- Spitfire List - https://spitfirelist.com -

FTR #923 The Obverse Oswald and the High Profile Hacks: Update on the Adventures of Eddie the Friendly Spook (Weighing in for The Trumpenkampfverbande, Part 2)

Dave Emory’s entire life­time of work is avail­able on a flash dri­ve that can be obtained HERE [1]. The new dri­ve is a 32-giga­byte dri­ve that is cur­rent as of the pro­grams and arti­cles post­ed by ear­ly win­ter of 2016. The new dri­ve (avail­able for a tax-deductible con­tri­bu­tion of $65.00 or more.) (The pre­vi­ous flash dri­ve was cur­rent through the end of May of 2012.)

WFMU-FM is pod­cast­ing For The Record–You can sub­scribe to the pod­cast HERE [2].

You can sub­scribe to e‑mail alerts from Spitfirelist.com HERE [3].

You can sub­scribe to RSS feed from Spitfirelist.com HERE [4].

You can sub­scribe to the com­ments made on pro­grams and posts–an excel­lent source of infor­ma­tion in, and of, itself HERE [5].

This broad­cast was record­ed in one, 60-minute seg­ment [6].

Lee Harvey Oswald: Ersatz Communist [7]

Lee Har­vey Oswald: Ersatz Com­mu­nist

borisandnatashai [8]Intro­duc­tion: In past dis­cus­sion of “Eddie the Friend­ly Spook,” we have char­ac­ter­ized him as “the Obverse Oswald.

Sup­ple­ment­ing and sum­ming up the exhaus­tive “Eddie the Friend­ly Spook” series, this pro­gram sets forth the Snow­den “psy-op” and the high-pro­file hacks against the back­ground of Lee Har­vey Oswald, the U.S. spy infil­trat­ed into the Sovi­et Union and then into left­ist orga­ni­za­tions in the Unit­ed States. Oswald was framed for JFK’s assas­si­na­tion and then killed before he could defend him­self.

Where­as Oswald was por­trayed as a vil­lain, Eddie the Friend­ly Spook’s oper­a­tion is the obverse, with Snow­den decamp­ing first to Chi­na and then to Rus­sia and being por­trayed as a hero. Snow­den is not only a spy but a fas­cist, who advo­cates the elim­i­na­tion of Social Secu­ri­ty and the return to the gold stan­dard.

Snow­den’s Russ­ian sojourn appears to have been arranged by Wik­iLeaks [9], which also appears to have arranged his flight to Chi­na from Hawaii. (Snow­den’s jour­ney to Hawaii appears to have been facil­i­tat­ed by Jacob Apple­baum, who may be behind the “Shad­ow Bro­kers” alleged hack of NSA cyber­weapons.) It was Snow­den’s jour­ney to Moscow that threw Oba­ma’s “reboot” with Rus­sia under the bus. [10]

In this pro­gram, we exam­ine infor­ma­tion indi­cat­ing that Rus­sia has been framed for the “Shad­ow Bro­kers” alleged hack of the NSA, much as it appears to have been framed for the DNC hack. Indeed, with both the DNC hack and the “Shad­ow Bro­kers” non-hack of the NSA, the evi­dence points increas­ing­ly toward “Team Snow­den” and Eddie the Friend­ly Spook him­self.

In that con­text, we again point to “The Obverse Oswald.” [11]  We strong­ly sus­pect that “Team Snow­den” may have had some­thing to do with this. Snow­den is in Rus­sia and work­ing for a com­put­er firm. The (frankly lame) fram­ing of Rus­sia for the DNC hack and the “Shad­ow Bro­kers” non-hack of the NSA reminds us of the process of “paint­ing Oswald Red.”

borisandnatashaii [12]borisandnatashaiii [13]We have cov­ered this in numer­ous broad­casts, includ­ing The Guns of Novem­ber, Part 1 [14]AFA #15 [15] and FTR #‘s 777 [16] and 876 [17]. (An excel­lent book on the JFK assas­si­na­tion that presents an excel­lent break­down of “the paint­ing of Oswald Red” is JFK and the Unspeak­able: Why He Died and Why It Mat­ters [18].)

In a tran­si­tion­al ele­ment from FTR #922 [19], the last of our pro­grams deal­ing with the Trumpenkampfver­bande, we note that Don­ald Trump’s ide­ol­o­gy and rhetoric are a devel­op­ment and ampli­fi­ca­tion of what we termed “The Paulis­tin­ian Lib­er­tar­i­an Orga­ni­za­tion.” [20]  In FTR #‘s 755 [21], 758 [22] and 759 [23], we have fur­ther devel­oped the rela­tion­ship between the Ron Paul milieu and WikiLeaks/Team Snow­den. Trump sup­port­er David Duke is inex­tri­ca­bly linked with this milieu.

” . . . Trump’s style and posi­tions — endors­ing and con­sort­ing with 9/11 truthers [24], pro­mot­ing online racists [25], using fake sta­tis­tics [26]— draw on a now-obscure polit­i­cal strat­e­gy called “pale­olib­er­tar­i­an­ism,” which was once quite pop­u­lar among some Repub­li­cans, espe­cial­ly for­mer pres­i­den­tial can­di­date Ron Paul. . . .The fig­ure whose ideas uni­fy Pauline lib­er­tar­i­ans and today’s Trump­ists is the late Mur­ray Roth­bard, an econ­o­mist who co-found­ed the Cato Insti­tute and is wide­ly regard­ed as the cre­ator of lib­er­tar­i­an­ism. . . . Almost imme­di­ate­ly after its cre­ation [by Mur­ray Roth­bard, the Mis­es Insti­tute (head­quar­tered in Auburn, Ala.) began pub­lish­ing crit­i­cism [27] of “com­pul­so­ry inte­gra­tion [28],” attacks on Abra­ham Lin­coln [29]and apolo­gia for Con­fed­er­ate lead­ers [30]. Insti­tute schol­ars have also spo­ken to racist groups such as the League of the South [31]. Roth­bard even pub­lished a chap­ter in his book “The Ethics of Lib­er­ty [32]” in which he said that “the pure­ly free soci­ety will have a flour­ish­ing free mar­ket in chil­dren,” although he didn’t spec­i­fy the races of the chil­dren who might be sold. . . . All of these pale­olib­er­tar­i­an posi­tions were offered in Duke’s 1990 Sen­ate cam­paign and 1991 guber­na­to­r­i­al cam­paign. But they were also offered by anoth­er politi­cian Roth­bard admired: Ron Paul, the Lib­er­tar­i­an Party’s pres­i­den­tial can­di­date in 1988. . . .

It should come as no sur­prise to see Snow­den and Wik­iLeaks work­ing for Trump, and that, indeed appears to under­lie the false attri­bu­tion of the DNC hack and the Shad­ow Bro­kers affair on Rus­sia.

Under­stand­ing the process of “paint­ing Oswald red” gives us per­spec­tive on the crude decep­tion involved with the “Shad­ow Bro­kers” non-hack, as well as giv­ing us an under­stand­ing of the DNC hack. Review­ing why Rus­sia is an unlike­ly cul­prit [33] in the DNC hack: ” . . . A crit­i­cal look expos­es the sig­nif­i­cant flaws in the attri­bu­tion. First, all of the tech­ni­cal evi­dence can be spoofed. Although some argue that spoof­ing the mound of uncov­ered evi­dence is too much work, it can eas­i­ly be done by a small team of good attack­ers in three or four days. Sec­ond, the tools used by Cozy Bear appeared on the black mar­ket when they were first dis­cov­ered years ago and have been recy­cled and used against many oth­er tar­gets, includ­ing against Ger­man indus­try. The reuse and fine-tun­ing of exist­ing mal­ware hap­pens all the time. Third, the lan­guage, loca­tion set­tings, and com­pi­la­tion meta­da­ta can eas­i­ly be altered by chang­ing basic set­tings on the attacker’s com­put­er in five min­utes with­out the need of spe­cial knowl­edge. None of the tech­ni­cal evi­dence is con­vinc­ing. It would only be con­vinc­ing if the attack­ers used entire­ly nov­el, unique, and sophis­ti­cat­ed tools with unmis­tak­able indi­ca­tors point­ing to Rus­sia sup­port­ed by human intel­li­gence, not by mal­ware analy­sis.

The DNC attack­ers also had very poor, almost com­i­cal, oper­a­tional secu­ri­ty (OPSEC). State actors tend to have a qual­i­ty assur­ance review when devel­op­ing cyber­at­tack tools to min­i­mize the risk of dis­cov­ery and leav­ing obvi­ous crumbs behind. Russ­ian intel­li­gence ser­vices are espe­cial­ly good. They are high­ly capa­ble, tac­ti­cal­ly and strate­gi­cal­ly agile, and ratio­nal. They ensure that offen­sive tools are tai­lored and pro­por­tion­ate to the sig­nal they want to send, the pos­si­bil­i­ty of dis­clo­sure and pub­lic per­cep­tion, and the odds of esca­la­tion. The shod­dy OPSEC just doesn’t fit what we know about Russ­ian intel­li­gence. . . . Giv­en these argu­ments, blam­ing Rus­sia is not a slam dunk [34]. Why would a coun­try with some of the best intel­li­gence ser­vices in the world com­mit a whole series of real­ly stu­pid mis­takes in a high­ly sen­si­tive oper­a­tion? Why pick a tar­get that has a strong chance of lead­ing to esca­la­to­ry activ­i­ty when Rus­sia is known to pre­fer incre­men­tal actions over dras­tic ones? Why go through the trou­ble of a false flag when doing noth­ing would have been arguably bet­ter?. . . ”

The appar­ent “non-hack” of the NSA by “The Shad­ow Bro­kers” also makes no sense [35]. Note also, the clum­sy, Boris [36] and Natasha-like [37] bro­ken Eng­lish used to try and por­tray this as a “Russ­ian” oper­a­tion. In addi­tion, as we will see, that this does­n’t appear to be a “hack” at all.

“. . . Their claim to have ‘hacked’ a serv­er belong­ing to the NSA is fishy. Accord­ing to ex-NSA insid­ers who spoke with [38] Busi­ness Insid­er, the agency’s hack­ers don’t just put their exploits and toolk­its online where they can poten­tial­ly be pil­fered. The more like­ly sce­nario for where the data came from, says ex-NSA research sci­en­tist Dave Aitel, is an insid­er who down­loaded it onto a USB stick. . . . When hack­ers gain access to a serv­er, they keep qui­et about it so they can stay there. . . .One of the many strange things about this inci­dent is the very pub­lic nature of what tran­spired. When a hack­er takes over your com­put­er, they don’t start acti­vat­ing your web­cam or run­ning weird pro­grams because you’d fig­ure out pret­ty quick­ly that some­thing was up and you’d try to get rid of them. . . .

