Flori­da, when Stone orga­nized dozens of Repub­li­can con­gres­sion­al staffers to storm the elec­tion board in Mia­mi-Dade Coun­ty, Flori­da, where a recount of pres­i­den­tial elec­tion bal­lots was tak­ing place.

“I don’t know that this is going to hap­pen in Octo­ber,” Stone said of a poten­tial Wik­iLeaks dump of Clin­ton cor­re­spon­dence. “There is an enor­mous amount of mate­r­i­al here. Mr. Assange could, the­o­ret­i­cal­ly, drop a tranche of doc­u­ments before each one of [the pres­i­den­tial] debates.” . . . .

3. Next, we review infor­ma­tion pre­sent­ed in FTR #917. An inter­est­ing piece by Dr. San­dro Gay­ck­en, a Berlin-based for­mer ‘hack­tivist’ who now advis­es NATO and the Ger­man gov­ern­ment on cyber-secu­ri­ty mat­ters, makes the case that the evi­dence impli­cat­ing Rus­sia was very much the type of evi­dence a tal­ent­ed team could spoof. He also notes that some of the tools used in the hack were the same used last year when Angela Merkel’s com­put­er was hacked and used to infect oth­er com­put­ers at the Bun­destag. That hack was also blamed on Russ­ian hack­ers. But, again, as the arti­cle below points out, when the evi­dence for who is respon­si­ble is high­ly spoofa­ble, con­fi­dent­ly assign­ing blame is almost too easy:

 “Blam­ing Rus­sia For the DNC Hack Is Almost Too Easy” by Dr. San­dro Gay­ck­en; Coun­cil on For­eign Rela­tions Blog; 8/01/2016.

Dr. San­dro Gay­ck­en is the Direc­tor of the Dig­i­tal Soci­ety Insti­tute, a for­mer hack­tivist, and a strate­gic advi­sor to NATO, some Ger­man DAX-com­pa­nies and the Ger­man gov­ern­ment on cyber mat­ters.

The hack of the Demo­c­ra­t­ic Nation­al Com­mit­tee (DNC) def­i­nite­ly looks Russ­ian. The evi­dence is com­pelling. The tools used in the inci­dent appeared in pre­vi­ous cas­es of alleged Russ­ian espi­onage, some of which appeared in the Ger­man Bun­destag hack. The attack­ers, dubbed Cozy Bear and Fan­cy Bear, have been known for years and have long been rumored to have a Russ­ian con­nec­tion. Oth­er indi­ca­tors such as IP address­es, lan­guage and loca­tion set­tings in the doc­u­ments’ meta­da­ta and code com­pi­la­tion point to Rus­sia. The Krem­lin is also known to prac­tice influ­ence oper­a­tions, and a leak before the Democ­rats’ con­ven­tion fits that pro­file as does laun­der­ing the infor­ma­tion through a third par­ty like Wik­ileaks. Final­ly, the cui bono makes sense as well; Rus­sia may favor Don­ald Trump giv­en his Putin-friend­ly state­ments and his views on NATO.

Alto­geth­er, it looks like a clean-cut case. But before accus­ing a nuclear pow­er like Rus­sia of inter­fer­ing in a U.S. elec­tion, these argu­ments should be thor­ough­ly and skep­ti­cal­ly scru­ti­nized.

A crit­i­cal look expos­es the sig­nif­i­cant flaws in the attri­bu­tion. First, all of the tech­ni­cal evi­dence can be spoofed. Although some argue that spoof­ing the mound of uncov­ered evi­dence is too much work, it can eas­i­ly be done by a small team of good attack­ers in three or four days. Sec­ond, the tools used by Cozy Bear appeared on the black mar­ket when they were first dis­cov­ered years ago and have been recy­cled and used against many oth­er tar­gets, includ­ing against Ger­man indus­try. The reuse and fine-tun­ing of exist­ing mal­ware hap­pens all the time. Third, the lan­guage, loca­tion set­tings, and com­pi­la­tion meta­da­ta can eas­i­ly be altered by chang­ing basic set­tings on the attacker’s com­put­er in five min­utes with­out the need of spe­cial knowl­edge. None of the tech­ni­cal evi­dence is con­vinc­ing. It would only be con­vinc­ing if the attack­ers used entire­ly nov­el, unique, and sophis­ti­cat­ed tools with unmis­tak­able indi­ca­tors point­ing to Rus­sia sup­port­ed by human intel­li­gence, not by mal­ware analy­sis.

The DNC attack­ers also had very poor, almost com­i­cal, oper­a­tional secu­ri­ty (OPSEC). State actors tend to have a qual­i­ty assur­ance review when devel­op­ing cyber­at­tack tools to min­i­mize the risk of dis­cov­ery and leav­ing obvi­ous crumbs behind. Russ­ian intel­li­gence ser­vices are espe­cial­ly good. They are high­ly capa­ble, tac­ti­cal­ly and strate­gi­cal­ly agile, and ratio­nal. They ensure that offen­sive tools are tai­lored and pro­por­tion­ate to the sig­nal they want to send, the pos­si­bil­i­ty of dis­clo­sure and pub­lic per­cep­tion, and the odds of esca­la­tion. The shod­dy OPSEC just doesn’t fit what we know about Russ­ian intel­li­gence.

The claim that Guc­cifer 2.0 is a Russ­ian false flag oper­a­tion may not hold up either. If Rus­sia want­ed to cov­er up the fact it had hacked the DNC, why cre­ate a pseu­do­nym that could only attract more atten­tion and pub­lish emails? Dump­ing a trove of doc­u­ments all at once is less valu­able than cher­ry pick­ing the most dam­ag­ing infor­ma­tion and strate­gi­cal­ly leak­ing it in a craft­ed and tar­get­ed fash­ion, as the FSB, SVR or GRU have prob­a­bly done in the past. Also, leak­ing to Wik­ileaks isn’t hard. They have a sub­mis­sion form.

Giv­en these argu­ments, blam­ing Rus­sia is not a slam dunk. Why would a coun­try with some of the best intel­li­gence ser­vices in the world com­mit a whole series of real­ly stu­pid mis­takes in a high­ly sen­si­tive oper­a­tion? Why pick a tar­get that has a strong chance of lead­ing to esca­la­to­ry activ­i­ty when Rus­sia is known to pre­fer incre­men­tal actions over dras­tic ones? Why go through the trou­ble of a false flag when doing noth­ing would have been arguably bet­ter? Last­ly, how does Rus­sia ben­e­fit from pub­licly back­ing Don­ald Trump giv­en that Repub­li­cans have been skep­ti­cal of improv­ing rela­tions?

The evi­dence and infor­ma­tion in the pub­lic domain strong­ly sug­gests Rus­sia was behind the DNC hack, even though Russ­ian intel­li­gence ser­vices would have had the choice of not mak­ing it so clear cut giv­en what we know about their tools, tac­tics, pro­ce­dures, and think­ing.

The DNC hack leads to at least four “what if” ques­tions, each with its own sig­nif­i­cant pol­i­cy con­se­quences. First, if Rus­sia had poor oper­a­tional secu­ri­ty and mis­judged its tar­get, it needs to be edu­cat­ed about the sen­si­tiv­i­ty of cer­tain tar­gets in its favorite adver­sary coun­tries to avoid a repeat of this dis­as­ter. Sec­ond, if Rus­sia delib­er­ate­ly hacked the DNC to leak con­fi­den­tial infor­ma­tion, it would rep­re­sent a strate­gic esca­la­tion on behalf of the Krem­lin and the world would need to pre­pare for dif­fi­cult times ahead. Third, if the breach and leak were per­pe­trat­ed by a bunch of ran­dom activists using the pseu­do­nym “Guc­cifer 2.0“, it would be the first instance of non-state actors suc­ceed­ing in cre­at­ing a glob­al inci­dent with severe strate­gic impli­ca­tions, demand­ing more con­trol of such enti­ties and a much bet­ter design of esca­la­to­ry process­es among nations. Final­ly, it is entire­ly pos­si­ble that this was a false flag oper­a­tion by an unknown third par­ty to esca­late ten­sions between nuclear super­pow­ers. If this is the case, this par­ty has to be uncov­ered. . . .

4. More about cyber-secu­ri­ty experts who view the “Russ­ian intel­li­gence” hack­ing of DNC com­put­ers as sus­pi­cious­ly trans­par­ent:

“Rus­sia Want­ed to Be Caught, Says Com­pa­ny Wag­ing War on the DNC Hack­ers” by Patrick Tuck­er; Defense One; 7/28/2016.

. . . . But secu­ri­ty expert Jeff Carr thought the smoke off this smok­ing-gun was a bit too thick. In his minor­i­ty report, he asks: what kind of spy ring tags their stolen docs before releas­ing them under a cov­er?

“Raise your hand if you think that a GRU or FSB offi­cer would add Iron Felix’s name to the meta­da­ta of a stolen doc­u­ment before he released it to the world while pre­tend­ing to be a Roman­ian hack­er. Some­one clear­ly had a wicked sense of humor,” he wrote. . . . .

. . . . Crowd­strike pres­i­dent Shawn Hen­ry is dubi­ous. “I don’t know what kind of for­eign intel­li­gence ser­vice con­duct­ing a covert oper­a­tion wants to be found,” he said on Thurs­day, but added that Crowd­Strike picked up the DNC hack with­in 48 hours and that it “wasn’t dif­fi­cult.” . . . .

5. The high-pro­file hack attacks of 2016 heat­ed up again with the release of cyber­weapons appar­ent­ly belong­ing to the NSA.

Note the attempt at pin­ning the blame on Rus­sia, despite the fact that this oper­a­tion, like the DNC hack does not fit the pro­file of a Russ­ian cyber-espi­onage oper­a­tion. Note also, the clum­sy, Boris and Natasha-like bro­ken Eng­lish used to try and por­tray this as a “Russ­ian” oper­a­tion.

Note, also, as we will see, that this does­n’t appear to be a “hack” at all.

“Group Claims to Have U.S. Gov­ern­ment Hack­ing Tools for Sale” by Robert McMil­lan; The Wall Street Jour­nal; 8/15/2016.

Secu­ri­ty experts doubt pre­vi­ous­ly unknown hack­ers have access to NSA-linked cyber­weapons

A pre­vi­ous­ly unknown hack­ing group claims to have bro­ken into a cyberes­pi­onage orga­ni­za­tion linked to the Nation­al Secu­ri­ty Agency and is offer­ing to sell what it says are U.S. gov­ern­ment hack­ing tools.

The group, call­ing itself the “Shad­ow Bro­kers,” said in an inter­net post on Sat­ur­day that it had access to a “full state spon­sor tool set” of cyber­weapons. To back up its claims, the group post­ed what appears to be attack code that tar­gets secu­ri­ty soft­ware on routers that direct com­put­er traf­fic around the inter­net.

In a post writ­ten in bro­ken Eng­lish, the Shad­ow Bro­kers offered to sell a com­plete trove of tools to the high­est bid­der. The group said if it is paid one mil­lion bit­coin, val­ued at rough­ly $568 mil­lion, it will release the tools pub­licly.

