19 January 2011
Trapsters
(JacksonBrown out on bail. Photo Bill Kostroun/Associated Press.)
I opened up the mail this morning with that familiar feeling of dread. I had sent an intemperate note after getting back from Willow that felt good at the time but was too cleaver by half. It is the trap of wine; there may be veritas in the glass, but sometimes it is better to just keep your trap shut.
There was no way to retrieve it, and the fact that there was no response only increased my anxiety.
Instead, I got word that I had been hijacked again. It is getting to be a drumbeat. A few weeks ago the National Archives dropped a line to let me know that a Clinton Administration archive containing the financial disclosure information of several thousand of us former bureaucrats had been accidentally misplaced, and hence someone might have all the personal data they might like to mess with us, big time.
I no longer know what to do about it. I have a couple credit reporting services that constantly check for new activity, but the damage could be done in the blink of an eye by an able hacker.
This morning, it was the nice people at Trapster who wrote me. Their service is a great app on my Droid phone, a social network that reports the presence of speed traps and the location of Troopers on the highways. The note went like this:
“Dear Trapster User:
The Trapster team has recently learned that our website has been the target of a hacking attempt, and it is possible that your email address and password were compromised. We have taken, and continue to take, preventative measures to avoid future incidents but we are recommending that you change your Trapster password…”
I will take care of that in good time, after scanning the on-line edition of the Times, but I grew more alarmed as I read a story down in the Tech section:
“Federal prosecutors arrested two men on Tuesday on charges of fraud and conspiracy in obtaining and distributing the e-mail addresses of 114,000 iPad <http://topics.nytimes.com/top/reference/timestopics/subjects/i/ipad/index.html?inline=nyt-classifier> 3G owners.”
I had just been looking at the iPad, trying to figure out if the new technology could pay for itself by allowing me to cancel the satellite broad-band connection at Refuge Farm.
The two guys are part of a group known as Goatse Security, and have the online presence of “Weeve” and “JacksonBrown” for reasons known best to themselves. They are 25 and 26, respectively.
I will leave out their real names in deference to their privacy, though it is all over the web already. They are already caught in the trap.
The group collaborated in exploiting a security hole at the AT&T <http://topics.nytimes.com/top/news/business/companies/at_and_t/index.html?inline=nyt-org> website, and the addresses and corresponding iPad identification numbers. Or borrowed, I guess is how Weev’s attorneys would spin it. The people involved include members of Congress, soldiers, DHS and NASA.
The exploit was done from Arkansas and San Francisco, which is again completely usual in these sorts of things, just like Lisbeth Salander in the tattooed girl trilogy by Steig Larssen.
The authorities would not have caught the duo if someone had note dropped a dime on them. Hundreds of pages of chat logs were handed over to the FBI- essentially the same deal as what Adrian Lamo did to PFC Bradley Manning.
Manning got in touch with Julian Assange in November, 2009, if the reporting is accurate, after WikiLeaks went public with a half million pager messages from the 9/11 attacks.
Manning thought he had the perfect place to publish, and he had perfect access to a SIPRNet terminal with a working CD burner. The signals were clear in retrospect; he was posting on Facebook clear signs that he was up to something, and according to Wired magazine he told a boyfriend in Boston while on leave that he was considering leaking classified information.
(Tipster Adrian Lamo. Photo Soylent Communications.)
The paper trail is clear, although Lamo is parsing out the information carefully.
We can cover the rest of this later, and how Lamo began to communication first with Manning and later with the FBI.
I just want to say why I think it is important to explain why I take all this cyber stuff personally.
It is not just that Weev and Jackson Brown and their ilk may have all the information they need to screw with my bank account and my phone. PFC Manning, that 23 year old man filled with such self righteous anger apparently convinced himself that the entire conduct of the United States Government is essentially "unclassified" and should be in the "public domain."
I was talking to a pal yesterday when it hit me.
His son is in the government, working for one of the Three Letter Agencies. My older boy is, too, and now my younger one is on active duty.
All of them travel, and sometimes to embassies in nasty places like Zamboanga in the Philippines, and Islamabad.
The Ambassador and Chief of Station are routinely notified by classified cable of the identities of official visitors, and I am betting that our kids are identified in some of those quarter million cables.
I can deal with Weev and my bank account. I am a big boy. But I cannot deal with a jerk like Julian Assange who is deliberately baiting a trap with the identity and safety of our kids.
(Julian Assange surfing the web. Photo USAHM News.)
Copyright 2011 Vic Socotra
vicsocotra.com | Subscribe to the RSS feed!