 . . . If the Shad­ow Bro­kers owned the NSA’s com­mand and con­trol serv­er, then it would prob­a­bly be a much bet­ter approach to just sit back, watch, and try to piv­ot to oth­er inter­est­ing things that they might be able to find. . . . Instead, the group wrote on Paste­bin, a web­site where you can store text, that “we fol­low Equa­tion Group traf­fic. We find Equa­tion Group source range. We hack Equa­tion Group. We find many many Equa­tion Group cyber weapons,” which imme­di­ate­ly sig­nals to this alleged NSA hack­er group that they have a big prob­lem. [Note the remark­able bro­ken Eng­lish used in the post, rem­i­nis­cent of Boris and Natasha–D.E.] . . . Peo­ple sell exploits all the time, but they hard­ly ever talk about it. . . . Most of the time, an exploit is either found by a secu­ri­ty research firm, which then writes about it and reports it to the com­pa­ny so it can fix the prob­lem. Or, a hack­er look­ing for cash will take that found exploit and sell it on the black mar­ket. So it would make sense for a group like Shad­ow Bro­kers to want to sell their trea­sure trove, but going pub­lic with it is beyond strange. . . .”

Notice, how­ev­er, that Edward Snow­den not only opined that this was, indeed, a hack, where­as the evi­dence points in a dif­fer­ent direc­tion, but that “Rus­sia was behind the hack.” Do not fail to take stock of the fact that Snow­den is fore­shad­ow­ing a pos­si­ble con­tro­ver­sy over the hack­ing of vot­ing machines, echo­ing the pro­nounce­ments of Don­ald Trump, the suc­ces­sor to Eddie the Friend­ly Spook’s Pres­i­den­tial can­di­date of choice, Ron Paul. “ . . . If you ask ex-NSA con­trac­tor Edward Snow­den, the pub­lic leak and claims of the Shad­ow Bro­kers seem to have Russ­ian fin­ger­prints all over them, and it serves as a warn­ing from Moscow to Wash­ing­ton. The mes­sage: If your pol­i­cy­mak­ers keep blam­ing us for the DNC hack, then we can use this hack to impli­cate you in much more. [39]

“That could have sig­nif­i­cant for­eign pol­i­cy con­se­quences,” Snow­den wrote [40] on Twit­ter. “Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed US allies. Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed elec­tions.” . . . .”

The dat­ing of the code used in con­nec­tion with the cyber­weapons dates to 2013, when Snow­den down­loaded NSA files onto USB sticks and went to Hong Kong from Hawaii. Note, again, that Snow­den points to hack­ing [41], rather than the much more like­ly sce­nario of some­one down­load­ing infor­ma­tion onto USB sticks, as Snow­den did. ” . . . . Snow­den also not­ed that the released files end in 2013. ‘When I came for­ward, NSA would have migrat­ed offen­sive oper­a­tions to new servers as a pre­cau­tion,’ he sug­gest­ed [42] — a move that would have cut off the hack­ers’ access to the serv­er. . . .” 

There is an impor­tant legal prin­ci­ple that is worth con­sid­er­ing, the con­cept of “con­scious­ness of guilt.” If some­one can be proved to have tak­en steps to cov­er up the com­mis­sion of a crime, that is con­sid­ered suf­fi­cient evi­dence to indict the per­son for the orig­i­nal crime. Here, we have Snow­den say­ing “Yup, Rus­sia did it” in spite of indi­ca­tions that such was not the case and “Yup, it was a hack” where­as that appears unlike­ly.

Evi­dence points in the direc­tion of “Team Snow­den,” the WikiLeaks/Snowden/Greenwald milieu we have been research­ing for years.

Per­haps no oth­er author/investigator has done as much writ­ing about NSA as James Bam­ford. In his obser­va­tions about “The Shad­ow Bro­kers” non-hack, he high­lights [43] the actions of Jacob Apple­baum, the Wik­iLeak­er who appears [44] to have been deeply involved with get­ting Snow­den from Hawaii to Hong Kong [45]. Apple­baum is also a fierce oppo­nent of Hillary Clin­ton.

“ . . . . Experts who have ana­lyzed the files sus­pect that they date to Octo­ber 2013, five months after Edward Snow­den left his con­trac­tor posi­tion with the NSA and fled to Hong Kong car­ry­ing flash dri­ves con­tain­ing hun­dreds of thou­sands of pages of NSA doc­u­ments. . . . There also seems to be a link between Assange and the leak­er who stole the ANT cat­a­log, and the pos­si­ble hack­ing tools. Among Assange’s close asso­ciates is Jacob Appel­baum, a cel­e­brat­ed hack­tivist and the only pub­licly known Wik­iLeaks staffer in the Unit­ed States – until he moved to Berlin in 2013 in what he called a “polit­i­cal exile” because of what he said was repeat­ed harass­ment by U.S. law enforce­ment per­son­nel. In 2010, a Rolling Stone mag­a­zine pro­file labeled him “the most dan­ger­ous man in cyber­space.”

In Decem­ber 2013, Appel­baum was the first per­son to reveal the exis­tence of the ANT cat­a­log, at a con­fer­ence in Berlin, with­out iden­ti­fy­ing the source. That same month he said he sus­pect­ed the U.S. gov­ern­ment of break­ing into his Berlin apart­ment. He also co-wrote an arti­cle about the cat­a­log in Der Spiegel. But again, he nev­er named a source, which led many to assume, mis­tak­en­ly, that it was Snow­den. . . .

. . . . Short­ly there­after, he turned his atten­tion to Hillary Clin­ton. At a screen­ing of a doc­u­men­tary about Assange in Cannes, France, Appel­baum accused her of hav­ing a grudge against him and Assange, and that if she were elect­ed pres­i­dent, she would make their lives dif­fi­cult. “It’s a sit­u­a­tion that will pos­si­bly get worse” if she is elect­ed to the White House, he said, accord­ing to Yahoo News. . . .”

The “Shad­ow Bro­kers” also went after Hillary Clin­ton [43] in the Boris and Natasha-like bro­ken Eng­lish: ” . . . . In hack­tivist style, and in what appears to be pho­ny bro­ken Eng­lish, this new release of cyber­weapons also seems to be tar­get­ing Clin­ton. It ends with a long and angry ‘final mes­sage” against ‘Wealthy Elites . . . break­ing laws’ but ‘Elites top friends announce, no law bro­ken, no crime commit[ed]. . . Then Elites run for pres­i­dent. Why run for pres­i­dent when already con­trol coun­try like dic­ta­tor­ship?’ . . . .”

Anoth­er piece of cir­cum­stan­tial evi­dence point­ing in the direc­tion of “Team Snow­den” con­cerns the fact that the “Shad­ow Bro­kers” used a Ger­man e‑mail provider.

Since Appel­baum is cur­rent­ly liv­ing in Berlin it’s worth not­ing that the email address that appears to be used by the Shad­ow Bro­kers is a Ger­man email provider with a pol­i­cy of coop­er­at­ing with legal author­i­ties as lit­tle as pos­si­ble and only hand­ing over encrypt­ed data when giv­en a court order. [46]

In addi­tion to Apple­baum (who appears to have assist­ed Snow­den in get­ting from Hawaii to Hong Kong), Lau­ra Poitras (Glenn Green­wald’s asso­ciate), Sarah Har­ri­son (Assange’s ex-girl­friend who assist­ed Snow­den in his flight from Hong Kong to Moscow) and Peter Sunde (who found­ed the Pirate Bay web­site on which Wik­iLeaks held forth) are all res­i­dent in Ger­many at this time.

“ . . . He said Tutan­o­ta had only ever been forced to hand over encrypt­ed data of its users a few times and it has a trans­paren­cy report [47] where it dis­clos­es those cas­es. ‘How­ev­er, we release data only in very, very few cas­es … And when we have to pro­vide the data due to a court order, it is still encrypt­ed,’ Pfau added, going on to explain the company’s stance on sur­veil­lance. . . .”

Against this back­ground, we again take stock of the fact that Roger Stone, the Trump cam­paign’s vet­er­an GOP dirty-tricks spe­cial­ist, has reit­er­at­ed [48] that he is work­ing direct­ly with Julian Assange to tor­pe­do the Clin­ton cam­paign.  “. . . . On the C‑SPAN show, Stone told Politico’s Alex Isen­stadt of his com­mu­ni­ca­tion to Assange ‘through an intermediary—somebody who is a mutu­al friend’ —regard­ing the 30,000 emails the Clin­ton staff delet­ed before turn­ing over the con­tents of the serv­er to Jus­tice Depart­ment inves­ti­ga­tors[Who might that “mutu­al friend” be–D.E.]. . .

‘Well, first of all, I think Julian Assange is a hero; I think he’s tak­ing on the deep state, both Repub­li­can and Demo­c­rat,’ Stone began. He went on to say, ‘I believe that he is in pos­ses­sion of all of those emails that Huma Abe­din and Cheryl Mills, the Clin­ton aides, believe they delet­ed. That and a lot more. These are like the Water­gate tapes…’ (Video below: Go to time­stamp 15:15.)

Stone knows a thing or two about the Water­gate scan­dal, in which he played a minor role before mov­ing on to big­ger oper­a­tions, such as the 2000 ‘Brooks Broth­ers riot’ [49] in Flori­da, when Stone orga­nized dozens of Repub­li­can con­gres­sion­al staffers to storm the elec­tion board in Mia­mi-Dade Coun­ty, Flori­da, where a recount of pres­i­den­tial elec­tion bal­lots was tak­ing place.

‘I don’t know that this is going to hap­pen in Octo­ber,’ Stone said of a poten­tial Wik­iLeaks dump of Clin­ton cor­re­spon­dence. ‘There is an enor­mous amount of mate­r­i­al here. Mr. Assange could, the­o­ret­i­cal­ly, drop a tranche of doc­u­ments before each one of [the pres­i­den­tial] debates.’ . . . .”

Pro­gram High­lights Include:

1. In a tran­si­tion­al ele­ment from FTR #922 [19], the last of our pro­grams deal­ing with the Trumpenkampfver­bande, we note that Don­ald Trump’s ide­ol­o­gy and rhetoric are a devel­op­ment and ampli­fi­ca­tion of what we termed “The Paulis­tin­ian Lib­er­tar­i­an Orga­ni­za­tion.” [20]  In FTR #‘s 755 [21], 758 [22] and 759 [23], we have fur­ther devel­oped the rela­tion­ship between the Ron Paul milieu and WikiLeaks/Team Snow­den.

“Where Did Don­ald Trump Get His Racial­ized Rhetoric? From Lib­er­tar­i­ans” by Matthew Sheffield ; The Wash­ing­ton Post; 9/02/2016. [52]

The inter­sec­tion of white nation­al­ism, the alt-right and Ron Paul

Hillary Clin­ton and her cam­paign have been going out of their way to make a sur­pris­ing argu­ment about Don­ald Trump: He’s not real­ly a Repub­li­can.

At the Demo­c­ra­t­ic con­ven­tion, sev­er­al speak­ers [53] said Trump rep­re­sent­ed a com­plete break from the con­ser­v­a­tive tra­di­tions of the GOP. Last month, Clin­ton deliv­ered a sim­i­lar mes­sage [54] in a speech link­ing Trump to the white-nation­al­ist polit­i­cal move­ment known as the “alt-right.” “This is not con­ser­vatism as we have known it,” she assert­ed.