Secu­ri­ty experts doubt the group has access to the hack­ing trea­sure trove that it boasts, but sev­er­al said the code it released appears to be legit­i­mate. It affects routers built by three U.S. firms— Cis­co Sys­tems Inc., Juniper Net­works Inc. and Fortinet Inc.—and two Chi­nese companies—Shaanxi Net­work­cloud Infor­ma­tion Tech­nol­o­gy Co. and Bei­jing Topsec Net­work Secu­ri­ty Tech­nol­o­gy Co.

A Cis­co spokes­woman said her com­pa­ny was inves­ti­gat­ing the inci­dent, but “so far, we have not found any new vul­ner­a­bil­i­ties.”

A Fortinet rep­re­sen­ta­tive didn’t have a com­ment. Juniper, Topsec and Shaanxi Net­work­cloud didn’t imme­di­ate­ly respond to requests for com­ment.

The Shad­ow Bro­kers’ claims are still being ana­lyzed by secu­ri­ty experts. If true, they would reflect an unprece­dent­ed breach of a com­put­er-espi­onage out­fit dubbed the “Equa­tion Group.”

In a report last year, Russ­ian com­put­er secu­ri­ty firm Kasper­sky Lab ZAO said the Equa­tion Group launched hack­ing efforts against gov­ern­ments, telecom­mu­ni­ca­tions com­pa­nies and oth­er orga­ni­za­tions in coun­tries such as Rus­sia, Iraq and Iran. Kasper­sky didn’t name any U.S. agen­cies in its report, but it appeared to detail the kind of work typ­i­cal­ly con­duct­ed by the NSA.

The NSA didn’t return mes­sages seek­ing com­ment. In the past, the agency has nei­ther con­firmed nor denied involve­ment with the Equa­tion Group.

In an inter­net post, the Shad­ow Bro­kers rail against “wealthy elites.” The Shad­ow Bro­kers didn’t respond to email and Twit­ter mes­sages seek­ing com­ment.

Secu­ri­ty experts who have exam­ined the code pub­lished by the hack­ers said it appears to con­tain gen­uine NSA pro­grams that could manip­u­late or redi­rect com­put­er traf­fic as it pass­es through a router.

“The more we look at it…it looks more and more like a tool kit from the NSA,” said Matt Suiche, the founder of Comae Tech­nolo­gies FZE, a com­put­er-secu­ri­ty start­up based in the Unit­ed Arab Emi­rates.

“It looks gen­uine,” said Nicholas Weaver, a researcher with the Inter­na­tion­al Com­put­er Sci­ence Insti­tute, a non­prof­it research cen­ter affil­i­at­ed with the Uni­ver­si­ty of Cal­i­for­nia, Berke­ley. Mr. Weaver said that, in addi­tion to the router-attack pro­grams, the code includes tools that would be avail­able only to some­one with access to NSA com­put­ers and tools that appear to inter­act with NSA soft­ware described in doc­u­ments leaked by for­mer NSA con­trac­tor Edward Snow­den.

How­ev­er, secu­ri­ty experts ques­tioned the ran­som demand, say­ing it was unlike­ly any­one would pay mil­lions for the promised tools, sight unseen. Mr. Weaver believes the bit­coin auc­tion scheme was most like­ly a dis­trac­tion to obscure who­ev­er obtained the doc­u­ments.

“Who­ev­er stole the data wants the world to know that they stole it,” he said in an email mes­sage. “The sus­pect list is almost cer­tain­ly short—Russia or Chi­na, and giv­en the recent espi­onage trou­bles between the U.S. and Rus­sia, prob­a­bly the for­mer.”

Ben John­son, co-founder of Car­bon Black Inc. and a for­mer NSA com­put­er sci­en­tist, cau­tioned that the Equa­tion Group hasn’t been defin­i­tive­ly linked to the NSA and that it is unclear how much data was tak­en.

“Peo­ple should not be think­ing that the NSA has been hacked,” he said. “Cer­tain­ly there’s been some effort put into [the Shad­ow Bro­kers’ data], but I’m by no means con­vinced that this is a full toolset of a nation state.”

6. At the same time, as with the DNC email hacks, this lat­est “hack” is both con­spic­u­ous­ly high pro­file and appears to involve con­spic­u­ous­ly atyp­i­cal hack­ing behav­iors. For instance, as the arti­cle below points out, the phe­nom­e­non of hack­ers sell­ing exploits they dis­cov­er is quite com­mon­place. It isn’t com­mon­place to sell the exploit to the entire world with an absurd­ly high price tag.

Anoth­er rea­son to assume the mil­lion bit­coin price is just a the­atrics is the fact that Wik­ileaks announced they’re going to be releas­ing the entire alleged NSA toolk­it. So the hack­ers ask­ing for half a bil­lion dol­lars also appar­ent­ly decid­ed to give their toolk­it to Wik­ileaks so it could leak it to the world for free. That’s a bit odd.

Still, the notion that there’s a group out there hack­ing NSA servers should raise some eye­brows whether it’s the Rus­sians like every­one is assum­ing (and the hack­ers clear­ly want us to assume) or some oth­er group. It’s worth not­ing that, as the arti­cle below points out, a num­ber of researchers look­ing over the hack are rais­ing the pos­si­bil­i­ty that the serv­er wasn’t hacked at all. Instead, it could have been a case of clas­sic espi­onage. Some­one with a USB stick. It’s also worth not­ing that Edward Snow­den, some­one who knows how easy it is to steal from the NSA with a USB stick, is declar­ing that Rus­sia is like­ly behind it.

“Here’s Why the Sup­posed NSA ‘Hack’ Is Unlike Any­thing We’ve Ever Seen Before” by Paul Szol­dra; Busi­ness Insid­er Nordic; 8/16/2016.

Ear­li­er this week, a group call­ing itself the “Shad­ow Bro­kers” announced that it was sell­ing a num­ber of cyber weapons – auc­tion-style – that it claimed were hacked and stolen from an alleged NSA hack­ing group dubbed “The Equa­tion Group.”

Beside the fact that the Nation­al Secu­ri­ty Agency get­ting hacked is eye­brow-rais­ing in itself, the leak of the data and the claim from this mys­tery group that it’s just try­ing to make mon­ey doesn’t seem to add up.

Here’s why.
Their claim to have ‘hacked’ a serv­er belong­ing to the NSA is fishy.

Accord­ing to ex-NSA insid­ers who spoke with Busi­ness Insid­er, the agency’s hack­ers don’t just put their exploits and toolk­its online where they can poten­tial­ly be pil­fered. The more like­ly sce­nario for where the data came from, says ex-NSA research sci­en­tist Dave Aitel, is an insid­er who down­loaded it onto a USB stick.

Instead of a “hack,” Aitel believes, it’s much more like­ly that this was a more clas­sic spy oper­a­tion that involved human intel­li­gence.

“This idea that a group of unknown hack­ers are going to take on the NSA seems unlike­ly as well,” Aitel told Busi­ness Insid­er. “There’s a long arm and a long mem­o­ry to the US intel­li­gence com­mu­ni­ty, and I don’t think any­one wants to be on the oth­er end of that with­out good rea­son. I don’t nec­es­sar­i­ly think a mil­lion bit­coin is a good-enough rea­son.”

When hack­ers gain access to a serv­er, they keep qui­et about it so they can stay there

One of the many strange things about this inci­dent is the very pub­lic nature of what tran­spired. When a hack­er takes over your com­put­er, they don’t start acti­vat­ing your web­cam or run­ning weird pro­grams because you’d fig­ure out pret­ty quick­ly that some­thing was up and you’d try to get rid of them.

The same is true for the NSA.

If the Shad­ow Bro­kers owned the NSA’s com­mand and con­trol serv­er, then it would prob­a­bly be a much bet­ter approach to just sit back, watch, and try to piv­ot to oth­er inter­est­ing things that they might be able to find.

Instead, the group wrote on Paste­bin, a web­site where you can store text, that “we fol­low Equa­tion Group traf­fic. We find Equa­tion Group source range. We hack Equa­tion Group. We find many many Equa­tion Group cyber weapons,” which imme­di­ate­ly sig­nals to this alleged NSA hack­er group that they have a big prob­lem.

Though this seems prob­lem­at­ic, it’s prob­a­ble that the group no longer has access to the serv­er, so it no longer cares about get­ting back on it. Since the files are years old, this could be the case. But it’s still out of the ordi­nary since any claim like this can be lat­er inves­ti­gat­ed by the vic­tim, which will be going through every­thing try­ing to fig­ure out who they are.

If this was some ran­dom hack­ing group, then it would’ve been bet­ter to keep their mouth shut, espe­cial­ly when their vic­tim is the NSA.

Peo­ple sell exploits all the time, but they hard­ly ever talk about it.

Soft­ware exploits are dig­i­tal gold for hack­ers, since they often give a key inside a sys­tem or net­work that no one has ever noticed before, and thus, hasn’t fixed. Which is why the mar­ket­place for these “zero-day” exploits is so lucra­tive. We’re talk­ing hun­dreds of thou­sands to mil­lions of dol­lars for this kind of code.

Most of the time, an exploit is either found by a secu­ri­ty research firm, which then writes about it and reports it to the com­pa­ny so it can fix the prob­lem. Or, a hack­er look­ing for cash will take that found exploit and sell it on the black mar­ket.

So it would make sense for a group like Shad­ow Bro­kers to want to sell their trea­sure trove, but going pub­lic with it is beyond strange.

“From my per­spec­tive, its extreme­ly bizarre behav­ior,” an ex-NSA hack­er who spoke on con­di­tion of anonymi­ty told Busi­ness Insid­er. “Most groups who either iden­ti­fy or trade in exploits do one of two things. If you iden­ti­fy, like a secu­ri­ty research firm [does] … they’ll typ­i­cal­ly pub­lish their find­ings. They’re real­ly in the best inter­est of the com­pa­nies and users who use these prod­ucts.”

The source added: “In the oth­er sce­nar­ios, folks who sort of deal in the exploit mar­kets. They qui­et­ly sell these things. To come out with this pub­lic auc­tion is the more bizarre vari­ance of that that I’ve ever seen. So it’s not clear what the intent here is.”

So what is the intent?

If you ask ex-NSA con­trac­tor Edward Snow­den, the pub­lic leak and claims of the Shad­ow Bro­kers seem to have Russ­ian fin­ger­prints all over them, and it serves as a warn­ing from Moscow to Wash­ing­ton. The mes­sage: If your pol­i­cy­mak­ers keep blam­ing us for the DNC hack, then we can use this hack to impli­cate you in much more.

“That could have sig­nif­i­cant for­eign pol­i­cy con­se­quences,” Snow­den wrote on Twit­ter. “Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed US allies. Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed elec­tions.”

Aitel seems to agree, though he crit­i­cized Snow­den as being, at some lev­el, a “voice piece” for Russ­ian intel­li­gence now, since he lives in asy­lum in Moscow.

“He has the same the­o­ry – the DNC hack hap­pened. The US polit­i­cal peo­ple got upset. They prob­a­bly made the NSA do a covert response,” Aitel spec­u­lat­ed. “This is anoth­er response to the NSA’s covert response. There’s a lot of sort of very pub­lic mes­sages here going back and forth, which is inter­est­ing to look at.”

Aitel also doesn’t think that any­one is going to actu­al­ly pony up the mon­ey required to win the auc­tion. And that pre­dic­tion is prob­a­bly going to be right, since Wik­iLeaks claims that it already has the archive.

“We had already obtained the archive of NSA cyber weapons released ear­li­er today,” its offi­cial Twit­ter account wrote, “and will release our own pris­tine copy in due course.” . . . .

6. Snowden’s pro­nounce­ment: this is all part of a Russ­ian messaging/propaganda war. Note that the jour­nal­is­tic “spin” that this is “Rus­sia.” Snow­den has to know that this ISN’T  Rus­sia. His fin­ger­ing of Rus­sia is, in and of itself, sus­pi­cious.

There is a prin­ci­ple of law known as “con­scious­ness of guilt.” If one can be proven to have tak­en actions that cov­ered up the com­mis­sion of a crime, that is con­sid­ered evi­dence suf­fi­cient to indict that indi­vid­ual for the orig­i­nal crime. Snow­den’s fin­ger­ing of “Rus­sia” falls into that cat­e­go­ry.

Con­sid­er sus­pi­cions that this could have been an inside job, some­one with a USB stick. Keep in mind that if there was some­one who has had con­tact with Russia’s intel­li­gence com­mu­ni­ty and who would have been very well posi­tioned to pull off such a spy oper­a­tion, it’s Edward Snow­den. Espe­cial­ly since the lat­est files released in the hack are from the same year Snow­den fled to Rus­sia:

“‘Shad­ow Bro­kers’ Claim To Have Hacked The NSA’s Hack­ers”; Nation­al Pub­lic Radio ; 8/17/2016.

The “Shad­ow Bro­kers” are in the spot­light.

The mys­te­ri­ous group has seized the atten­tion of the cyber­se­cu­ri­ty world with its claim to have stolen code from the Equa­tion Group — a team of hack­ers who have been tied to the Nation­al Secu­ri­ty Agency.

On a web­site writ­ten in bro­ken Eng­lish, the Shad­ow Bro­kers revealed some files and promised “bet­ter” ones avail­able, for sale to the high­est bid­der. One caveat: By “bid­ding,” they mean send­ing bit­coins, and los­ing bid­ders don’t get them back. (“Sor­ry lose bid­ding war lose bit­coin and files. Lose Lose. Bid to win!”)

The group also said it would make a new batch of files pub­lic if it received 1 mil­lion bit­coins to a spec­i­fied address. That’s more than half a bil­lion dol­lars, and near­ly 1/15th of all the bit­coins in cir­cu­la­tion.

As of Wednes­day after­noon, the Shad­ow Bro­kers appear to have received 1.6 bit­coins, or less than $1,000, based on the pub­lic ledger show­ing funds sent to that bit­coin address.

The auc­tion is “absurd” and “weird,” as Wired puts it, but the mag­a­zine notes that there’s a “grow­ing con­sen­sus” that the files them­selves — at least the ones released so far — are legit­i­mate.

Matt Suiche, a secu­ri­ty researcher who ana­lyzed the code that has been pub­licly released by the Shad­ow Bro­kers, tells NPR’s Aar­ti Sha­hani that it does appear to be a com­pi­la­tion of tools used by the NSA.

But the “teas­er” files don’t include any very valu­able infor­ma­tion, he says — and the ques­tion now is whether the hack­ers actu­al­ly have more files.

“The sam­ple files … are com­plete, but they are not extreme­ly sig­nif­i­cant enough to shut down the Inter­net,” Suiche told Aar­ti. “If that would be the best of what they had, it would be dis­ap­point­ing. It’s like Poké­mon Go. You hear the hype, it’s inter­est­ing. Then you pay for more — but you get bored.”

Oth­er experts say they, too, believe the files con­tain actu­al NSA code.

The Wash­ing­ton Post reportsthat the hack­ing tools released in the teas­er file — with names such as Epicbanana, Buz­zdi­rec­tion and Egre­gious­blun­der — are high­ly sophis­ti­cat­ed.

“The file con­tained 300 megabytes of infor­ma­tion, includ­ing sev­er­al ‘exploits,’ or tools for tak­ing con­trol of fire­walls in order to con­trol a net­work, and a num­ber of implants that might, for instance, exfil­trate or mod­i­fy infor­ma­tion.

“The exploits are not run-of-the-mill tools to tar­get every­day indi­vid­u­als. They are expen­sive soft­ware used to take over fire­walls, such as Cis­co and Fortinet, that are used ‘in the largest and most crit­i­cal com­mer­cial, edu­ca­tion­al and gov­ern­ment agen­cies around the world,’ said Blake Darche, anoth­er for­mer TAO oper­a­tor and now head of secu­ri­ty research at Area 1 Secu­ri­ty.”

(TAO stands for Tai­lored Access Oper­a­tions, the NSA’s hack­ing divi­sion, the news­pa­per explains.)

The New York Times writes that the NSA could have used the code to “get inside the com­put­er sys­tems of com­peti­tors like Rus­sia, Chi­na and Iran,” with the exploits, and “lurk unseen for years” with the implants.

“Who­ev­er obtained the source code appar­ent­ly broke into either the top-secret, high­ly com­part­men­tal­ized com­put­er servers of the N.S.A. or oth­er servers around the world that the agency would have used to store the files,” the Times writes.

The code released by the Shad­ow Bro­kers dates most recent­ly to 2013, the same year Edward Snow­den leaked clas­si­fied infor­ma­tion about the NSA’s sur­veil­lance pro­grams.

Via Twit­ter, Snow­den com­ment­ed on the appar­ent hack, say­ing the most notable thing wasn’t that NSA servers were breached but that the hack has now been pub­li­cized.

“Why did they do it?” Snow­den asked. “No one knows, but I sus­pect this is more diplo­ma­cy than intel­li­gence, relat­ed to the esca­la­tion around the DNC hack.”

The hack­ers could be adver­tis­ing that they have the abil­i­ty to iden­ti­fy actions the NSA took on the com­pro­mised serv­er, Snow­den sug­gests — a warn­ing of sorts.

Snow­den also not­ed that the released files end in 2013. “When I came for­ward, NSA would have migrat­ed offen­sive oper­a­tions to new servers as a pre­cau­tion,” he sug­gest­ed — a move that would have cut off the hack­ers’ access to the serv­er.

“You’re wel­come,” he tweet­ed.

7. One pos­si­ble expla­na­tion for why the “hacked” mate­r­i­al is no new­er than 2013 was pre­sent­ed in the pre­vi­ous sto­ry: the hack­ers pre­sum­ably lost access to their hacked serv­er after the Snow­den affair forced the NSA to move their offen­sive oper­a­tions to dif­fer­ent servers.

How­ev­er, that expla­na­tion also assumes this serv­er was actu­al­ly remote­ly hacked, as opposed to a USB-stick clas­sic spy oper­a­tion.

That rais­es a big ques­tion that could poten­tial­ly be answered, although it’s unclear who could answer it: were these tools part of the giant Snow­den “Dooms­day” cache of tech­ni­cal doc­u­ments? The doc­u­ments that Glenn Green­wald threat­ened would be released if any­thing hap­pened to Snow­den and that Green­wald described as the NSA “blue­prints”? There were appar­ent­ly only three unknown peo­ple who had the keys to Snowden’s Dooms­day cache.

Was this lat­est leak is real­ly an exten­sion of the Snow­den leak?

James Bam­ford weighed in on the release of the NSA’s “Tai­lored Access Oper­a­tions” (TAO) super hack­ing tools by the alleged­ly Russ­ian “Shad­ow Bro­kers”. Bamford’s con­clu­sion? It was most like­ly anoth­er Snow­den-like inside job, but Bam­ford doesn’t think the source of this leak was Snow­den or some­one with access to the full Snow­den cache. Bam­ford actu­al­ly trav­eled to Rus­sia, inter­viewed Snow­den, and got to exam­ine and search what Snow­den claimed was the full cache and didn’t see any­thing indi­cat­ing TAO hack­ing tools (although who knows if what he saw was the full “dead-man’s switch” Dooms­day cache).

No, the per­son Bam­ford has in mind in none oth­er than Jacob Appel­baum, the Berlin-based hackivist/Tor devel­op­er (ex-Tor devel­op­er)/Wikileaks hacker/avowed ene­my of Hillary Clin­ton. Why Appel­baum? Well, because when Jacob Appel­baum gave his big speech in Decem­ber 2013 at the Chaos Com­mu­ni­ca­tions Con­gress and wrote a bunch of Der Spiegel arti­cles describ­ing an array of of NSA TAO hack­ing tools, every­one assumed he was grab­bing that info from the Snow­den cache. But Bam­ford nev­er saw those tools when he exam­ined the cache and there was nev­er an expla­na­tion of where Appel­baum got that TAO data.

So are Appel­baum, or pos­si­bly Appelbaum’s uniden­ti­fied NSA inside source, the real “Shad­ow Bro­kers”? That’s what Bam­ford appears to sus­pect:

Note that Apple­baum appears to have been deeply involved with get­ting Snow­den from Hawaii to Hong Kong. It was Wik­iLeak­er Sarah Har­ri­son who got Snow­den from Hong Kong to Moscow.

“Com­men­tary: Evi­dence Points to Anoth­er Snow­den at the NSA” by James Bam­ford; Reuters; 8/24/2016.

In the sum­mer of 1972, state-of-the-art cam­paign spy­ing con­sist­ed of ama­teur bur­glars, armed with duct tape and micro­phones, pen­e­trat­ing the head­quar­ters of the Demo­c­ra­t­ic Nation­al Com­mit­tee. Today, ama­teur bur­glars have been replaced by cyber­spies, who pen­e­trat­ed the DNC armed with com­put­ers and sophis­ti­cat­ed hack­ing tools.

Where the Water­gate bur­glars came away emp­ty-hand­ed and in hand­cuffs, the mod­ern- day cyber thieves walked away with tens of thou­sands of sen­si­tive polit­i­cal doc­u­ments and are still uniden­ti­fied.

Now, in the lat­est twist, hack­ing tools them­selves, like­ly stolen from the Nation­al Secu­ri­ty Agency, are on the dig­i­tal auc­tion block. Once again, the usu­al sus­pects start with Rus­sia – though there seems lit­tle evi­dence back­ing up the accu­sa­tion.

In addi­tion, if Rus­sia had stolen the hack­ing tools, it would be sense­less to pub­li­cize the theft, let alone put them up for sale. It would be like a safe­crack­er steal­ing the com­bi­na­tion to a bank vault and putting it on Face­book. Once revealed, com­pa­nies and gov­ern­ments would patch their fire­walls, just as the bank would change its com­bi­na­tion.

A more log­i­cal expla­na­tion could also be insid­er theft. If that’s the case, it’s one more rea­son to ques­tion the use­ful­ness of an agency that secret­ly col­lects pri­vate infor­ma­tion on mil­lions of Amer­i­cans but can’t keep its most valu­able data from being stolen, or as it appears in this case, being used against us.

In what appeared more like a Sat­ur­day Night Live skit than an act of cyber­crime, a group call­ing itself the Shad­ow Bro­kers put up for bid on the Inter­net what it called a “full state-spon­sored toolset” of “cyber­weapons.” “!!! Atten­tion gov­ern­ment spon­sors of cyber­war­fare and those who prof­it from it !!!! How much would you pay for ene­mies cyber­weapons?” said the announce­ment.