Accord­ing to Clin­ton — and many [55] con­ser­v­a­tive intel­lec­tu­als [56] who oppose [57] Trump — the con­spir­a­to­r­i­al, wink­ing-at-racists cam­paign he has been run­ning rep­re­sents a nov­el depar­ture from Repub­li­can pol­i­tics.

That’s not quite true, though. Trump’s style and posi­tions — endors­ing and con­sort­ing with 9/11 truthers [24], pro­mot­ing online racists [25], using fake sta­tis­tics [26]— draw on a now-obscure polit­i­cal strat­e­gy called “pale­olib­er­tar­i­an­ism,” which was once quite pop­u­lar among some Repub­li­cans, espe­cial­ly for­mer pres­i­den­tial can­di­date Ron Paul.

For­mal­ly, Sen. Rand Paul (R‑Ky.) may be his father’s polit­i­cal heir. But there’s no ques­tion that the para­noid and semi-racial­ist mien fre­quent­ly favored by Trump orig­i­nates in the fevered swamps that the elder Paul dwelled in for decades. Most peo­ple who back Trump don’t do so for racist rea­sons, but it’s incred­i­ble how many of the same white nation­al­ists and con­spir­a­cy the­o­rists to whom Ron Paul once catered are now ardent Trump sup­port­ers. It’s because Trump and Paul speak the same lan­guage.

Main­stream lib­er­tar­i­ans have been ago­niz­ing over this lega­cy among them­selves for some time, hop­ing [58] that either the elder or younger Paul would defin­i­tive­ly denounce the movement’s racial­ist past, but no such speech has ever come. Instead, the pale­olib­er­tar­i­an strat­e­gy con­coct­ed decades ago as a way to push for min­i­mal gov­ern­ment threat­ens to replace right-wing lib­er­tar­i­an­ism with white nation­al­ism.

* * *

The fig­ure whose ideas uni­fy Pauline lib­er­tar­i­ans and today’s Trump­ists is the late Mur­ray Roth­bard, an econ­o­mist who co-found­ed the Cato Insti­tute and is wide­ly regard­ed as the cre­ator of lib­er­tar­i­an­ism.

Nowa­days, many lib­er­tar­i­ans like to por­tray their ide­ol­o­gy as one that some­how tran­scends the left-right divide, but to Roth­bard, this was non­sense. Lib­er­tar­i­an­ism, he argued, was noth­ing more than a restate­ment of the beliefs of the “Old Right,” which res­olute­ly opposed the New Deal and any sort of for­eign inter­ven­tion in the ear­ly 20th cen­tu­ry. Many of its adher­ents, such as essay­ist H.L. Menck­en [59], espoused racist view­points, as well.

As mod­er­ate Repub­li­cans such as Dwight Eisen­how­er and “New Right” Chris­t­ian con­ser­v­a­tives such as William F. Buck­ley became more influ­en­tial with­in the Repub­li­can Par­ty in the 1950s and ’60s, the future cre­ators of lib­er­tar­i­an­ism grav­i­tat­ed instead toward the work of sec­u­lar anti-com­mu­nist thinkers such as econ­o­mist Lud­wig von Mis­es and nov­el­ist Ayn Rand.

There had always been some sym­pa­thy for racism and anti-Semi­tism among lib­er­tar­i­ans — the movement’s house mag­a­zine, Rea­son, ded­i­cat­ed an entire issue in 1976 [60] to “his­tor­i­cal revi­sion­ism,” includ­ing Holo­caust revi­sion­ism. It also repeat­ed­ly ran arti­cles in defense [61] of South Africa’s then-seg­re­ga­tion­ist gov­ern­ment (though by 2016, the mag­a­zine was run­ning arti­cles like “Don­ald Trump Enables Racism [62]”). But it was Rothbard’s found­ing of the Lud­wig von Mis­es Insti­tute in 1982 that enabled the fledg­ling polit­i­cal move­ment to estab­lish affin­i­ty with the neo-Con­fed­er­ate Lost Cause move­ment.

Almost imme­di­ate­ly after its cre­ation, the Mis­es Insti­tute (head­quar­tered in Auburn, Ala.) began pub­lish­ing crit­i­cism [27] of “com­pul­so­ry inte­gra­tion [28],” attacks on Abra­ham Lin­coln [29]and apolo­gia for Con­fed­er­ate lead­ers [30]. Insti­tute schol­ars have also spo­ken to racist groups such as the League of the South [31]. Roth­bard even pub­lished a chap­ter in his book “The Ethics of Lib­er­ty [32]” in which he said that “the pure­ly free soci­ety will have a flour­ish­ing free mar­ket in chil­dren,” although he didn’t spec­i­fy the races of the chil­dren who might be sold.

These and many oth­er con­tro­ver­sial views advo­cat­ed by Mis­es writ­ers make sense from a fanat­i­cal lib­er­tar­i­an view­point. But they also orig­i­nate in a polit­i­cal cal­cu­la­tion Roth­bard revealed in a 1992 essay [63] lament­ing the defeat of Repub­li­can white nation­al­ist and for­mer Ku Klux Klan leader David Duke in the 1991 Louisiana governor’s race by a bipar­ti­san coali­tion.

Expand­ing on themes raised two years ear­li­er [64] by his long­time part­ner and friend Llewellyn “Lew” Rock­well, an edi­tor and fundrais­er for lib­er­tar­i­an caus­es, Roth­bard argued that Duke’s can­di­da­cy was vital­ly impor­tant because it made clear that the “old Amer­i­ca” had been over­thrown by “an updat­ed, twen­ti­eth-cen­tu­ry coali­tion of Throne and Altar” and its “State Church” of gov­ern­ment offi­cials, jour­nal­ists and social sci­en­tists.

Besides com­mend­ing Duke as an exem­plar of the kind of can­di­date he was look­ing to sup­port, Roth­bard also invoked the “excit­ing” for­mer sen­a­tor Joe McCarthy of Wis­con­sin — not because of his eco­nom­ic views but because he was a brash pop­ulist prone to doing errat­ic things. Rothbard’s descrip­tion of McCarthy seems eeri­ly sim­i­lar to the cam­paign that Trump has been run­ning:

“The fas­ci­nat­ing, the excit­ing, thing about Joe McCarthy was pre­cise­ly his ‘means’ — his right-wing pop­ulism: his will­ing­ness and abil­i­ty to reach out, to short-cir­cuit the pow­er elite: lib­er­als, cen­trists, the media, the intel­lec­tu­als, the Pen­ta­gon, Rock­e­feller Repub­li­cans, and reach out and whip up the mass­es direct­ly. … With Joe McCarthy there was a sense of dynamism, of fear­less­ness, and of open-end­ed­ness, as if, whom would he sub­poe­na next?”

To solve the prob­lem that few Amer­i­cans are inter­est­ed in small gov­ern­ment [65], Roth­bard argued that lib­er­tar­i­ans need­ed to align them­selves with peo­ple they might not like much in order to expand their num­bers. “Out­reach to the Red­necks” was need­ed to make com­mon cause with far-right Chris­t­ian con­ser­v­a­tives who hat­ed the fed­er­al gov­ern­ment, dis­liked drugs and want­ed to crack down on crime.

All of these pale­olib­er­tar­i­an posi­tions were offered in Duke’s 1990 Sen­ate cam­paign and 1991 guber­na­to­r­i­al cam­paign. But they were also offered by anoth­er politi­cian Roth­bard admired: Ron Paul, the Lib­er­tar­i­an Party’s pres­i­den­tial can­di­date in 1988.

Roth­bard and Paul had known and worked with each oth­er in the 1970s, when they came to know Rock­well. Rock­well would work close­ly with both men, serv­ing as Paul’s con­gres­sion­al chief of staff until he left to found the Mis­es Insti­tute with Roth­bard.

Rock­well also was the edi­tor of a series of print­ed newslet­ters for both men in the ensu­ing decades. Paul’s pub­li­ca­tions became famous dur­ing his Repub­li­can pres­i­den­tial cam­paigns. Their con­tro­ver­sial nature is no sur­prise, giv­en that Paul had coy­ly endorsed the pale­olib­er­tar­i­an strat­e­gy short­ly after it was devised [66].

Sold under var­i­ous titles, the high­ly lucra­tive newslet­ters fre­quent­ly stoked racial fears [67], sim­i­lar to what Trump has been doing this year, though they went fur­ther — one even gave advice on using an unreg­is­tered gun to shoot “urban youth.” Anoth­er issue mocked black Amer­i­cans by propos­ing alter­na­tive names for New York City such as “Zooville” and “Rapetown,” while urg­ing black polit­i­cal demon­stra­tors to hold their protests “at a food stamp bureau or a crack house.”

The pub­li­ca­tions also repeat­ed­ly pro­mot­ed the work of Jared Tay­lor [68], a white nation­al­ist writer and edi­tor who is today one of Trump’s most promi­nent alt-right back­ers [69]. Arti­cles also fea­tured anti-Semit­ic con­spir­a­cy the­o­ries and fre­quent rants against gay men.

Paul lat­er said he didn’t write the newslet­ters [70]. But regard­less of their author­ship, the image they cre­at­ed made him attrac­tive to white nation­al­ists. Those sup­port­ers weren’t numer­ous enough to get Paul the GOP pres­i­den­tial nom­i­na­tion, how­ev­er, and pale­olib­er­tar­i­an­ism began fiz­zling out.

In the past few years, how­ev­er, it’s been reborn as the alt-right, as a new gen­er­a­tion of lib­er­tar­i­ans dis­cov­ered their hid­den her­itage and began embrac­ing racism and con­spir­a­cy the­o­ries. Many alt-right writ­ers [71] trace their roots to Roth­bard. As one of them, Gre­go­ry Hood, put it, pale­olib­er­tar­i­an the­o­ries about race and democ­ra­cy “helped lead to the emer­gence [of the] Alter­na­tive Right [72].” Rothbard’s call for “sov­er­eign nations based on race and eth­nic­i­ty [73]” is very sim­i­lar to beliefs Trump’s alt-right sup­port­ers express today.

In 2016, many, if not most, of the extrem­ists who for­mer­ly sup­port­ed Paul have ral­lied to Trump’s side. In 2007, Paul won an endorse­ment and a $500 cam­paign con­tri­bu­tion from Don Black [74], the own­er of Storm­front, a self-described “white pride” Web forum. Despite a tor­rent of crit­i­cism, Paul refused to return the mon­ey [75]. This March, Black encour­aged his radio lis­ten­ers to vote for Trump [76], even if he wasn’t per­fect.

After Rand Paul came to the Sen­ate in 2011, and as he even­tu­al­ly began plan­ning his own pres­i­den­tial cam­paign, there was some spec­u­la­tion that con­ser­v­a­tives might be enter­ing a “lib­er­tar­i­an moment.” Things didn’t turn out that way. Instead, the Amer­i­can right seems to have entered a pale­olib­er­tar­i­an moment.

2. Roger Stone recent­ly gave anoth­er inter­view where he repeat­ed his claim that he’s in con­tact with Julian Assange and hint­ed at the like­ly nature of a pos­si­ble Wik­ileaks “Octo­ber Sur­prise”, although he not­ed that it might hap­pen soon­er than Octo­ber and Assange might just do strate­gic dumps before the three pres­i­den­tial debates.

Stone also briefly men­tioned one top­ic that is like­ly going to be in at least one of those leaks: “I believe that he is in pos­ses­sion of all of those emails that Huma Abe­din and Cheryl Mills, the Clin­ton aides, believe they delet­ed. That and a lot more. These are like the Water­gate tapes.” Keep in mind that the right-wing has long tried to smear Huma Abe­din with Mus­lim Broth­er­hood ties and Roger Stone recent­ly sug­gest­ed she’s a ter­ror­ist agent [77]. While there may very well be a num­ber of leaks  over the next cou­ple of months, at least one of them may to try to sug­gest that Hillary is a ter­ror­ist agent [48]:

“Trump Dirty Trick­ster Roger Stone: How ‘Hero’ Assange Could Help Our Cam­paign” by Adele M. Stan; Alter­Net; 8/22/2016. [48]

The con­spir­acist reveals he’s been in touch with the Wik­iLeaks founder regard­ing Clin­ton emails—and when to dump them on the media.

In an inter­view that aired Sun­day on C‑SPAN’s “News­mak­ers” pro­gram, Roger Stone, the off-the-books Trump advis­er, reit­er­at­ed his claim that he has been in touch with Wik­iLeaks founder Julian Assange.

Assange post­ed the hacked emails of the Demo­c­ra­t­ic Nation­al Com­mit­tee to his site, as well as a data­base of emails from Hillary Clinton’s pri­vate email serv­er, which the for­mer sec­re­tary of state used to com­mu­ni­cate with State Depart­ment aides dur­ing her tenure in the Cab­i­net.

Stone, a long­time Repub­li­can polit­i­cal oper­a­tive and dirty trick­ster, pur­port­ed­ly either resigned or was fired from the pres­i­den­tial cam­paign of Don­ald Trump last year but con­tin­ues to be deeply involved with the cam­paign, espe­cial­ly the ele­ments of its mes­sag­ing that advance the con­spir­a­cy the­o­ries [78] of the right. In the inter­view, he described his rela­tion­ship to the Trump cam­paign this way: “I count myself as a Trump friend—kind of like Sid­ney Blu­men­thal [is to the Clin­tons]; I have no for­mal nor infor­mal role, but I do have access to all the right peo­ple.”

On the C‑SPAN show, Stone told Politico’s Alex Isen­stadt of his com­mu­ni­ca­tion to Assange “through an intermediary—somebody who is a mutu­al friend”—regard­ing the 30,000 emails the Clin­ton staff delet­ed before turn­ing over the con­tents of the serv­er to Jus­tice Depart­ment inves­ti­ga­tors. (Clin­ton main­tains that only emails of a per­son­al nature were delet­ed.) Asked to cor­rob­o­rate Assange’s threat of “an Octo­ber sur­prise” to stem from that trove, Stone offered a sug­ges­tion he clear­ly deemed to be more help­ful to the Trump cam­paign.

“Well, first of all, I think Julian Assange is a hero; I think he’s tak­ing on the deep state, both Repub­li­can and Demo­c­rat,” Stone began. He went on to say, “I believe that he is in pos­ses­sion of all of those emails that Huma Abe­din and Cheryl Mills, the Clin­ton aides, believe they delet­ed. That and a lot more. These are like the Water­gate tapes…” (Video below: Go to time­stamp 15:15.)

Stone knows a thing or two about the Water­gate scan­dal, in which he played a minor role before mov­ing on to big­ger oper­a­tions, such as the 2000 “Brooks Broth­ers riot [49]” in Flori­da, when Stone orga­nized dozens of Repub­li­can con­gres­sion­al staffers to storm the elec­tion board in Mia­mi-Dade Coun­ty, Flori­da, where a recount of pres­i­den­tial elec­tion bal­lots was tak­ing place.

“I don’t know that this is going to hap­pen in Octo­ber,” Stone said of a poten­tial Wik­iLeaks dump of Clin­ton cor­re­spon­dence. “There is an enor­mous amount of mate­r­i­al here. Mr. Assange could, the­o­ret­i­cal­ly, drop a tranche of doc­u­ments before each one of [the pres­i­den­tial] debates.” . . . .

3. Next, we review infor­ma­tion pre­sent­ed in FTR #917 [79]. An inter­est­ing piece by Dr. San­dro Gay­ck­en, a Berlin-based for­mer ‘hack­tivist’ who now advis­es NATO and the Ger­man gov­ern­ment on cyber-secu­ri­ty mat­ters, makes the case that the evi­dence impli­cat­ing Rus­sia was very much the type of evi­dence a tal­ent­ed team could spoof. He also notes that some of the tools used in the hack were the same used last year when Angela Merkel’s com­put­er was hacked and used to infect oth­er com­put­ers at the Bun­destag [80]. That hack was also blamed on Russ­ian hack­ers. But, again, as the arti­cle below points out, when the evi­dence for who is respon­si­ble is high­ly spoofa­ble, con­fi­dent­ly assign­ing blame is almost too easy [33]:

 “Blam­ing Rus­sia For the DNC Hack Is Almost Too Easy” by Dr. San­dro Gay­ck­en; Coun­cil on For­eign Rela­tions Blog; 8/01/2016.

Dr. San­dro Gay­ck­en [81] is the Direc­tor of the Dig­i­tal Soci­ety Insti­tute [82], a for­mer hack­tivist, and a strate­gic advi­sor to NATO, some Ger­man DAX-com­pa­nies and the Ger­man gov­ern­ment on cyber mat­ters.

The hack of the Demo­c­ra­t­ic Nation­al Com­mit­tee (DNC) def­i­nite­ly looks Russ­ian. The evi­dence is com­pelling [83]. The tools used in the inci­dent appeared in pre­vi­ous cas­es of alleged Russ­ian espi­onage, some of which appeared in the Ger­man Bun­destag hack. The attack­ers, dubbed Cozy Bear and Fan­cy Bear, have been known for years and have long been rumored to have a Russ­ian con­nec­tion. Oth­er indi­ca­tors such as IP address­es, lan­guage and loca­tion set­tings in the doc­u­ments’ meta­da­ta and code com­pi­la­tion point to Rus­sia. The Krem­lin is also known to prac­tice influ­ence oper­a­tions, and a leak before the Democ­rats’ con­ven­tion fits that pro­file as does laun­der­ing the infor­ma­tion through a third par­ty like Wik­ileaks. Final­ly, the cui bono makes sense as well; Rus­sia may favor Don­ald Trump giv­en his Putin-friend­ly state­ments and his views on NATO.

Alto­geth­er, it looks like a clean-cut case. But before accus­ing a nuclear pow­er like Rus­sia of inter­fer­ing in a U.S. elec­tion, these argu­ments should be thor­ough­ly and skep­ti­cal­ly scru­ti­nized.

A crit­i­cal look expos­es the sig­nif­i­cant flaws in the attri­bu­tion. First, all of the tech­ni­cal evi­dence can be spoofed. Although some argue that spoof­ing the mound of uncov­ered evi­dence is too much work, it can eas­i­ly be done by a small team of good attack­ers in three or four days. Sec­ond, the tools used by Cozy Bear appeared on the black mar­ket when they were first dis­cov­ered years ago and have been recy­cled and used against many oth­er tar­gets, includ­ing against Ger­man indus­try. The reuse and fine-tun­ing of exist­ing mal­ware hap­pens all the time. Third, the lan­guage, loca­tion set­tings, and com­pi­la­tion meta­da­ta can eas­i­ly be altered by chang­ing basic set­tings on the attacker’s com­put­er in five min­utes with­out the need of spe­cial knowl­edge. None of the tech­ni­cal evi­dence is con­vinc­ing. It would only be con­vinc­ing if the attack­ers used entire­ly nov­el, unique, and sophis­ti­cat­ed tools with unmis­tak­able indi­ca­tors point­ing to Rus­sia sup­port­ed by human intel­li­gence, not by mal­ware analy­sis.

The DNC attack­ers also had very poor, almost com­i­cal, oper­a­tional secu­ri­ty (OPSEC). State actors tend to have a qual­i­ty assur­ance review when devel­op­ing cyber­at­tack tools to min­i­mize the risk of dis­cov­ery and leav­ing obvi­ous crumbs behind. Russ­ian intel­li­gence ser­vices are espe­cial­ly good. They are high­ly capa­ble, tac­ti­cal­ly and strate­gi­cal­ly agile, and ratio­nal. They ensure that offen­sive tools are tai­lored and pro­por­tion­ate to the sig­nal they want to send, the pos­si­bil­i­ty of dis­clo­sure and pub­lic per­cep­tion, and the odds of esca­la­tion. The shod­dy OPSEC just doesn’t fit what we know about Russ­ian intel­li­gence.

The claim that Guc­cifer 2.0 is a Russ­ian false flag [84] oper­a­tion may not hold up either. If Rus­sia want­ed to cov­er up the fact it had hacked the DNC, why cre­ate a pseu­do­nym that could only attract more atten­tion and pub­lish emails? Dump­ing a trove of doc­u­ments all at once is less valu­able than cher­ry pick­ing the most dam­ag­ing infor­ma­tion and strate­gi­cal­ly leak­ing it in a craft­ed and tar­get­ed fash­ion, as the FSB, SVR or GRU have prob­a­bly done in the past [85]. Also, leak­ing to Wik­ileaks isn’t hard. They have a sub­mis­sion form [86].

Giv­en these argu­ments, blam­ing Rus­sia is not a slam dunk [34]. Why would a coun­try with some of the best intel­li­gence ser­vices in the world com­mit a whole series of real­ly stu­pid mis­takes in a high­ly sen­si­tive oper­a­tion? Why pick a tar­get that has a strong chance of lead­ing to esca­la­to­ry activ­i­ty when Rus­sia is known to pre­fer incre­men­tal actions over dras­tic ones? Why go through the trou­ble of a false flag when doing noth­ing would have been arguably bet­ter? Last­ly, how does Rus­sia ben­e­fit from pub­licly back­ing Don­ald Trump giv­en that Repub­li­cans have been skep­ti­cal of improv­ing rela­tions [87]?

The evi­dence and infor­ma­tion in the pub­lic domain strong­ly sug­gests Rus­sia was behind the DNC hack, even though Russ­ian intel­li­gence ser­vices would have had the choice of not mak­ing it so clear cut giv­en what we know about their tools, tac­tics, pro­ce­dures, and think­ing.