The group said it was releas­ing some NSA files for “free” and promised “bet­ter” ones to the high­est bid­der. How­ev­er, those with loos­ing bids “Lose Lose,” it said, because they would not receive their mon­ey back. And should the total sum of the bids, in bit­coins, reach the equiv­a­lent of half a bil­lion dol­lars, the group would make the whole lot pub­lic.

While the “auc­tion” seemed tongue in cheek, more like hack­tivists than Russ­ian high com­mand, the sam­ple doc­u­ments were almost cer­tain­ly real. The draft of a top-secret NSA man­u­al for implant­i­ng offen­sive mal­ware, released by Edward Snow­den, con­tains code for a pro­gram code­named SECONDDATE. That same 16-char­ac­ter string of num­bers and char­ac­ters is in the code released by the Shad­ow Bro­kers. The details from the man­u­al were first released by The Inter­cept last Fri­day.

The authen­tic­i­ty of the NSA hack­ing tools were also con­firmed by sev­er­al ex-NSA offi­cials who spoke to the media, includ­ing for­mer mem­bers of the agency’s Tai­lored Access Oper­a­tions (TAO) unit, the home of hack­ing spe­cial­ists.

“With­out a doubt, they’re the keys to the king­dom,” one for­mer TAO employ­ee told the Wash­ing­ton Post. “The stuff you’re talk­ing about would under­mine the secu­ri­ty of a lot of major gov­ern­ment and cor­po­rate net­works both here and abroad.” Anoth­er added, “From what I saw, there was no doubt in my mind that it was legit­i­mate.”

Like a bank robber’s tool kit for break­ing into a vault, cyber exploita­tion tools, with code­names like EPICBANANA and BUZZDIRECTION, are designed to break into com­put­er sys­tems and net­works. Just as the bank rob­ber hopes to find a crack in the vault that has nev­er been dis­cov­ered, hack­ers search for dig­i­tal cracks, or “exploits,” in com­put­er pro­grams like Win­dows.

The most valu­able are “zero day” exploits, mean­ing there have been zero days since Win­dows has dis­cov­ered the “crack” in their pro­grams. Through this crack, the hack­er would be able to get into a sys­tem and exploit it, by steal­ing infor­ma­tion, until the breach is even­tu­al­ly dis­cov­ered and patched. Accord­ing to the for­mer NSA offi­cials who viewed the Shad­ow Bro­ker files, they con­tained a num­ber of exploits, includ­ing zero-day exploits that the NSA often pays thou­sands of dol­lars for to pri­vate hack­ing groups.

The rea­sons giv­en for lay­ing the blame on Rus­sia appear less con­vinc­ing, how­ev­er. “This is prob­a­bly some Russ­ian mind game, down to the bogus accent,” James A. Lewis, a com­put­er expert at the Cen­ter for Strate­gic and Inter­na­tion­al Stud­ies, a Wash­ing­ton think tank, told the New York Times. Why the Rus­sians would engage in such a mind game, he nev­er explained.

Rather than the NSA hack­ing tools being snatched as a result of a sophis­ti­cat­ed cyber oper­a­tion by Rus­sia or some oth­er nation, it seems more like­ly that an employ­ee stole them. Experts who have ana­lyzed the files sus­pect that they date to Octo­ber 2013, five months after Edward Snow­den left his con­trac­tor posi­tion with the NSA and fled to Hong Kong car­ry­ing flash dri­ves con­tain­ing hun­dreds of thou­sands of pages of NSA doc­u­ments.

So, if Snow­den could not have stolen the hack­ing tools, there are indi­ca­tions that after he depart­ed in May 2013, some­one else did, pos­si­bly some­one assigned to the agency’s high­ly sen­si­tive Tai­lored Access Oper­a­tions.

In Decem­ber 2013, anoth­er high­ly secret NSA doc­u­ment qui­et­ly became pub­lic. It was a top secret TAO cat­a­log of NSA hack­ing tools. Known as the Advanced Net­work Tech­nol­o­gy (ANT) cat­a­log, it con­sist­ed of 50 pages of exten­sive pic­tures, dia­grams and descrip­tions of tools for every kind of hack, most­ly tar­get­ed at devices man­u­fac­tured by U.S. com­pa­nies, includ­ing Apple, Cis­co, Dell and many oth­ers.

Like the hack­ing tools, the cat­a­log used sim­i­lar code­names. Among the tools tar­get­ing Apple was one code­named DROPOUTJEEP, which gives NSA total con­trol of iPhones. “A soft­ware implant for the Apple iPhone,” says the ANT cat­a­log, “includes the abil­i­ty to remote­ly push/pull files from the device. SMS retrieval, con­tact-list retrieval, voice­mail, geolo­ca­tion, hot mic, cam­era cap­ture, cell-tow­er loca­tion, etc.”

Anoth­er, code­named IRATEMONK, is, “Tech­nol­o­gy that can infil­trate the firmware of hard dri­ves man­u­fac­tured by Max­tor, Sam­sung, Sea­gate and West­ern Dig­i­tal.”

In 2014, I spent three days in Moscow with Snow­den for a mag­a­zine assign­ment and a PBS doc­u­men­tary. Dur­ing our on-the-record con­ver­sa­tions, he would not talk about the ANT cat­a­log, per­haps not want­i­ng to bring atten­tion to anoth­er pos­si­ble NSA whistle­blow­er.

I was, how­ev­er, giv­en unre­strict­ed access to his cache of doc­u­ments. These includ­ed both the entire British, or GCHQ, files and the entire NSA files.

But going through this archive using a sophis­ti­cat­ed dig­i­tal search tool, I could not find a sin­gle ref­er­ence to the ANT cat­a­log. This con­firmed for me that it had like­ly been released by a sec­ond leak­er. And if that per­son could have down­loaded and removed the cat­a­log of hack­ing tools, it’s also like­ly he or she could have also down­loaded and removed the dig­i­tal tools now being leaked.

In fact, a num­ber of the same hack­ing implants and tools released by the Shad­ow Bro­kers are also in the ANT cat­a­log, includ­ing those with code­names BANANAGLEE and JETPLOW. These can be used to cre­ate “a per­sis­tent back-door capa­bil­i­ty” into wide­ly used Cis­co fire­walls, says the cat­a­log.

Con­sist­ing of about 300 megabytes of code, the tools could eas­i­ly and quick­ly be trans­ferred to a flash dri­ve. But unlike the cat­a­log, the tools them­selves – thou­sands of ones and zeros – would have been use­less if leaked to a pub­li­ca­tion. This could be one rea­son why they have not emerged until now.

Enter Wik­iLeaks. Just two days after the first Shad­ow Bro­kers mes­sage, Julian Assange, the founder of Wik­iLeaks, sent out a Twit­ter mes­sage. “We had already obtained the archive of NSA cyber­weapons released ear­li­er today,” Assange wrote, “and will release our own pris­tine copy in due course.”

The month before, Assange was respon­si­ble for releas­ing the tens of thou­sands of hacked DNC emails that led to the res­ig­na­tion of the four top com­mit­tee offi­cials.

There also seems to be a link between Assange and the leak­er who stole the ANT cat­a­log, and the pos­si­ble hack­ing tools. Among Assange’s close asso­ciates is Jacob Appel­baum, a cel­e­brat­ed hack­tivist and the only pub­licly known Wik­iLeaks staffer in the Unit­ed States – until he moved to Berlin in 2013 in what he called a “polit­i­cal exile” because of what he said was repeat­ed harass­ment by U.S. law enforce­ment per­son­nel. In 2010, a Rolling Stone mag­a­zine pro­file labeled him “the most dan­ger­ous man in cyber­space.”

In Decem­ber 2013, Appel­baum was the first per­son to reveal the exis­tence of the ANT cat­a­log, at a con­fer­ence in Berlin, with­out iden­ti­fy­ing the source. That same month he said he sus­pect­ed the U.S. gov­ern­ment of break­ing into his Berlin apart­ment. He also co-wrote an arti­cle about the cat­a­log in Der Spiegel. But again, he nev­er named a source, which led many to assume, mis­tak­en­ly, that it was Snow­den.

In addi­tion to Wik­iLeaks, for years Appel­baum worked for Tor, an orga­ni­za­tion focused on pro­vid­ing its cus­tomers anonymi­ty on the Inter­net. But last May, he stepped down as a result of “seri­ous, pub­lic alle­ga­tions of sex­u­al mis­treat­ment” made by unnamed vic­tims, accord­ing to a state­ment put out by Tor. Appel­baum has denied the charges.

Short­ly there­after, he turned his atten­tion to Hillary Clin­ton. At a screen­ing of a doc­u­men­tary about Assange in Cannes, France, Appel­baum accused her of hav­ing a grudge against him and Assange, and that if she were elect­ed pres­i­dent, she would make their lives dif­fi­cult. “It’s a sit­u­a­tion that will pos­si­bly get worse” if she is elect­ed to the White House, he said, accord­ing to Yahoo News.

It was only a few months lat­er that Assange released the 20,000 DNC emails. Intel­li­gence agen­cies have again point­ed the fin­ger at Rus­sia for hack­ing into these emails.

Yet there has been no expla­na­tion as to how Assange obtained them. He told NBC News, “There is no proof what­so­ev­er” that he obtained the emails from Russ­ian intel­li­gence. Moscow has also denied involve­ment.

There are, of course, many sophis­ti­cat­ed hack­ers in Rus­sia, some with close gov­ern­ment ties and some with­out. And plant­i­ng false and mis­lead­ing indi­ca­tors in mes­sages is an old trick. Now Assange has promised to release many more emails before the elec­tion, while appar­ent­ly ignor­ing email involv­ing Trump. (Trump oppo­si­tion research was also stolen.)

In hack­tivist style, and in what appears to be pho­ny bro­ken Eng­lish, this new release of cyber­weapons also seems to be tar­get­ing Clin­ton. It ends with a long and angry “final mes­sage” against “Wealthy Elites . . . break­ing laws” but “Elites top friends announce, no law bro­ken, no crime commit[ed]. . . Then Elites run for pres­i­dent. Why run for pres­i­dent when already con­trol coun­try like dic­ta­tor­ship?”

Then after what they call the “fun Cyber Weapons Auc­tion” comes the real mes­sage, a seri­ous threat. “We want make sure Wealthy Elite rec­og­nizes the dan­ger [of] cyber­weapons. Let us spell out for Elites. Your wealth and con­trol depends on elec­tron­ic data.” Now, they warned, they have con­trol of the NSA’s cyber hack­ing tools that can take that wealth away. “You see attacks on banks and SWIFT [a world­wide net­work for finan­cial ser­vices] in news. If elec­tron­ic data go bye-bye where leave Wealthy Elites? Maybe with dumb cat­tle?” . . . 

There also seems to be a link between Assange and the leak­er who stole the ANT cat­a­log, and the pos­si­ble hack­ing tools. Among Assange’s close asso­ciates is Jacob Appel­baum, a cel­e­brat­ed hack­tivist and the only pub­licly known Wik­iLeaks staffer in the Unit­ed States – until he moved to Berlin in 2013 in what he called a “polit­i­cal exile” because of what he said was repeat­ed harass­ment by U.S. law enforce­ment per­son­nel. In 2010, a Rolling Stone mag­a­zine pro­file labeled him “the most dan­ger­ous man in cyber­space.”