The DNC hack leads to at least four “what if” ques­tions, each with its own sig­nif­i­cant pol­i­cy con­se­quences. First, if Rus­sia had poor oper­a­tional secu­ri­ty and mis­judged its tar­get, it needs to be edu­cat­ed about the sen­si­tiv­i­ty of cer­tain tar­gets in its favorite adver­sary coun­tries to avoid a repeat of this dis­as­ter. Sec­ond, if Rus­sia delib­er­ate­ly hacked the DNC to leak con­fi­den­tial infor­ma­tion, it would rep­re­sent a strate­gic esca­la­tion on behalf of the Krem­lin and the world would need to pre­pare for dif­fi­cult times ahead. Third, if the breach and leak were per­pe­trat­ed by a bunch of ran­dom activists using the pseu­do­nym “Guc­cifer 2.0“, it would be the first instance of non-state actors suc­ceed­ing in cre­at­ing a glob­al inci­dent with severe strate­gic impli­ca­tions, demand­ing more con­trol of such enti­ties and a much bet­ter design of esca­la­to­ry process­es among nations. Final­ly, it is entire­ly pos­si­ble that this was a false flag oper­a­tion by an unknown third par­ty to esca­late ten­sions between nuclear super­pow­ers. If this is the case, this par­ty has to be uncov­ered. . . .

4. More about cyber-secu­ri­ty experts who view the “Russ­ian intel­li­gence” hack­ing of DNC com­put­ers as sus­pi­cious­ly trans­par­ent:

“Rus­sia Want­ed to Be Caught, Says Com­pa­ny Wag­ing War on the DNC Hack­ers” by Patrick Tuck­er; Defense One; 7/28/2016. [88]

. . . . But secu­ri­ty expert Jeff Carr thought the smoke off this smok­ing-gun was a bit too thick. In his minor­i­ty report [89], he asks: what kind of spy ring tags their stolen docs before releas­ing them under a cov­er?

“Raise your hand if you think that a GRU or FSB offi­cer would add Iron Felix’s [90] name to the meta­da­ta of a stolen doc­u­ment before he released it to the world while pre­tend­ing to be a Roman­ian hack­er. Some­one clear­ly had a wicked sense of humor,” he wrote. . . . .

. . . . Crowd­strike pres­i­dent Shawn Hen­ry is dubi­ous. “I don’t know what kind of for­eign intel­li­gence ser­vice con­duct­ing a covert oper­a­tion wants to be found,” he said on Thurs­day, but added that Crowd­Strike picked up the DNC hack with­in 48 hours and that it “wasn’t dif­fi­cult.” . . . .

5. The high-pro­file hack attacks of 2016 heat­ed up again with the release of cyber­weapons appar­ent­ly belong­ing to the NSA. [91]

Note the attempt at pin­ning the blame on Rus­sia, despite the fact that this oper­a­tion, like the DNC hack does not fit the pro­file of a Russ­ian cyber-espi­onage oper­a­tion. Note also, the clum­sy, Boris [36] and Natasha-like [37] bro­ken Eng­lish used to try and por­tray this as a “Russ­ian” oper­a­tion.

Note, also, as we will see, that this does­n’t appear to be a “hack” at all.

“Group Claims to Have U.S. Gov­ern­ment Hack­ing Tools for Sale” by Robert McMil­lan; The Wall Street Jour­nal; 8/15/2016. [91]

Secu­ri­ty experts doubt pre­vi­ous­ly unknown hack­ers have access to NSA-linked cyber­weapons

A pre­vi­ous­ly unknown hack­ing group claims to have bro­ken into a cyberes­pi­onage orga­ni­za­tion linked to the Nation­al Secu­ri­ty Agency and is offer­ing to sell what it says are U.S. gov­ern­ment hack­ing tools.

The group, call­ing itself the “Shad­ow Bro­kers,” said in an inter­net post on Sat­ur­day that it had access to a “full state spon­sor tool set” of cyber­weapons. To back up its claims, the group post­ed what appears to be attack code that tar­gets secu­ri­ty soft­ware on routers that direct com­put­er traf­fic around the inter­net.

In a post writ­ten in bro­ken Eng­lish, the Shad­ow Bro­kers offered to sell a com­plete trove of tools to the high­est bid­der. The group said if it is paid one mil­lion bit­coin, val­ued at rough­ly $568 mil­lion, it will release the tools pub­licly.

Secu­ri­ty experts doubt the group has access to the hack­ing trea­sure trove that it boasts, but sev­er­al said the code it released appears to be legit­i­mate. It affects routers built by three U.S. firms— Cis­co Sys­tems Inc., Juniper Net­works Inc. and Fortinet Inc.—and two Chi­nese companies—Shaanxi Net­work­cloud Infor­ma­tion Tech­nol­o­gy Co. and Bei­jing Topsec Net­work Secu­ri­ty Tech­nol­o­gy Co.

A Cis­co spokes­woman said her com­pa­ny was inves­ti­gat­ing the inci­dent, but “so far, we have not found any new vul­ner­a­bil­i­ties.”

A Fortinet rep­re­sen­ta­tive didn’t have a com­ment. Juniper, Topsec and Shaanxi Net­work­cloud didn’t imme­di­ate­ly respond to requests for com­ment.

The Shad­ow Bro­kers’ claims are still being ana­lyzed by secu­ri­ty experts. If true, they would reflect an unprece­dent­ed breach of a com­put­er-espi­onage out­fit dubbed the “Equa­tion Group.”

In a report last year [92], Russ­ian com­put­er secu­ri­ty firm Kasper­sky Lab ZAO said the Equa­tion Group launched hack­ing efforts against gov­ern­ments, telecom­mu­ni­ca­tions com­pa­nies and oth­er orga­ni­za­tions in coun­tries such as Rus­sia, Iraq and Iran. Kasper­sky didn’t name any U.S. agen­cies in its report, but it appeared to detail the kind of work typ­i­cal­ly con­duct­ed by the NSA.

The NSA didn’t return mes­sages seek­ing com­ment. In the past, the agency has nei­ther con­firmed nor denied involve­ment with the Equa­tion Group.

In an inter­net post [93], the Shad­ow Bro­kers rail against “wealthy elites.” The Shad­ow Bro­kers didn’t respond to email and Twit­ter mes­sages seek­ing com­ment.

Secu­ri­ty experts who have exam­ined the code pub­lished by the hack­ers said it appears to con­tain gen­uine NSA pro­grams that could manip­u­late or redi­rect com­put­er traf­fic as it pass­es through a router.

“The more we look at it…it looks more and more like a tool kit from the NSA,” said Matt Suiche, the founder of Comae Tech­nolo­gies FZE, a com­put­er-secu­ri­ty start­up based in the Unit­ed Arab Emi­rates.

“It looks gen­uine,” said Nicholas Weaver, a researcher with the Inter­na­tion­al Com­put­er Sci­ence Insti­tute, a non­prof­it research cen­ter affil­i­at­ed with the Uni­ver­si­ty of Cal­i­for­nia, Berke­ley. Mr. Weaver said that, in addi­tion to the router-attack pro­grams, the code includes tools that would be avail­able only to some­one with access to NSA com­put­ers and tools that appear to inter­act with NSA soft­ware described in doc­u­ments leaked by for­mer NSA con­trac­tor Edward Snow­den.

How­ev­er, secu­ri­ty experts ques­tioned the ran­som demand, say­ing it was unlike­ly any­one would pay mil­lions for the promised tools, sight unseen. Mr. Weaver believes the bit­coin auc­tion scheme was most like­ly a dis­trac­tion to obscure who­ev­er obtained the doc­u­ments.

“Who­ev­er stole the data wants the world to know that they stole it,” he said in an email mes­sage. “The sus­pect list is almost cer­tain­ly short—Russia or Chi­na, and giv­en the recent espi­onage trou­bles between the U.S. and Rus­sia, prob­a­bly the for­mer.”

Ben John­son, co-founder of Car­bon Black Inc. and a for­mer NSA com­put­er sci­en­tist, cau­tioned that the Equa­tion Group hasn’t been defin­i­tive­ly linked to the NSA and that it is unclear how much data was tak­en.

“Peo­ple should not be think­ing that the NSA has been hacked,” he said. “Cer­tain­ly there’s been some effort put into [the Shad­ow Bro­kers’ data], but I’m by no means con­vinced that this is a full toolset of a nation state.”

6. At the same time, as with the DNC email hacks, this lat­est “hack” is both con­spic­u­ous­ly high pro­file and appears to involve con­spic­u­ous­ly atyp­i­cal hack­ing behav­iors. For instance, as the arti­cle below points out, the phe­nom­e­non of hack­ers sell­ing exploits they dis­cov­er is quite com­mon­place. It isn’t com­mon­place to sell the exploit to the entire world with an absurd­ly high price tag.

Anoth­er rea­son to assume the mil­lion bit­coin price is just a the­atrics is the fact that Wik­ileaks announced they’re going to be releas­ing the entire alleged NSA toolk­it [94]. So the hack­ers ask­ing for half a bil­lion dol­lars also appar­ent­ly decid­ed to give their toolk­it to Wik­ileaks so it could leak it to the world for free. That’s a bit odd.

Still, the notion that there’s a group out there hack­ing NSA servers should raise some eye­brows whether it’s the Rus­sians like every­one is assum­ing (and the hack­ers clear­ly want us to assume) or some oth­er group. It’s worth not­ing that, as the arti­cle below points out, a num­ber of researchers look­ing over the hack are rais­ing the pos­si­bil­i­ty that the serv­er wasn’t hacked at all. Instead, it could have been a case of clas­sic espi­onage. Some­one with a USB stick. It’s also worth not­ing that Edward Snow­den, some­one who knows how easy it is to steal from the NSA with a USB stick, is declar­ing that Rus­sia is like­ly behind it. [35]

“Here’s Why the Sup­posed NSA ‘Hack’ Is Unlike Any­thing We’ve Ever Seen Before” by Paul Szol­dra; Busi­ness Insid­er Nordic; 8/16/2016. [35]

Ear­li­er this week, a group call­ing itself the “Shad­ow Bro­kers” announced that it was sell­ing a num­ber of cyber weapons [38] – auc­tion-style – that it claimed were hacked and stolen from an alleged NSA hack­ing group dubbed “The Equa­tion Group.”

Beside the fact that the Nation­al Secu­ri­ty Agency get­ting hacked is eye­brow-rais­ing in itself, the leak of the data and the claim from this mys­tery group that it’s just try­ing to make mon­ey doesn’t seem to add up.

Here’s why.
Their claim to have ‘hacked’ a serv­er belong­ing to the NSA is fishy.

Accord­ing to ex-NSA insid­ers who spoke with [38] Busi­ness Insid­er, the agency’s hack­ers don’t just put their exploits and toolk­its online where they can poten­tial­ly be pil­fered. The more like­ly sce­nario for where the data came from, says ex-NSA research sci­en­tist Dave Aitel, is an insid­er who down­loaded it onto a USB stick.

Instead of a “hack,” Aitel believes, it’s much more like­ly that this was a more clas­sic spy oper­a­tion that involved human intel­li­gence.