In Decem­ber 2013, Appel­baum was the first per­son to reveal the exis­tence of the ANT cat­a­log, at a con­fer­ence in Berlin, with­out iden­ti­fy­ing the source. That same month he said he sus­pect­ed the U.S. gov­ern­ment of break­ing into his Berlin apart­ment. He also co-wrote an arti­cle about the cat­a­log in Der Spiegel. But again, he nev­er named a source, which led many to assume, mis­tak­en­ly, that it was Snow­den.

In addi­tion to Wik­iLeaks, for years Appel­baum worked for Tor, an orga­ni­za­tion focused on pro­vid­ing its cus­tomers anonymi­ty on the Inter­net. But last May, he stepped down as a result of “seri­ous, pub­lic alle­ga­tions of sex­u­al mis­treat­ment” made by unnamed vic­tims, accord­ing to a state­ment put out by Tor. Appel­baum has denied the charges.

Short­ly there­after, he turned his atten­tion to Hillary Clin­ton. At a screen­ing of a doc­u­men­tary about Assange in Cannes, France, Appel­baum accused her of hav­ing a grudge against him and Assange, and that if she were elect­ed pres­i­dent, she would make their lives dif­fi­cult. “It’s a sit­u­a­tion that will pos­si­bly get worse” if she is elect­ed to the White House, he said, accord­ing to Yahoo News.

8. There is abun­dant cir­cum­stan­tial evi­dence point­ing in the direc­tion of Appel­baum.

Since Appel­baum is cur­rent­ly liv­ing in Berlin it’s worth not­ing that the email address that appears to be used by the Shad­ow Bro­kers is a Ger­man email provider with a pol­i­cy of coop­er­at­ing with legal author­i­ties as lit­tle as pos­si­ble and only hand­ing over encrypt­ed data when giv­en a court order.

Note that, in addi­tion to Apple­baum (who appears to have assist­ed Snow­den in get­ting from Hawaii to Hong Kong), Lau­ra Poitras (Glenn Green­wald’s asso­ciate), Sarah Har­ri­son (Assange’s ex-girl­friend who assist­ed Snow­den in his flight from Hong Kong to Moscow) and Peter Sunde (who found­ed the Pirate Bay web­site on which Wik­iLeaks held forth) are all res­i­dent in Ger­many at this time.

“ . . . He said Tutan­o­ta had only ever been forced to hand over encrypt­ed data of its users a few times and it has a trans­paren­cy report where it dis­clos­es those cas­es. ‘How­ev­er, we release data only in very, very few cas­es … And when we have to pro­vide the data due to a court order, it is still encrypt­ed,’ Pfau added, going on to explain the company’s stance on sur­veil­lance. . . .”

It will be inter­est­ing to see if there are any fol­lowup reports on Ger­man author­i­ties ask­ing for the encrypt­ed account data. It would be odd if such a request were not made.

In FTR #‘s 918, 919, 920, 921 and 922, we not­ed that the Tru­menkampfver­bande gives every indi­ca­tion of being the tran­si­tion­al ele­ment of the Under­ground Reich in its meta­mor­pho­sis into an above-ground move­ment. Trump’s per­son­al and polit­i­cal her­itage, com­mer­cial cred­i­tors (Deutsche Bank is chief among them) and geopol­i­tics are Ger­man in nature.

“Edward Snow­den: Rus­sia Is Chief Sus­pect In NSA Hack” by Thomas Fox-Brew­ster; Forbes ; 8/16/2016.

If there’s any­one who knows how and why any­one would hack the NSA, and can talk about it open­ly, it’s for­mer con­trac­tor Edward Snow­den. After all, the exile-in-Rus­sia siphoned off mass­es of infor­ma­tion from the intel­li­gence agency before help­ing jour­nal­ists pub­lish the doc­u­ments, which togeth­er have exposed mass sur­veil­lance by US and inter­na­tion­al snoops.

Who are the Shad­ow Bro­kers?

Very lit­tle is known about the Shad­ow Bro­kers. They used Github, Tum­blr and Mega to dis­sem­i­nate their files. When they released the data on August 13, they used bro­ken Eng­lish to launch a Bit­coin auc­tion for the remain­ing 40 per cent of data they hand’t released from their alleged Equa­tion Group attack. For instance: “If you want know your net­works hacked, you send bit­coin. If you want hack net­works as like equa­tion group, you send bit­coin. If you want reverse, write many words, make big name for self, get many cus­tomers, you send bit­coin. If want to know what we take, you send bit­coin.”

Of the lit­tle infor­ma­tion avail­able, it’s clear the hack­ers used an email address belong­ing to Tutan­o­ta, a Ger­man provider focused on secu­ri­ty, to upload the data to Github.

Founder of Tutan­o­ta Matthias Pfau told FORBES the com­pa­ny had not been con­tact­ed by law enforce­ment regard­ing the alleged breach of the NSA. “If our accounts are mis­used … a Ger­man judge can force us to deliv­er the encrypt­ed data,” Pfau said.

He said Tutan­o­ta had only ever been forced to hand over encrypt­ed data of its users a few times and it has a trans­paren­cy report where it dis­clos­es those cas­es. “How­ev­er, we release data only in very, very few cas­es … And when we have to pro­vide the data due to a court order, it is still encrypt­ed,” Pfau added, going on to explain the company’s stance on sur­veil­lance.

“Fan­tasies of omnipo­tence and total sur­veil­lance are threat­en­ing our fun­da­men­tal rights. That is not accept­able and that is why we stand up and fight for pri­va­cy.” . . . .

 

 

Discussion

2 comments for “FTR #923 The Obverse Oswald and the High Profile Hacks: Update on the Adventures of Eddie the Friendly Spook (Weighing in for The Trumpenkampfverbande, Part 2)”

  1. This artil­cle by JOSEPH MARKS | NEXTGOV | DECEMBER 30, 2016 states the fol­low­ing:

    Robert M. Lee, a for­mer Air Force cyber oper­a­tions offi­cer, crit­i­cized the report in a blog post for wink­ing at attri­bu­tion in its writ­ten por­tion, but not stand­ing it up in the tech­ni­cal sec­tion. Lee is founder of the cyber­se­cu­ri­ty firm Dra­gos.

    Dmitri Alper­ovitch, co-founder of Crowd­Strike, stood up that assess­ment in a tweet not­ing “lots of prob­lems here.”

    Crowd­Strike is the cyber­se­cu­ri­ty firm that inves­ti­gat­ed the Demo­c­ra­t­ic Nation­al Com­mit­tee data breach and first attrib­uted it to Russ­ian gov­ern­ment-linked hack­ing groups dubbed “Fan­cy Bear” and “Cozy Bear.” Alper­ovitch also claimed the DHS report includes incor­rect infor­ma­tion.

    RM NOTE***** I think it is extreme­ly unlike­ly a hack­er of a Russs­ian intel­li­gence oper­a­tion would give them­selves a han­dle with the word “Bear”. A CIA hack­er would nev­er use a han­dle with the word “Eagle” because they would want to dis­guise the source. Also note how “Crowd­strike” employ­ee is now con­tra­dict­ing the orig­i­nal con­clu­sion of the com­pa­ny. If the hack was done by Ukrain­ian Fas­cists, then Don­ald Trump could legit­i­mate­ly dis­cred­it US intel­li­gence and gain cred­i­bil­i­ty. Was this one of the pur­pos­es of this plot?

    http://m.nextgov.com/cybersecurity/2016/12/trump-praises-putin-not-hitting-back-after-obama-hacking-sanctions/134264/

    HERE IS THE ENTIRE ARTICLE:

    Pres­i­dent-elect Don­ald Trump on Fri­day praised Vladimir Putin’s deci­sion to not imme­di­ate­ly retal­i­ate against U.S. sanc­tions, rais­ing the like­li­hood he may reverse or weak­en the Oba­ma administration’s attempt to pun­ish its for­mer Cold War adver­sary for med­dling in the 2016 elec­tion.

    Putin declared in a Thurs­day state­ment he will not imme­di­ate­ly retal­i­ate for the U.S. sanc­tions or expel any U.S. diplo­mats in Rus­sia, say­ing the Russ­ian gov­ern­ment “will plan our fur­ther steps to restore Russian‑U.S. rela­tions based on the poli­cies of the Trump admin­is­tra­tion.”

    Trump respond­ed in a Fri­day tweet: “Great move on delay (by V. Putin) — I always knew he was very smart!”

    » Get the best fed­er­al tech­nol­o­gy news and ideas deliv­ered right to your inbox. Sign up here.

    Trump could reverse many of the U.S. retal­ia­to­ry actions, which include sanc­tions against Russ­ian intel­li­gence agen­cies and their lead­ers and the expul­sion of 35 Russ­ian diplo­mats who the State Depart­ment says are actu­al­ly spies.

    Senior Oba­ma admin­is­tra­tion offi­cials expressed hope Thurs­day he would not do so.

    “If a future pres­i­dent decid­ed he want­ed to allow in a large tranche of Russ­ian intel­li­gence agents, he could,” one senior admin­is­tra­tion offi­cial said dur­ing a con­fer­ence call with reporters, adding, “we think that would be inad­vis­able.”

    The retal­ia­to­ry actions also include covert actions against the Russ­ian gov­ern­ment that may have already begun, offi­cials said.

    Trump has repeat­ed­ly said he does not believe intel­li­gence agen­cies’ con­clu­sion that the Russ­ian gov­ern­ment was respon­si­ble for data breach­es at Demo­c­ra­t­ic polit­i­cal orga­ni­za­tions that wreaked hav­oc on Demo­c­ra­t­ic nom­i­nee Hillary Clinton’s cam­paign. He has called the con­clu­sion polit­i­cal­ly moti­vat­ed.

    Trump said short­ly after the sanc­tions announce­ment Thurs­day he will meet with intel­li­gence agen­cies to dis­cuss the attri­bu­tion next week “in order to be updat­ed on the facts.” He also said, how­ev­er, “it’s time for our coun­try to move on to big­ger and bet­ter things.”

    If Trump choos­es to roll back any of Obama’s pub­lic actions against Rus­sia, he will like­ly face tough oppo­si­tion from some mem­bers of his own par­ty.

    The Sen­ate Armed Ser­vices Com­mit­tee will hold a hear­ing Thurs­day focused on “for­eign cyber threats to the Unit­ed States,” the first of sev­er­al hear­ings Chair­man John McCain, R‑Ariz., has promised on Russia’s elec­tion med­dling.

    McCain vowed to impose stronger sanc­tions on Rus­sia in a joint state­ment Thurs­day with Sen. Lind­sey Gra­ham, R‑S.C.

    McCain and Gra­ham called Obama’s retal­ia­to­ry mea­sures “long over­due” and “a small price for Rus­sia to pay for its brazen attack on Amer­i­can democ­ra­cy.”

    The main source of con­flict between the Trump and Oba­ma admin­is­tra­tions is whether data breach­es at Demo­c­ra­t­ic polit­i­cal orga­ni­za­tions can be con­fi­dent­ly tied to Rus­sia intel­li­gence agen­cies or if there’s not enough evi­dence for a firm attri­bu­tion.