“This idea that a group of unknown hack­ers are going to take on the NSA seems unlike­ly as well,” Aitel told Busi­ness Insid­er. “There’s a long arm and a long mem­o­ry to the US intel­li­gence com­mu­ni­ty, and I don’t think any­one wants to be on the oth­er end of that with­out good rea­son. I don’t nec­es­sar­i­ly think a mil­lion bit­coin is a good-enough rea­son.”

When hack­ers gain access to a serv­er, they keep qui­et about it so they can stay there

One of the many strange things about this inci­dent is the very pub­lic nature of what tran­spired. When a hack­er takes over your com­put­er, they don’t start acti­vat­ing your web­cam or run­ning weird pro­grams because you’d fig­ure out pret­ty quick­ly that some­thing was up and you’d try to get rid of them.

The same is true for the NSA.

If the Shad­ow Bro­kers owned the NSA’s com­mand and con­trol serv­er, then it would prob­a­bly be a much bet­ter approach to just sit back, watch, and try to piv­ot to oth­er inter­est­ing things that they might be able to find.

Instead, the group wrote on Paste­bin, a web­site where you can store text, that “we fol­low Equa­tion Group traf­fic. We find Equa­tion Group source range. We hack Equa­tion Group. We find many many Equa­tion Group cyber weapons,” which imme­di­ate­ly sig­nals to this alleged NSA hack­er group that they have a big prob­lem.

Though this seems prob­lem­at­ic, it’s prob­a­ble that the group no longer has access to the serv­er, so it no longer cares about get­ting back on it. Since the files are years old, this could be the case. But it’s still out of the ordi­nary since any claim like this can be lat­er inves­ti­gat­ed by the vic­tim, which will be going through every­thing try­ing to fig­ure out who they are.

If this was some ran­dom hack­ing group, then it would’ve been bet­ter to keep their mouth shut, espe­cial­ly when their vic­tim is the NSA.

Peo­ple sell exploits all the time, but they hard­ly ever talk about it.

Soft­ware exploits are dig­i­tal gold for hack­ers, since they often give a key inside a sys­tem or net­work that no one has ever noticed before, and thus, hasn’t fixed. Which is why the mar­ket­place for these “zero-day” exploits is so lucra­tive. We’re talk­ing hun­dreds of thou­sands to mil­lions of dol­lars for this kind of code.

Most of the time, an exploit is either found by a secu­ri­ty research firm, which then writes about it and reports it to the com­pa­ny so it can fix the prob­lem. Or, a hack­er look­ing for cash will take that found exploit and sell it on the black mar­ket.

So it would make sense for a group like Shad­ow Bro­kers to want to sell their trea­sure trove, but going pub­lic with it is beyond strange.

“From my per­spec­tive, its extreme­ly bizarre behav­ior,” an ex-NSA hack­er who spoke on con­di­tion of anonymi­ty told Busi­ness Insid­er. “Most groups who either iden­ti­fy or trade in exploits do one of two things. If you iden­ti­fy, like a secu­ri­ty research firm [does] … they’ll typ­i­cal­ly pub­lish their find­ings. They’re real­ly in the best inter­est of the com­pa­nies and users who use these prod­ucts.”

The source added: “In the oth­er sce­nar­ios, folks who sort of deal in the exploit mar­kets. They qui­et­ly sell these things. To come out with this pub­lic auc­tion is the more bizarre vari­ance of that that I’ve ever seen. So it’s not clear what the intent here is.”

So what is the intent?

If you ask ex-NSA con­trac­tor Edward Snow­den, the pub­lic leak and claims of the Shad­ow Bro­kers seem to have Russ­ian fin­ger­prints all over them, and it serves as a warn­ing from Moscow to Wash­ing­ton. The mes­sage: If your pol­i­cy­mak­ers keep blam­ing us for the DNC hack, then we can use this hack to impli­cate you in much more. [39]

“That could have sig­nif­i­cant for­eign pol­i­cy con­se­quences,” Snow­den wrote [40] on Twit­ter. “Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed US allies. Par­tic­u­lar­ly if any of those oper­a­tions tar­get­ed elec­tions.”

Aitel seems to agree, though he crit­i­cized Snow­den as being, at some lev­el, a “voice piece” for Russ­ian intel­li­gence now, since he lives in asy­lum in Moscow.

“He has the same the­o­ry – the DNC hack hap­pened [95]. The US polit­i­cal peo­ple got upset. They prob­a­bly made the NSA do a covert response,” Aitel spec­u­lat­ed. “This is anoth­er response to the NSA’s covert response. There’s a lot of sort of very pub­lic mes­sages here going back and forth, which is inter­est­ing to look at.”

Aitel also doesn’t think that any­one is going to actu­al­ly pony up the mon­ey required to win the auc­tion. And that pre­dic­tion is prob­a­bly going to be right, since Wik­iLeaks claims that it already has the archive.

“We had already obtained the archive of NSA cyber weapons released ear­li­er today,” its offi­cial Twit­ter account wrote [96], “and will release our own pris­tine copy in due course.” . . . .

6. Snowden’s pro­nounce­ment: this is all part of a Russ­ian messaging/propaganda war. Note that the jour­nal­is­tic “spin” that this is “Rus­sia.” Snow­den has to know that this ISN’T  Rus­sia. His fin­ger­ing of Rus­sia is, in and of itself, sus­pi­cious.

There is a prin­ci­ple of law known as “con­scious­ness of guilt.” If one can be proven to have tak­en actions that cov­ered up the com­mis­sion of a crime, that is con­sid­ered evi­dence suf­fi­cient to indict that indi­vid­ual for the orig­i­nal crime. Snow­den’s fin­ger­ing of “Rus­sia” falls into that cat­e­go­ry.

Con­sid­er sus­pi­cions that this could have been an inside job, some­one with a USB stick. Keep in mind that if there was some­one who has had con­tact with Russia’s intel­li­gence com­mu­ni­ty and who would have been very well posi­tioned to pull off such a spy oper­a­tion, it’s Edward Snow­den. Espe­cial­ly since the lat­est files released in the hack are from the same year Snow­den fled to Rus­sia [41]:

“‘Shad­ow Bro­kers’ Claim To Have Hacked The NSA’s Hack­ers”; Nation­al Pub­lic Radio ; 8/17/2016. [41]

The “Shad­ow Bro­kers” are in the spot­light.

The mys­te­ri­ous group has seized the atten­tion of the cyber­se­cu­ri­ty world with its claim to have stolen code from the Equa­tion Group — a team of hack­ers who have been tied to the Nation­al Secu­ri­ty Agency.

On a web­site writ­ten in bro­ken Eng­lish [97], the Shad­ow Bro­kers revealed some files and promised “bet­ter” ones avail­able, for sale to the high­est bid­der. One caveat: By “bid­ding,” they mean send­ing bit­coins, and los­ing bid­ders don’t get them back. (“Sor­ry lose bid­ding war lose bit­coin and files. Lose Lose. Bid to win!”)

The group also said it would make a new batch of files pub­lic if it received 1 mil­lion bit­coins to a spec­i­fied address. That’s more than half a bil­lion dol­lars, and near­ly 1/15th of all the bit­coins in cir­cu­la­tion.

As of Wednes­day after­noon, the Shad­ow Bro­kers appear to have received 1.6 bit­coins, or less than $1,000 [98], based on the pub­lic ledger show­ing funds sent to that bit­coin address.

The auc­tion is “absurd” and “weird,” as Wired puts it [99], but the mag­a­zine notes that there’s a “grow­ing con­sen­sus” that the files them­selves — at least the ones released so far — are legit­i­mate.

Matt Suiche, a secu­ri­ty researcher who ana­lyzed the code that has been pub­licly released by the Shad­ow Bro­kers, tells NPR’s Aar­ti Sha­hani that it does appear to be a com­pi­la­tion of tools used by the NSA.

But the “teas­er” files don’t include any very valu­able infor­ma­tion, he says — and the ques­tion now is whether the hack­ers actu­al­ly have more files.

“The sam­ple files … are com­plete, but they are not extreme­ly sig­nif­i­cant enough to shut down the Inter­net,” Suiche told Aar­ti. “If that would be the best of what they had, it would be dis­ap­point­ing. It’s like Poké­mon Go. You hear the hype, it’s inter­est­ing. Then you pay for more — but you get bored.”

Oth­er experts say they, too, believe the files con­tain actu­al NSA code.

The Wash­ing­ton Post reports [100]that the hack­ing tools released in the teas­er file — with names such as Epicbanana, Buz­zdi­rec­tion and Egre­gious­blun­der — are high­ly sophis­ti­cat­ed.

“The file con­tained 300 megabytes of infor­ma­tion, includ­ing sev­er­al ‘exploits,’ or tools for tak­ing con­trol of fire­walls in order to con­trol a net­work, and a num­ber of implants that might, for instance, exfil­trate or mod­i­fy infor­ma­tion.

“The exploits are not run-of-the-mill tools to tar­get every­day indi­vid­u­als. They are expen­sive soft­ware used to take over fire­walls, such as Cis­co and Fortinet, that are used ‘in the largest and most crit­i­cal com­mer­cial, edu­ca­tion­al and gov­ern­ment agen­cies around the world,’ said Blake Darche, anoth­er for­mer TAO oper­a­tor and now head of secu­ri­ty research at Area 1 Secu­ri­ty.”

(TAO stands for Tai­lored Access Oper­a­tions, the NSA’s hack­ing divi­sion, the news­pa­per explains.)

The New York Times [101] writes that the NSA could have used the code to “get inside the com­put­er sys­tems of com­peti­tors like Rus­sia, Chi­na and Iran,” with the exploits, and “lurk unseen for years” with the implants.

“Who­ev­er obtained the source code appar­ent­ly broke into either the top-secret, high­ly com­part­men­tal­ized com­put­er servers of the N.S.A. or oth­er servers around the world that the agency would have used to store the files,” the Times writes.

The code released by the Shad­ow Bro­kers dates most recent­ly to 2013, the same year Edward Snow­den leaked clas­si­fied infor­ma­tion about the NSA’s sur­veil­lance pro­grams.

Via Twit­ter, Snow­den com­ment­ed [102] on the appar­ent hack, say­ing the most notable thing wasn’t that NSA servers were breached but that the hack has now been pub­li­cized.

“Why did they do it?” Snow­den asked. “No one knows, but I sus­pect this is more diplo­ma­cy than intel­li­gence, relat­ed to the esca­la­tion around the DNC hack.”

The hack­ers could be adver­tis­ing that they have the abil­i­ty to iden­ti­fy actions the NSA took on the com­pro­mised serv­er, Snow­den sug­gests — a warn­ing of sorts.

Snow­den also not­ed that the released files end in 2013. “When I came for­ward, NSA would have migrat­ed offen­sive oper­a­tions to new servers as a pre­cau­tion,” he sug­gest­ed [42] — a move that would have cut off the hack­ers’ access to the serv­er.

“You’re wel­come,” he tweet­ed.

7. One pos­si­ble expla­na­tion for why the “hacked” mate­r­i­al is no new­er than 2013 was pre­sent­ed in the pre­vi­ous sto­ry: the hack­ers pre­sum­ably lost access to their hacked serv­er after the Snow­den affair forced the NSA to move their offen­sive oper­a­tions to dif­fer­ent servers.

How­ev­er, that expla­na­tion also assumes this serv­er was actu­al­ly remote­ly hacked, as opposed to a USB-stick clas­sic spy oper­a­tion.

That rais­es a big ques­tion that could poten­tial­ly be answered, although it’s unclear who could answer it: were these tools part of the giant Snow­den “Dooms­day” cache of tech­ni­cal doc­u­ments? The doc­u­ments that Glenn Green­wald threat­ened would be released if any­thing hap­pened to Snow­den and that Green­wald described as the NSA “blue­prints”? There were appar­ent­ly only three unknown peo­ple who had the keys to Snowden’s Dooms­day cache.

Was this lat­est leak is real­ly an exten­sion of the Snow­den leak?

James Bam­ford weighed in on the release of the NSA’s “Tai­lored Access Oper­a­tions” (TAO) super hack­ing tools by the alleged­ly Russ­ian “Shad­ow Bro­kers”. Bamford’s con­clu­sion? It was most like­ly anoth­er Snow­den-like inside job, but Bam­ford doesn’t think the source of this leak was Snow­den or some­one with access to the full Snow­den cache. Bam­ford actu­al­ly trav­eled to Rus­sia, inter­viewed Snow­den, and got to exam­ine and search what Snow­den claimed was the full cache and didn’t see any­thing indi­cat­ing TAO hack­ing tools (although who knows if what he saw was the full “dead-man’s switch” Dooms­day cache [103]).

No, the per­son Bam­ford has in mind in none oth­er than Jacob Appel­baum, the Berlin-based hackivist/Tor devel­op­er (ex-Tor devel­op­er [104])/Wikileaks hacker/avowed ene­my of Hillary Clin­ton. Why Appel­baum? Well, because when Jacob Appel­baum gave his big speech in Decem­ber 2013 at the Chaos Com­mu­ni­ca­tions Con­gress and wrote a bunch of Der Spiegel arti­cles describ­ing an array of of NSA TAO hack­ing tools [105], every­one assumed he was grab­bing that info from the Snow­den cache. But Bam­ford nev­er saw those tools when he exam­ined the cache and there was nev­er an expla­na­tion of where Appel­baum got that TAO data.

So are Appel­baum, or pos­si­bly Appelbaum’s uniden­ti­fied NSA inside source, the real “Shad­ow Bro­kers”? That’s what Bam­ford appears to sus­pect [43]:

Note that Apple­baum appears to have been deeply involved with get­ting Snow­den from Hawaii to Hong Kong. It was Wik­iLeak­er Sarah Har­ri­son who got Snow­den from Hong Kong to Moscow.

“Com­men­tary: Evi­dence Points to Anoth­er Snow­den at the NSA” by James Bam­ford; Reuters; 8/24/2016. [43]

In the sum­mer of 1972, state-of-the-art cam­paign spy­ing con­sist­ed of ama­teur bur­glars, armed with duct tape and micro­phones, pen­e­trat­ing the head­quar­ters of the Demo­c­ra­t­ic Nation­al Com­mit­tee [106]. Today, ama­teur bur­glars have been replaced by cyber­spies, who pen­e­trat­ed the DNC armed with com­put­ers and sophis­ti­cat­ed hack­ing tools.

Where the Water­gate bur­glars came away emp­ty-hand­ed and in hand­cuffs, the mod­ern- day cyber thieves walked away with tens of thou­sands of sen­si­tive polit­i­cal doc­u­ments and are still uniden­ti­fied.

Now, in the lat­est twist, hack­ing tools them­selves, like­ly stolen from the Nation­al Secu­ri­ty Agency, are on the dig­i­tal auc­tion block. Once again, the usu­al sus­pects start with Rus­sia – though there seems lit­tle evi­dence back­ing up the accu­sa­tion.

In addi­tion, if Rus­sia [107] had stolen the hack­ing tools, it would be sense­less to pub­li­cize the theft, let alone put them up for sale. It would be like a safe­crack­er steal­ing the com­bi­na­tion to a bank vault and putting it on Face­book. Once revealed, com­pa­nies and gov­ern­ments would patch their fire­walls, just as the bank would change its com­bi­na­tion.

A more log­i­cal expla­na­tion could also be insid­er theft. If that’s the case, it’s one more rea­son to ques­tion the use­ful­ness of an agency that secret­ly col­lects pri­vate infor­ma­tion on mil­lions of Amer­i­cans but can’t keep its most valu­able data from being stolen, or as it appears in this case, being used against us.

In what appeared more like a Sat­ur­day Night Live skit than an act of cyber­crime, a group call­ing itself the Shad­ow Bro­kers put up for bid on the Inter­net what it called a “full state-spon­sored toolset” of “cyber­weapons.” “!!! Atten­tion gov­ern­ment spon­sors of cyber­war­fare and those who prof­it from it !!!! How much would you pay for ene­mies cyber­weapons?” said the announce­ment.

The group said it was releas­ing some NSA files for “free” and promised “bet­ter” ones to the high­est bid­der. How­ev­er, those with loos­ing bids “Lose Lose,” it said, because they would not receive their mon­ey back. And should the total sum of the bids, in bit­coins, reach the equiv­a­lent of half a bil­lion dol­lars, the group would make the whole lot pub­lic.

While the “auc­tion” seemed tongue in cheek, more like hack­tivists than Russ­ian high com­mand, the sam­ple doc­u­ments were almost cer­tain­ly real. The draft of a top-secret NSA man­u­al for implant­i­ng offen­sive mal­ware, released by Edward Snow­den, con­tains code for a pro­gram code­named SECONDDATE. That same 16-char­ac­ter string of num­bers and char­ac­ters is in the code released by the Shad­ow Bro­kers. The details from the man­u­al [108] were first released by The Inter­cept last Fri­day.

The authen­tic­i­ty of the NSA hack­ing tools were also con­firmed by sev­er­al ex-NSA offi­cials who spoke to the media, includ­ing for­mer mem­bers of the agency’s Tai­lored Access Oper­a­tions (TAO) unit, the home of hack­ing spe­cial­ists.

“With­out a doubt, they’re the keys to the king­dom [109],” one for­mer TAO employ­ee told the Wash­ing­ton Post. “The stuff you’re talk­ing about would under­mine the secu­ri­ty of a lot of major gov­ern­ment and cor­po­rate net­works both here and abroad.” Anoth­er added, “From what I saw, there was no doubt in my mind that it was legit­i­mate.”

Like a bank robber’s tool kit for break­ing into a vault, cyber exploita­tion tools, with code­names like EPICBANANA and BUZZDIRECTION, are designed to break into com­put­er sys­tems and net­works. Just as the bank rob­ber hopes to find a crack in the vault that has nev­er been dis­cov­ered, hack­ers search for dig­i­tal cracks, or “exploits,” in com­put­er pro­grams like Win­dows.

The most valu­able are “zero day” exploits, mean­ing there have been zero days since Win­dows has dis­cov­ered the “crack” in their pro­grams. Through this crack, the hack­er would be able to get into a sys­tem and exploit it, by steal­ing infor­ma­tion, until the breach is even­tu­al­ly dis­cov­ered and patched. Accord­ing to the for­mer NSA offi­cials who viewed the Shad­ow Bro­ker files, they con­tained a num­ber of exploits, includ­ing zero-day exploits that the NSA often pays thou­sands of dol­lars for to pri­vate hack­ing groups.

The rea­sons giv­en for lay­ing the blame on Rus­sia appear less con­vinc­ing, how­ev­er. “This is prob­a­bly some Russ­ian mind game [110], down to the bogus accent,” James A. Lewis, a com­put­er expert at the Cen­ter for Strate­gic and Inter­na­tion­al Stud­ies, a Wash­ing­ton think tank, told the New York Times. Why the Rus­sians would engage in such a mind game, he nev­er explained.

Rather than the NSA hack­ing tools being snatched as a result of a sophis­ti­cat­ed cyber oper­a­tion by Rus­sia or some oth­er nation, it seems more like­ly that an employ­ee stole them. Experts who have ana­lyzed the files sus­pect that they date to Octo­ber 2013, five months after Edward Snow­den left his con­trac­tor posi­tion with the NSA and fled to Hong Kong car­ry­ing flash dri­ves con­tain­ing hun­dreds of thou­sands of pages of NSA doc­u­ments.

So, if Snow­den could not have stolen the hack­ing tools, there are indi­ca­tions that after he depart­ed in May 2013, some­one else did, pos­si­bly some­one assigned to the agency’s high­ly sen­si­tive Tai­lored Access Oper­a­tions.

In Decem­ber 2013, anoth­er high­ly secret NSA doc­u­ment qui­et­ly became pub­lic. It was a top secret TAO cat­a­log of NSA hack­ing tools. Known as the Advanced Net­work Tech­nol­o­gy (ANT) cat­a­log, it con­sist­ed of 50 pages of exten­sive pic­tures, dia­grams and descrip­tions of tools for every kind of hack, most­ly tar­get­ed at devices man­u­fac­tured by U.S. com­pa­nies, includ­ing Apple, Cis­co, Dell and many oth­ers.

Like the hack­ing tools, the cat­a­log used sim­i­lar code­names. Among the tools tar­get­ing Apple was one code­named DROPOUTJEEP [111], which gives NSA total con­trol of iPhones. “A soft­ware implant for the Apple iPhone,” says the ANT cat­a­log, “includes the abil­i­ty to remote­ly push/pull files from the device. SMS retrieval, con­tact-list retrieval, voice­mail, geolo­ca­tion, hot mic, cam­era cap­ture, cell-tow­er loca­tion, etc.”

Anoth­er, code­named IRATEMONK [111], is, “Tech­nol­o­gy that can infil­trate the firmware of hard dri­ves man­u­fac­tured by Max­tor, Sam­sung, Sea­gate and West­ern Dig­i­tal.”

In 2014, I spent three days in Moscow with Snow­den for a mag­a­zine assign­ment and a PBS doc­u­men­tary. Dur­ing our on-the-record con­ver­sa­tions, he would not talk about the ANT cat­a­log, per­haps not want­i­ng to bring atten­tion to anoth­er pos­si­ble NSA whistle­blow­er.

I was, how­ev­er, giv­en unre­strict­ed access to his cache of doc­u­ments. These includ­ed both the entire British, or GCHQ, files and the entire NSA files.

But going through this archive using a sophis­ti­cat­ed dig­i­tal search tool, I could not find a sin­gle ref­er­ence to the ANT cat­a­log. This con­firmed for me that it had like­ly been released by a sec­ond leak­er. And if that per­son could have down­loaded and removed the cat­a­log of hack­ing tools, it’s also like­ly he or she could have also down­loaded and removed the dig­i­tal tools now being leaked.