    U.S. intel­li­gence agen­cies and the Home­land Secu­ri­ty Depart­ment called the case con­clu­sive in an Octo­ber state­ment. DHS and the FBI released addi­tion­al tech­ni­cal infor­ma­tion Thurs­day aimed, in part, at bol­ster­ing that case.

    Trump and his team, how­ev­er, have repeat­ed­ly cast doubt on that attri­bu­tion.

    Trump’s future White House Press Sec­re­tary Sean Spicer said before the sanc­tions and infor­ma­tion release Wednes­day intel­li­gence agen­cies need­ed to pro­vide more infor­ma­tion to make their case for attri­bu­tion, adding that many Democ­rats want to under­mine “how big [Trump’s] win was.”

    Attri­bu­tion is noto­ri­ous­ly dif­fi­cult in cyber­space, but far from impos­si­ble.

    The DHS and FBI “joint analy­sis report” released Thurs­day is unlike­ly to con­vince many Russ­ian attri­bu­tion skep­tics, ana­lysts told Nextgov.

    That doc­u­ment is offi­cial­ly aimed at help­ing the pub­lic sec­tor iden­ti­fy and com­bat sim­i­lar attacks. In addi­tion to breach­es at Demo­c­ra­t­ic polit­i­cal orga­ni­za­tions, it dis­cuss­es breach­es at pri­vate firms and think tanks.

    The doc­u­ment spends much of its intro­duc­tion, how­ev­er, dis­cussing the attri­bu­tion to Russ­ian intel­li­gence and describes itself as an expan­sion of the intel­li­gence community’s Octo­ber attri­bu­tion.

    Robert M. Lee, a for­mer Air Force cyber oper­a­tions offi­cer, crit­i­cized the report in a blog post for wink­ing at attri­bu­tion in its writ­ten por­tion, but not stand­ing it up in the tech­ni­cal sec­tion. Lee is founder of the cyber­se­cu­ri­ty firm Dra­gos.

    Dmitri Alper­ovitch, co-founder of Crowd­Strike, stood up that assess­ment in a tweet not­ing “lots of prob­lems here.”

    Crowd­Strike is the cyber­se­cu­ri­ty firm that inves­ti­gat­ed the Demo­c­ra­t­ic Nation­al Com­mit­tee data breach and first attrib­uted it to Russ­ian gov­ern­ment-linked hack­ing groups dubbed “Fan­cy Bear” and “Cozy Bear.” Alper­ovitch also claimed the DHS report includes incor­rect infor­ma­tion.

    Gre­go­ry Car­pen­ter, a senior con­sul­tant with the Cyber­se­cu­ri­ty Con­sult­ing Group, described the report as “exces­sive­ly devoid of any real infor­ma­tion” and said it “won’t help net­work defend­ers do their jobs.”

    Car­pen­ter pre­vi­ous­ly served at Army Cyber Com­mand and the Nation­al Secu­ri­ty Agency.

    “I look at [this report] and, I hate to say it, but it looks like a pro­pa­gan­da piece to sup­port a polit­i­cal deci­sion,” Car­pen­ter said.

    Posted by RM | January 6, 2017, 11:00 am
  2. Looks who’s back! Every­one’s favorite bro­ken Eng­lish hack­ing group, The Shad­ow Bro­kers, just released some more NSA hack­ing tools. Along with a list of IP address­es the NSA was tar­get­ing. All appar­ent­ly in response to a sense of betray­al. Betray­al by Don­ald Trump. Yes, when Don­ald Trump launched a cruise mis­sile attack against Syr­ia this so upset The Shad­ow Bro­kers that they wrote anoth­er long bro­ken Eng­lish rant (with a white nation­al­ist theme) about Trump liv­ing up to his promis­es and then released some more hack­ing tools:

    McClatchy DC

    Mys­te­ri­ous group posts more alleged NSA hack­ing tools; Rus­sia link sus­pect­ed

    By Tim John­son
    April 10, 2017 6:11 PM

    WASHINGTON

    In the lat­est in a drum­beat of intel­li­gence leaks, a hack­ing group known as the Shad­ow Bro­kers has released anoth­er set of tools it said were designed by the top-secret Nation­al Secu­ri­ty Agency to pen­e­trate com­put­er sys­tems world­wide.

    In a rant-filled state­ment over the week­end, Shad­ow Bro­kers also released a list of servers it said the tools had infect­ed.

    One doc­u­ment appeared to show that NSA spy­ware had been placed on servers in South Korea, Rus­sia, Japan, Chi­na, Mex­i­co, Tai­wan, Spain, Venezuela and Thai­land, among oth­er coun­tries. The dump includ­ed details of how the NSA pur­port­ed­ly had gained access to Pakistan’s main mobile net­work.

    The release marked the most recent in a steady stream of dis­clo­sures of pur­port­ed hack­ing tools devel­oped by the NSA and the CIA. Shad­ow Bro­kers made a sim­i­lar release in August, and in March the anti-secre­cy group Wik­iLeaks released sev­er­al batch­es of files that pur­port­ed to show how the CIA spies on its tar­gets. Wik­iLeaks has dubbed those leaks Vault7.

    Cyber­se­cu­ri­ty experts dif­fered in their assess­ment of the leaked mate­r­i­al but sev­er­al agreed that it would give glob­al foes cru­cial infor­ma­tion about Amer­i­can hack­ing abil­i­ties and plans.

    In its state­ment, Shad­ow Bro­kers said the lat­est leak, fol­low­ing one eight months ago, “is our form of protest” to goad Pres­i­dent Don­ald Trump into stay­ing loy­al to his fol­low­ers and pro­mot­ing anti-glob­al­ism. The screed includ­ed pro­fan­i­ty, some white suprema­cist com­men­tary and a pass­word to the cache of tools.

    This is inter­est­ing. A list of NSA tar­gets and the spe­cif­ic implants installed (IP address includ­ed).https://t.co/d0A950lD3t#Shad­ow­Bro­kers— Kevin Mit­nick (@kevinmitnick) April 9, 2017

    The spe­cif­ic spy­ware was less dra­mat­ic, experts said.

    “The dump appears to con­tain only Lin­ux and Unix tools and exploits, so orga­ni­za­tions run­ning only Win­dows don’t need to react to tools in this release,” an Augus­ta, Geor­gia, firm, Ren­di­tion Infos­ec, said n a blog post­ing.

    The NSA, which has its head­quar­ters at Fort Meade, Mary­land, did not respond to a request for com­ment.

    Ren­di­tion Infos­ec said there was lit­tle doubt that Rus­sia and the Shad­ow Bro­kers group were con­nect­ed and that for­eign hack­ing groups, some spon­sored by gov­ern­ments, had entered an era of drib­bling out leaks to influ­ence glob­al affairs.

    “In the future, we believe that oth­er groups are high­ly like­ly to attack orga­ni­za­tions, steal their data and release it at timed inter­vals in an attempt to con­trol the news cycle. This is clas­sic infor­ma­tion war­fare, updat­ed for dig­i­tal espi­onage,” the post­ing said.

    In its state­ment, Shad­ow Bro­kers denied, in bro­ken Eng­lish, that the group is linked to the Russ­ian gov­ern­ment.

    Those who have worked in the U.S. intel­li­gence com­mu­ni­ty voiced dis­may at the con­stant leak of alleged NSA and CIA tech­niques and tools.

    “What is dev­as­tat­ing is not just the loss of one exploit but the loss of your entire tool chain, par­tic­u­lar tar­gets you’re resid­ing on, your method­olo­gies, your research thrusts,” said Dave Aitel, a for­mer com­put­er sci­en­tist at the NSA who now is chief exec­u­tive at Immu­ni­ty Inc., a cyber­se­cu­ri­ty firm in Mia­mi.

    Aitel, who spoke on the side­lines of the Infil­trate 2017 con­fer­ence in Mia­mi Beach late last week, before the Shad­ow Bro­kers release, said the impact of leaks of cyberes­pi­onage tools “can be real hard to esti­mate or con­tain.”

    He said such leaks could open a win­dow on research trends that could derail entire units with­in the intel­li­gence com­mu­ni­ty.

    “Every group has a par­tic­u­lar set of spe­cial­ties that they are good at research­ing. If you start expos­ing those capa­bil­i­ties, you also expose your future capa­bil­i­ties,” Aitel said. “It can spread across a lot of pieces of your orga­ni­za­tion. . . . . That’s when you start see­ing entire net­works get destroyed based on leaks.”

    The Shad­ow Bro­kers group burst into the news in mid-August when it claimed to pos­sess stolen NSA cyber weapons and sur­veil­lance tools intend to bypass fire­walls and embed in net­work equip­ment or soft­ware made by Cis­co Sys­tems, Fortinet, Juniper Net­works and TopSec, a Chi­nese secu­ri­ty ven­dor.

    In a bizarre twist, the group demand­ed an astro­nom­i­cal sum – 1 mil­lion bit­coins, or $1.2 tril­lion – for the release of addi­tion­al NSA tools. When the group found no tak­ers, it issued a petu­lant state­ment in Octo­ber say­ing the auc­tion was off. In Jan­u­ary, the group said it was “going dark,” only to reap­pear over the week­end.

    “In its state­ment, Shad­ow Bro­kers said the lat­est leak, fol­low­ing one eight months ago, “is our form of protest” to goad Pres­i­dent Don­ald Trump into stay­ing loy­al to his fol­low­ers and pro­mot­ing anti-glob­al­ism. The screed includ­ed pro­fan­i­ty, some white suprema­cist com­men­tary and a pass­word to the cache of tools.”

    A screed con­tain­ing white suprema­cist com­men­tary and a new hack­ing tool dump to protest Don­ald Trump’s Syr­i­an bomb­ing. It’s as if the Shad­ow Bro­kers decid­ed to chan­nel Ann Coul­ter to scare Trump.

    And note that when you read the claim by folks at Ren­di­tion Infos­ec that there is “lit­tle doubt that Rus­sia and the Shad­ow Bro­kers group were con­nect­ed”:

    ...
    Ren­di­tion Infos­ec said there was lit­tle doubt that Rus­sia and the Shad­ow Bro­kers group were con­nect­ed and that for­eign hack­ing groups, some spon­sored by gov­ern­ments, had entered an era of drib­bling out leaks to influ­ence glob­al affairs.

    “In the future, we believe that oth­er groups are high­ly like­ly to attack orga­ni­za­tions, steal their data and release it at timed inter­vals in an attempt to con­trol the news cycle. This is clas­sic infor­ma­tion war­fare, updat­ed for dig­i­tal espi­onage,” the post­ing said.

    In its state­ment, Shad­ow Bro­kers denied, in bro­ken Eng­lish, that the group is linked to the Russ­ian gov­ern­ment.
    ...

    keep in mind that there’s actu­al­ly been a lot of doubt that the Rus­sians hacked the NSA for the very begin­ning:

    Vice Moth­er­board

    For­mer NSA Staffers: Rogue Insid­er Could Be Behind NSA Data Dump

    Loren­zo Franceschi-Bic­chierai and Joseph Cox

    August 17 2016, 9:18pm

    Who’s real­ly behind one of the most shock­ing data dumps ever? Anoth­er the­o­ry emerges.