In fact, a num­ber of the same hack­ing implants and tools released by the Shad­ow Bro­kers are also in the ANT cat­a­log, includ­ing those with code­names BANANAGLEE and JETPLOW. These can be used to cre­ate “a per­sis­tent back-door capa­bil­i­ty” into wide­ly used Cis­co fire­walls, says the cat­a­log.

Con­sist­ing of about 300 megabytes of code, the tools could eas­i­ly and quick­ly be trans­ferred to a flash dri­ve. But unlike the cat­a­log, the tools them­selves – thou­sands of ones and zeros – would have been use­less if leaked to a pub­li­ca­tion. This could be one rea­son why they have not emerged until now.

Enter Wik­iLeaks. Just two days after the first Shad­ow Bro­kers mes­sage, Julian Assange, the founder of Wik­iLeaks, sent out a Twit­ter mes­sage. “We had already obtained the archive of NSA cyber­weapons released ear­li­er today,” Assange wrote, “and will release our own pris­tine copy in due course.”

The month before, Assange was respon­si­ble for releas­ing the tens of thou­sands of hacked DNC emails that led to the res­ig­na­tion of the four top com­mit­tee offi­cials.

There also seems to be a link between Assange and the leak­er who stole the ANT cat­a­log, and the pos­si­ble hack­ing tools. Among Assange’s close asso­ciates is Jacob Appel­baum, a cel­e­brat­ed hack­tivist and the only pub­licly known Wik­iLeaks staffer in the Unit­ed States – until he moved to Berlin in 2013 in what he called a “polit­i­cal exile” because of what he said was repeat­ed harass­ment by U.S. law enforce­ment per­son­nel. In 2010, a Rolling Stone mag­a­zine pro­file labeled him “the most dan­ger­ous man in cyber­space.”

In Decem­ber 2013, Appel­baum was the first per­son to reveal the exis­tence of the ANT cat­a­log, at a con­fer­ence in Berlin, with­out iden­ti­fy­ing the source. That same month he said he sus­pect­ed the U.S. gov­ern­ment of break­ing into his Berlin apart­ment. He also co-wrote an arti­cle about the cat­a­log in Der Spiegel. But again, he nev­er named a source, which led many to assume, mis­tak­en­ly, that it was Snow­den.

In addi­tion to Wik­iLeaks, for years Appel­baum worked for Tor, an orga­ni­za­tion focused on pro­vid­ing its cus­tomers anonymi­ty on the Inter­net [112]. But last May, he stepped down as a result of “seri­ous, pub­lic alle­ga­tions of sex­u­al mis­treat­ment [113]” made by unnamed vic­tims, accord­ing to a state­ment put out by Tor. Appel­baum has denied the charges.

Short­ly there­after, he turned his atten­tion to Hillary Clin­ton. At a screen­ing of a doc­u­men­tary about Assange in Cannes, France, Appel­baum accused her of hav­ing a grudge against him and Assange, and that if she were elect­ed pres­i­dent, she would make their lives dif­fi­cult. “It’s a sit­u­a­tion that will pos­si­bly get worse” if she is elect­ed to the White House, he said, accord­ing to Yahoo News.

It was only a few months lat­er that Assange released the 20,000 DNC emails. Intel­li­gence agen­cies have again point­ed the fin­ger at Rus­sia [114] for hack­ing into these emails.

Yet there has been no expla­na­tion as to how Assange obtained them. He told NBC News, “There is no proof what­so­ev­er [115]” that he obtained the emails from Russ­ian intel­li­gence. Moscow has also denied involve­ment.

There are, of course, many sophis­ti­cat­ed hack­ers in Rus­sia, some with close gov­ern­ment ties and some with­out. And plant­i­ng false and mis­lead­ing indi­ca­tors in mes­sages is an old trick. Now Assange has promised to release many more emails before the elec­tion, while appar­ent­ly ignor­ing email involv­ing Trump. (Trump oppo­si­tion research was also stolen [116].)

In hack­tivist style, and in what appears to be pho­ny bro­ken Eng­lish, this new release of cyber­weapons also seems to be tar­get­ing Clin­ton. It ends with a long and angry “final mes­sage” against “Wealthy Elites . . . break­ing laws” but “Elites top friends announce, no law bro­ken, no crime commit[ed]. . . Then Elites run for pres­i­dent. Why run for pres­i­dent when already con­trol coun­try like dic­ta­tor­ship?”

Then after what they call the “fun Cyber Weapons Auc­tion” comes the real mes­sage, a seri­ous threat. “We want make sure Wealthy Elite rec­og­nizes the dan­ger [of] cyber­weapons. Let us spell out for Elites. Your wealth and con­trol depends on elec­tron­ic data.” Now, they warned, they have con­trol of the NSA’s cyber hack­ing tools that can take that wealth away. “You see attacks on banks and SWIFT [a world­wide net­work for finan­cial ser­vices] in news. If elec­tron­ic data go bye-bye where leave Wealthy Elites? Maybe with dumb cat­tle?” . . . 

There also seems to be a link between Assange and the leak­er who stole the ANT cat­a­log, and the pos­si­ble hack­ing tools. Among Assange’s close asso­ciates is Jacob Appel­baum, a cel­e­brat­ed hack­tivist and the only pub­licly known Wik­iLeaks staffer in the Unit­ed States – until he moved to Berlin in 2013 in what he called a “polit­i­cal exile” because of what he said was repeat­ed harass­ment by U.S. law enforce­ment per­son­nel. In 2010, a Rolling Stone mag­a­zine pro­file labeled him “the most dan­ger­ous man in cyber­space.”

In Decem­ber 2013, Appel­baum was the first per­son to reveal the exis­tence of the ANT cat­a­log, at a con­fer­ence in Berlin, with­out iden­ti­fy­ing the source. That same month he said he sus­pect­ed the U.S. gov­ern­ment of break­ing into his Berlin apart­ment. He also co-wrote an arti­cle about the cat­a­log in Der Spiegel. But again, he nev­er named a source, which led many to assume, mis­tak­en­ly, that it was Snow­den.

In addi­tion to Wik­iLeaks, for years Appel­baum worked for Tor, an orga­ni­za­tion focused on pro­vid­ing its cus­tomers anonymi­ty on the Inter­net [112]. But last May, he stepped down as a result of “seri­ous, pub­lic alle­ga­tions of sex­u­al mis­treat­ment [113]” made by unnamed vic­tims, accord­ing to a state­ment put out by Tor. Appel­baum has denied the charges.

Short­ly there­after, he turned his atten­tion to Hillary Clin­ton. At a screen­ing of a doc­u­men­tary about Assange in Cannes, France, Appel­baum accused her of hav­ing a grudge against him and Assange, and that if she were elect­ed pres­i­dent, she would make their lives dif­fi­cult. “It’s a sit­u­a­tion that will pos­si­bly get worse” if she is elect­ed to the White House, he said, accord­ing to Yahoo News.

8. There is abun­dant cir­cum­stan­tial evi­dence point­ing in the direc­tion of Appel­baum.

Since Appel­baum is cur­rent­ly liv­ing in Berlin it’s worth not­ing that the email address that appears to be used by the Shad­ow Bro­kers is a Ger­man email provider with a pol­i­cy of coop­er­at­ing with legal author­i­ties as lit­tle as pos­si­ble and only hand­ing over encrypt­ed data when giv­en a court order. [46]

Note that, in addi­tion to Apple­baum (who appears to have assist­ed Snow­den in get­ting from Hawaii to Hong Kong), Lau­ra Poitras (Glenn Green­wald’s asso­ciate), Sarah Har­ri­son (Assange’s ex-girl­friend who assist­ed Snow­den in his flight from Hong Kong to Moscow) and Peter Sunde (who found­ed the Pirate Bay web­site on which Wik­iLeaks held forth) are all res­i­dent in Ger­many at this time.

“ . . . He said Tutan­o­ta had only ever been forced to hand over encrypt­ed data of its users a few times and it has a trans­paren­cy report [47] where it dis­clos­es those cas­es. ‘How­ev­er, we release data only in very, very few cas­es … And when we have to pro­vide the data due to a court order, it is still encrypt­ed,’ Pfau added, going on to explain the company’s stance on sur­veil­lance. . . .”

It will be inter­est­ing to see if there are any fol­lowup reports on Ger­man author­i­ties ask­ing for the encrypt­ed account data. It would be odd if such a request were not made.

In FTR #‘s 918 [117], 919 [118], 920 [119], 921 [120] and 922 [19], we not­ed that the Tru­menkampfver­bande gives every indi­ca­tion of being the tran­si­tion­al ele­ment of the Under­ground Reich in its meta­mor­pho­sis into an above-ground move­ment. Trump’s per­son­al and polit­i­cal her­itage, com­mer­cial cred­i­tors (Deutsche Bank is chief among them) and geopol­i­tics are Ger­man in nature.

“Edward Snow­den: Rus­sia Is Chief Sus­pect In NSA Hack” by Thomas Fox-Brew­ster; Forbes ; 8/16/2016. [41]

If there’s any­one who knows how and why any­one would hack the NSA, and can talk about it open­ly, it’s for­mer con­trac­tor Edward Snow­den. After all, the exile-in-Rus­sia siphoned off mass­es of infor­ma­tion from the intel­li­gence agency before help­ing jour­nal­ists pub­lish the doc­u­ments, which togeth­er have exposed mass sur­veil­lance by US and inter­na­tion­al snoops [121].

Who are the Shad­ow Bro­kers?

Very lit­tle is known about the Shad­ow Bro­kers. They used Github, Tum­blr and Mega to dis­sem­i­nate their files. When they released the data on August 13, they used bro­ken Eng­lish to launch a Bit­coin auc­tion for the remain­ing 40 per cent of data they hand’t released from their alleged Equa­tion Group attack. For instance: “If you want know your net­works hacked, you send bit­coin. If you want hack net­works as like equa­tion group, you send bit­coin. If you want reverse, write many words, make big name for self, get many cus­tomers, you send bit­coin. If want to know what we take, you send bit­coin.”

Of the lit­tle infor­ma­tion avail­able, it’s clear the hack­ers used an email address belong­ing to Tutan­o­ta [122], a Ger­man provider focused on secu­ri­ty, to upload the data to Github [123].

Founder of Tutan­o­ta Matthias Pfau told FORBES the com­pa­ny had not been con­tact­ed by law enforce­ment regard­ing the alleged breach of the NSA. “If our accounts are mis­used … a Ger­man judge can force us to deliv­er the encrypt­ed data,” Pfau said.

He said Tutan­o­ta had only ever been forced to hand over encrypt­ed data of its users a few times and it has a trans­paren­cy report [47] where it dis­clos­es those cas­es. “How­ev­er, we release data only in very, very few cas­es … And when we have to pro­vide the data due to a court order, it is still encrypt­ed,” Pfau added, going on to explain the company’s stance on sur­veil­lance.

“Fan­tasies of omnipo­tence and total sur­veil­lance are threat­en­ing our fun­da­men­tal rights. That is not accept­able and that is why we stand up and fight for pri­va­cy.” . . . .