    There are a lot of unan­swered ques­tions sur­round­ing the shock­ing dump of a slew of hack­ing tools used by an NSA-linked group ear­li­er this week. But per­haps the biggest one is: who’s behind the leak? Who is behind the mys­te­ri­ous moniker “The Shad­ow Bro­kers”?

    So far, there’s no clear evi­dence point­ing in any direc­tion, but giv­en the tim­ing of the leak, and the sim­ple fact that very few would have the capa­bil­i­ties and the motives to hack and shame the NSA pub­licly, some posit­ed The Shad­ow Bro­kers could be Russ­ian.

    But there’s anoth­er pos­si­bil­i­ty. An insid­er could have stolen them direct­ly from the NSA, in a sim­i­lar fash­ion to how for­mer NSA con­trac­tor Edward Snow­den stole an untold num­ber of the spy agen­cy’s top secret doc­u­ments. And this the­o­ry is being pushed by some­one who claims to be, him­self, a for­mer NSA insid­er.

    “My col­leagues and I are fair­ly cer­tain that this was no hack, or group for that mat­ter,” the for­mer NSA employ­ee told Moth­er­board. “This ‘Shad­ow Bro­kers’ char­ac­ter is one guy, an insid­er employ­ee.”

    The source, who asked to remain anony­mous, said that it’d be much eas­i­er for an insid­er to obtain the data that The Shad­ow Bro­kers put online rather than some­one else, even Rus­sia, remote­ly steal­ing it. He argued that “nam­ing con­ven­tion of the file direc­to­ries, as well as some of the scripts in the dump are only acces­si­ble inter­nal­ly,” and that “there is no rea­son” for those files to be on a serv­er some­one could hack. He claimed that these sorts of files are on a phys­i­cal­ly sep­a­rat­ed net­work that does­n’t touch the inter­net; an air-gap. (Moth­er­board was not able to inde­pen­dent­ly ver­i­fy this claim, and it’s worth bear­ing in mind that an air-gap is not an insur­mount­able obsta­cle in the world of hack­ing).

    Of course, as Matt Suiche, the CEO of Dubai-based cyber­se­cu­ri­ty com­pa­ny Comae, not­ed in a post ana­lyz­ing the insid­er the­o­ry, a lead­ing the­o­ry is that a mem­ber of NSA’s elite hack­ing team, Tai­lored Access Oper­a­tion, or TAO, made a “mis­take” and left the hack­ing tools exposed on a serv­er.

    “We are 99.9 per­cent sure that Rus­sia has noth­ing to do with this and even though all this spec­u­la­tion is more sen­sa­tion­al in the media, the insid­er the­o­ry should not be dis­missed,” the source added. “We think it is the most plau­si­ble.”

    The source said that while he was “a lit­tle ner­vous about this whole thing,” he was com­ing for­ward pre­cise­ly to warn peo­ple against accus­ing Rus­sia.

    “Now see­ing what’s being parad­ed in the media like the wild­ly spec­u­la­tive attri­bu­tion to Rus­sia, I feel a per­son­al respon­si­bil­i­ty to pro­pose the more plau­si­ble the­o­ry on behalf of me and the rest of the guys like me,” he said. “I think it’s dan­ger­ous to point fin­gers when they should­n’t be. That could have real impli­ca­tions that affect real peo­ple.”

    The source pro­vid­ed a mil­i­tary award as proof of his past employ­ment, and mul­ti­ple for­mer intel­li­gence sources who reviewed the award for Moth­er­board said it looks legit­i­mate. That award describes the source’s role as a “Cyber Intru­sion Ana­lyst,” and although he was not a mem­ber of TAO him­self, he said he was able to work with TAO oper­a­tors and access and ana­lyze the data retrieved.

    ...

    Michael Adams, an infor­ma­tion secu­ri­ty expert who served more than two decades in the US Spe­cial Oper­a­tions Com­mand, agreed that it’s a viable the­o­ry.

    “It’s Snow­den junior,” Adams told Moth­er­board. “Except he does­n’t want to end up in vir­tu­al prison in Rus­sia. He’s smart enough to rip off shit, but also smart enough to be uniden­ti­fi­able.”

    It’s impor­tant to note that there’s no evi­dence point­ing the fin­ger at an insid­er, just like there’s no evi­dence point­ing toward Rus­sia. It’s all spec­u­la­tion, but these two the­o­ries, at this point, seem the most plau­si­ble.

    “The source, who asked to remain anony­mous, said that it’d be much eas­i­er for an insid­er to obtain the data that The Shad­ow Bro­kers put online rather than some­one else, even Rus­sia, remote­ly steal­ing it. He argued that “nam­ing con­ven­tion of the file direc­to­ries, as well as some of the scripts in the dump are only acces­si­ble inter­nal­ly,” and that “there is no rea­son” for those files to be on a serv­er some­one could hack. He claimed that these sorts of files are on a phys­i­cal­ly sep­a­rat­ed net­work that does­n’t touch the inter­net; an air-gap. (Moth­er­board was not able to inde­pen­dent­ly ver­i­fy this claim, and it’s worth bear­ing in mind that an air-gap is not an insur­mount­able obsta­cle in the world of hack­ing).”

    And that was the assess­ment just days after the Shad­ow Bro­kers emerged back in August. And it’s not like sus­pi­cions that it was an NSA insid­er ever went away. So keep in mind that when you read about how there’s “lit­tle doubt” that Rus­sia and the Shad­ow Bro­kers group were con­nect­ed, that’s undoubt­ed­ly true for many ana­lysts since attribut­ing any and all hacks involv­ing the US to Rus­sia is now the norm, but there should actu­al­ly be some doubt.

    Will we ever dis­cov­er who the Shad­ow Bro­kers real­ly is/are? Only time will tell, but one thing we can say for sure at this point after the release of their angry rant against Trump: giv­en that they are now claim­ing to be NSA insid­ers who vot­ed for Trump, it’s worth not­ing that, who­ev­er they are, they are very adept at writ­ing angry rants from the per­spec­tive of a white nation­al­ist Trump sup­port­er using bro­ken Eng­lish:

    Medi­um

    Don’t For­get Your Base

    Dear Pres­i­dent Trump,

    Respect­ful­ly, what the fu ck are you doing? The­Shad­ow­Bro­kers vot­ed for you. The­Shad­ow­Bro­kers sup­ports you. The­Shad­ow­Bro­kers is los­ing faith in you. Mr. Trump help­ing the­shad­ow­bro­kers, help­ing you. Is appear­ing you are aban­don­ing “your base”, “the move­ment”, and the peo­ples who get­ting you elect­ed.

    Good Evi­dence:

    #1—Goldman Sach (The­Glob­al­ists) and Mil­i­tary Indus­tri­al Intel­li­gence Com­plex (MIIC) cab­i­net
    #2—Backtracked on Oba­macare
    #3—Attacked the Free­dom Caus­cus (The­Move­ment)
    #4—Removed Ban­non from the NSC
    #5—Increased U.S. involve­ment in a for­eign war (Syr­ia Strike)

    The peo­ples whose vot­ed for you, vot­ed against the Repub­li­can Par­ty, the par­ty that tried to destroy­ing your char­ac­ter in the pri­maries. The peo­ples who vot­ed for you, vot­ed against the Demo­c­rat Par­ty, the par­ty that hates, mocks, and laughs at you. With­out the sup­port of the peo­ples who vot­ed for you, what do you think will be hap­pen­ing to your Pres­i­den­cy? With­out the sup­port of the peo­ple who vot­ed for you, do you think you’ll be still mak­ing Amer­i­ca great again? Do you be remem­ber­ing when you were sit­ting there at the Oba­ma Press Par­ty and they were all laugh­ing at you? Do you be remem­ber­ing when you tour­ing the coun­try and all those peo­ples believed in you and sup­port­ed you? You were those peo­ples hope. How do you be think­ing it will be feel­ing when those peo­ple turn on you? Will they be laugh­ing at you, hat­ing you, and mock­ing you too?

    The­Shad­ow­Bro­kers doesn’t want this to be hap­pen­ing to you, Mr. Trump. The­Shad­ow­Bro­kers is want­i­ng to see you suc­ceed. The­Shad­ow­Bro­kers is want­i­ng Amer­i­ca to be great again. The­Shad­ow­Bro­kers acknowl­edg­ing, we don’t be hav­ing all the inside infor­ma­tion you do, things might look dif­fer­ent inside the bub­ble. The­Shad­ow­Bro­kers is hav­ing sug­ges­tion. Maybe you be mak­ing YouTube video is in order, to be explain­ing to your vot­ers, your sup­port­ers, you didn’t fu ck them all over. Because from the­shad­ow­bro­kers seat is look­ing real­ly bad. If you made deal(s) be telling the peo­ples about them, peo­ples is appre­ci­at­ing trans­paren­cy. But what kind of deal can be result­ing in chem­i­cal weapons used in Syr­ia, Mr. Bannon’s removal from the NSC, US mil­i­tary strike on Syr­ia, and suc­cess­ful vote for SCOTUS with­out change rules? Mr. Trump whose war are you fight­ing? Israeli Nation­al­ists’ (Zion­ist) and Gold­man Sachs’ war? Chi­nese Glob­al­ists’ and Gold­man Sachs war? Is not look­ing like you fight­ing the domes­tic wars, the move­ment elect­ed you to be fight­ing. You not being in office three months and already you look­ing like the MIIC’s bitch with John McCain and Chuck Schumer dou­ble dutch rud­der­ing each oth­er in the cor­ner over dead corpses.

    Mr Trump, we get­ting it. You hav­ing spe­cial empa­thy for father whose daugh­ter is killed. We know this is root cause for anti-ille­gal immi­grant pol­i­cy. Ille­gal immi­grant shoot man’s daugh­ter in San Fran­cis­co. Now is Syr­i­an man daugh­ter killed by chem­i­cal gas. We agree its need­less tragedy. But tragedies hap­pen­ing every­day and wars endan­gers all the chil­dren not just Syr­i­an.

    Mr Pres­i­dent the­shad­ow­bro­kers would like to be mak­ing some sug­ges­tion regard­ing why you were being elect­ed, is just being friend­ly reminders.

    Your Sup­port­ers:

    - Don’t care what is writ­ten in the NYT, Wash­ing­ton Post, or any news­pa­per, so just ignore it.
    — Don’t care if you swapped wives with Mr Putin, dou­ble down on it, “Putin is not just my firend he is my BFF”.
    — Don’t care if the elec­tion was hacked or rigged, cel­e­brate it “so what if I did, what are you going to do about it”.
    — Don’t care if your pop­u­lar or nice, get er done, Obama’s fail, think­ing he could cre­ate com­pro­mise. No com­pro­mise.
    — Don’t want for­eign wars, Do want domes­tic wars, “drain the swamp”, “destroy the nan­ny state”
    — Don’t care about your faith, you sound like a smuck when you try to say god things
    — DO sup­port the ide­olo­gies and poli­cies of Steve Ban­non, Anti-Glob­al­ism, Anti-Social­ism, Nation­al­ism, Iso­la­tion­ism

    The­Shad­ow­Bro­kers is hav­ing some oth­er sug­ges­tions.

    Glob­al­ism
    If Glob­al­ism is being so cool and awe­some, why all the peo­ples come to only one coun­try, Amer­i­can? Isn’t that being oppo­site of glob­al­ism? If glob­al­ism shouldn’t all peo­ples be stay­ing in own coun­tries and Amer­i­ca be export­ing cul­ture and ideas to them? If cul­tures, beliefs, and philoso­phies of Africa, Asia, and India is being so cool and awe­some, why isn’t every­one immi­grat­ing there? Because its not and they aren’t. Euro­pean or West­ern Cul­ture has proven is being best and most dom­i­nant, noth­ing to do with skin col­ors, white, brown, yel­low, but is hav­ing to do with being red. No not red com­mu­nism, red as in blood. Euro­pean ances­tors did the work, the think­ing, the rebelling, the fight­ing, the killing, and the dying. Some­times they being on rite side of his­to­ry and some­times not, but result is being great cul­ture and soci­ety. “But, Amer­i­ca is nation of immi­grants!” Yes, but until 30 years ago most immi­grants being Euro­peans. Jeudeo-Chris­t­ian Euro­peans minor cul­tur­al dif­fer­ences. Don’t bring the world to Amer­i­ca, bring Amer­i­ca to the world. Amer­i­ca first. Eng­lish first. Amer­i­can work­ers first. Amer­i­can stu­dents first. Amer­i­can cul­ture first.

    White Priv­i­lege
    Dear Amer­i­cans, do you seek black priv­i­leged, repa­ra­tion, and free shit? The­Shad­ow­Bro­kers is hav­ing pro­gram for you, is call­ing it the “Oba­ma Tick­et.” The U.S. gov­ern­ment will be set­ting aside 1 Tril­lion, made up, bor­rowed from our­selves, debased Fed­er­al Reserve dol­lars to be send­ing any Amer­i­can res­i­dent, who wish­es, regard­less of skin col­or, on an all expense paid, per­ma­nent trip to Africa. Be telling your friends. Be telling your fam­i­ly. Be tak­ing as many of them (friends and fam­i­ly) with you. Some con­di­tion be apply­ing, accept­ing an Oba­ma Tick­et auto­mat­i­cal­ly revokes your Unites States cit­i­zen­ship, your are not being allow to return, for one gen­er­a­tion, no excep­tions. Call 1–800–555‑1212

    Social­ist Col­lec­tivism
    Africa not being for you. Do you lik­ing social­ism? Col­lec­tivism? Are all ani­mals equal, but some ani­mals more equal than oth­ers? Do you like wear­ing black? Then maybe the Social­ist Work­ers Par­adise of North Korea is for you. Please call the same num­ber above and select menu option #2.

    Rus­sia
    For peo­ples still being con­fused about The­Shad­ow­Bro­kers and Rus­sia. If the­shad­ow­bro­kers being Russ­ian don’t you think we’d be in all those U.S. gov­ern­ment reports on Russ­ian hack­ing? The­Shad­ow­Bro­kers isn’t not fans of Rus­sia or Putin but “The ene­my of my ene­my is my friend.” We rec­og­nize Amer­i­cans’ hav­ing more in com­mon with Rus­sians than Chi­nese or Glob­al­ist or Social­ist. Rus­sia and Putin are nation­al­ist and ene­mies of the Glob­al­ist, exam­ples: NATO encroach­ment and Ukraine con­flict. There­fore Rus­sia and Putin are being best allies until the com­mon ene­mies are defeat­ed and Amer­i­ca is great again.

    MAGA
    Pres­i­dent Trump, the­shad­ow­bro­kers is offer­ing our ser­vices to you and your admin­is­tra­tion. Did you know most of the­shad­ow­bro­kers’ mem­bers have tak­en the oath “…to pro­tect and defend the con­sti­tu­tion of the Unit­ed States against all ene­mies for­eign and domes­tic…”. Yes sir! Most of us used to be TheDeep­State every­one is talk­ing about. But we real­ized TheDeep­State is being the ene­my of the con­sti­tu­tion, indi­vid­u­al­ism, life, lib­er­ty, and the pur­suit of hap­pi­ness. With the right fund­ing we can recruit some of the best hack­er intel peo­ples in Unit­ed States and world.. “Unmask­ing” is being new buzz word, so we use. The­Shad­ow­Bro­kers is being hap­py to unmask any­one we con­sid­er­ing to be an ene­my of the Con­sti­tu­tion of the Unit­ed States. Ene­mies like John McCain. Some­thing doesn’t rub the­shad­ow­bro­kers rite about Viet­nam War POW who at every oppor­tu­ni­ty seeks to do vio­lence to oth­ers via the proxy of young ser­vice men and women. If any­one should be being paci­fist, slow to pick fight it should be being for­mer POW. The­Shad­ow­Bro­kers is sure if we “unmask­ing”, Sen­a­tor McCain, Magog itself might come out, many defense con­trac­tors, Sau­di Princes, and pos­si­bly lit­tle Viet­namese boy he shares with Sen­a­tor Lind­sey Gra­ham, not cool! Mr. Trump we know you are hav­ing DOJ and FBI, so why you be need­ing the­Shad­ow­Bro­kers? You don’t, but the­shad­ow­bro­kers is con­fused. Why haven’t you served search war­rant to NYT, Wash­ing­ton Post, Gold­man Sacks, Jeff Bezos, and all oth­er Glob­al­ist for inves­ti­ga­tion and pros­e­cu­tion of trea­son, sedi­tion, and un-Amer­i­can activ­i­ties dur­ing a time of war? The Alien and Sedi­tion Act? A Un-Amer­i­can Activites com­mi­tee? Doing so, you could be seiz­ing all their IT sys­tems, freeze their finan­cial assets, arrest key lead­er­ship. Every Amer­i­can is inno­cent until proven guilty and has the right to fair tri­al by jury, but inves­ti­ga­tion and tri­als take a real­ly real­ly long time and is being very dif­fi­cult to run a busi­ness and make mon­ey for share­hold­er when FBI and DOJ has all your IT sys­tems.

    Mr. Pres­i­dent Trump the­shad­ow­bro­kers sin­cere­ly is hop­ing you are being the real deal and that you received this as con­struc­tive crit­i­cism toward #MAGA. Some American’s con­sid­er or maybe con­sid­er­ing The­Shad­ow­Bro­kers trai­tors. We dis­agree­ing. We view this as keep­ing our oath to pro­tect and defend against ene­mies for­eign and domes­tic. The­Shad­ow­Bro­kers wish­es we could be doing more, but revolutions/civil wars tak­ing mon­ey, time, and peo­ple. The­Shad­ow­Bro­kers has is hav­ing lit­tle of each as our auc­tion was an appar­ent fail­ure. Be con­sid­er­ing this our form of protest. The pass­word for the EQGRP-Auc­tion-Files is CrDj”(;Va.*NdlnzB9M?@K2)#>deB7mN

    ...

    “The­Shad­ow­Bro­kers doesn’t want this to be hap­pen­ing to you, Mr. Trump. The­Shad­ow­Bro­kers is want­i­ng to see you suc­ceed. The­Shad­ow­Bro­kers is want­i­ng Amer­i­ca to be great again. The­Shad­ow­Bro­kers acknowl­edg­ing, we don’t be hav­ing all the inside infor­ma­tion you do, things might look dif­fer­ent inside the bub­ble. The­Shad­ow­Bro­kers is hav­ing sug­ges­tion. Maybe you be mak­ing YouTube video is in order, to be explain­ing to your vot­ers, your sup­port­ers, you didn’t fu ck them all over. Because from the­shad­ow­bro­kers seat is look­ing real­ly bad. If you made deal(s) be telling the peo­ples about them, peo­ples is appre­ci­at­ing trans­paren­cy. But what kind of deal can be result­ing in chem­i­cal weapons used in Syr­ia, Mr. Bannon’s removal from the NSC, US mil­i­tary strike on Syr­ia, and suc­cess­ful vote for SCOTUS with­out change rules? Mr. Trump whose war are you fight­ing? Israeli Nation­al­ists’ (Zion­ist) and Gold­man Sachs’ war? Chi­nese Glob­al­ists’ and Gold­man Sachs war? Is not look­ing like you fight­ing the domes­tic wars, the move­ment elect­ed you to be fight­ing. You not being in office three months and already you look­ing like the MIIC’s bitch with John McCain and Chuck Schumer dou­ble dutch rud­der­ing each oth­er in the cor­ner over dead corpses.”

    Hmm...maybe it was­n’t Ann Coul­ter they were chan­nel­ing. This all seemed a lit­tle more Alex Jones-ish. Or maybe Steve Ban­non. Regard­less, who­ev­er wrote that rant has a pret­ty good sense of what a dis­il­lu­sioned Lib­er­tar­i­an who lis­tens to Alex Jones and buys Ann Coul­ter’s books would say to Don­ald Trump if they had to say it in a weird bro­ken Eng­lish that comes across as an Amer­i­can try­ing to hide their iden­ti­ty. And based on lin­guist analy­sis alone we can conclude...nothing. Because that’s weak, high­ly spoofa­ble evi­dence on its own. Much like most of the spoofa­ble tech­ni­cal evi­dence that ends up get­ting used to assign attri­bu­tion for major hacks. And yet as we saw above, some evi­dence that points towards the Shad­ow Bro­kers’ haul com­ing from an insid­er isn’t spoofa­ble. Like how “some of the scripts in the dump are only acces­si­ble inter­nal­ly” isn’t so eas­i­ly spoofa­ble, and that evi­dence point­ed towards it being an insid­er. At this point we don’t know.

    We also don’t know if this release com­bined with an angry mes­sage to Trump is intend­ed to serve as a kind of hack­er threat direct­ed at Trump by the hack­ers who assist­ed him dur­ing the elec­tion. Who­ev­er did those hacks pre­sum­ably has the capac­i­ty to gath­er all sorts of unpleas­ant infor­ma­tion on Trump and his entourage so the pos­si­bil­i­ty that this was intend­ed to sig­nal the capac­i­ty to dig­i­tal­ly embar­rass Trump if he does­n’t fol­low through on a Bannon/Coulter/Jones agen­da. Who knows.

    But there is one thing we know pret­ty con­fi­dent­ly at this point giv­en the Shad­ow Bro­kers’ deci­sion to chan­nel of Steve Ban­non and do this leak at this point in time: If Hal Mar­tin — the NSA con­trac­tor found to be steal­ing NSA hack­ing tools for decades short­ly after the ini­tial Shad­ow Bro­kers leak — real­ly was involved with the Shad­ow Bro­kers as has been sus­pect­ed but nev­er estab­lished, he was­n’t work­ing alone. Because he’s in cus­tody. Or he has very unsu­per­vised access to a com­put­er while in cus­tody.

    Either way, the fact that Hal Mar­tin — an insid­er who had been pil­fer­ing NSA secrets for decades and he was only dis­cov­ered after the Shad­ow Bro­kers leak — exists at all is one of those dif­fi­cult to spoof facts that cer­tain­ly lends cre­dence to the idea that the “Shad­ow Bro­kers” real­ly are an insid­er just like they claim in bro­ken Eng­lish. Not that the ‘out­sider hack’ sce­nario is impos­si­ble. But we should def­i­nite­ly not be rul­ing out the insid­ers.

    Posted by Pterrafractyl | April 11, 2017, 8:25 pm

Post a comment