Government Contractor Monitors U.S. ISPs, Says It Employed Wikileaks Informant
8 replies, posted
[highlight]Stealthy Government Contractor Monitors U.S. Internet Providers, Says It Employed Wikileaks Informant[/highlight]
[url=http://blogs.forbes.com/firewall/2010/08/01/stealthy-government-contractor-monitors-u-s-internet-providers-says-it-employed-wikileaks-informant/]Source[/url]
[release]A semi-secret government contractor that calls itself Project Vigilant surfaced at the Defcon security conference Sunday with a series of revelations: that it monitors the traffic of 12 regional Internet service providers, hands much of that information to federal agencies, and encouraged one of its "volunteers", researcher Adrian Lamo, to inform the federal government about the alleged source of a controversial video of civilian deaths in Iraq leaked to whistle-blower site Wikileaks in April.
Chet Uber, the director of Fort Pierce, Fl.-based Project Vigilant, says that he personally asked Lamo to meet with federal authorities to out the source of a video published by Wikileaks showing a U.S. Apache helicopter killing several civilians and two journalists in a suburb of Baghdad, a clip that Wikileaks labelled "Collateral Murder." Lamo, who Uber said worked as an "Adversary Characterization" analyst for Project Vigilant, had struck up an online friendship with Bradley Manning, a former U.S. Army intelligence analyst who currently faces charges of releasing the classified video.
In June, Uber said he learned from Lamo's father that the young researcher had identified Manning as the video's source, and pressured him to meet with federal agencies to name Manning as Wikileaks' source. He then arranged a meeting with employees of "three letter" agencies and Lamo, who Uber said had mixed feelings about informing on Manning.
"I'm the one who called the U.S. government," Uber said. "All the people who say that Adrian is a narc, he did a patriotic thing. He sees all kinds of hacks, and he was seriously worried about people dying."
Uber says that Lamo later called him from the meeting, regretting his decision to inform on Manning. "I'm in a meeting with five guys and I don't want to do this," Uber says Lamo told him at the time. Uber says he responded, "You don't have any choice, you've got to do this."
"I said, 'They're not going to throw you in jail,'" Uber said. "'Give them everything you have.'"
Wikileaks didn't immediately respond to a request for comment. A contact link on Lamo's personal web site was disabled Sunday, but we'll update this post when we're able to reach him or Wikileaks.
Uber's Wikileaks revelation is one of the first public statements from the semi-secret Project Vigilant. He says the 600-person "volunteer" organization functions as a government contractor bridging public and private sector security efforts. Its mission: to use a variety of intelligence-gathering efforts to help the government attribute hacking incidents. "Bad actors do bad things and you have to prove that they did them," says Uber. "Attribution is the hardest problem in computer security."
According to Uber, one of Project Vigilant's manifold methods for gathering intelligence includes collecting information from a dozen regional U.S. Internet service providers. (ISPs) Uber declined to name those ISPs, but said that because the companies included a provision allowing them to share users' Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally able to gather data from the Internet carriers and use it to craft reports for federal agencies. A Vigilant press release says that the organization tracks more than 250 million IP addresses a day and can "develop portfolios on any name, screen name or IP address."
"We don't do anything illegal," says Uber. "If an ISP has a EULA to let us monitor traffic, we can work with them. If they don't, we can't."
And whether that massive data gathering violates privacy? The organization says it never looks at personally identifying information, though just how it defines that information isn't clear, nor is how it scrubs its data mining for sensitive details.
ISP monitoring is just one form of intelligence that Vigilant employs, says Uber. It also gathers variety of open source intelligence and numerous agents around the world. In Iran, for instance, Uber says Vigilant created an anonymous Internet proxy service that allowed it to receive information from local dissidents prior to last year's election, including early information indicating that the re-election of Mahmoud Ahmadinejad was skewed by fraud.
Uber, who formerly founded a private sector group called Infragard that worked closely with the FBI, compares the organization's techniques with Ghostnet, the Chinese cyber espionage campaign revealed last year that planted spyware on computers of many governments and NGOs. "We've developed a network for obfuscation that allows us to view bad actors," he says.
Uber says he's speaking publicly about Vigilant because he wants to recruit the conference's breed of young, skilled hackers. By July 2011, the organization hopes to have more than 1,300 new employees.
The organization already has a few big names. According to a San Francisco Examiner article last month, it employs former NSA official Ira Winkler and Suzanne Gorman, former security chief for the New York Stock Exchange.
[/release]
We need to sacrifice privacy for freedom! and subsequently our rights as well.
[quote]"We don't do anything illegal," says Uber. "If an ISP has a EULA to let us monitor traffic, we can work with them. If they don't, we can't."[/quote]
It's not all that outrageous then. The real problem here is the ISPs.
[QUOTE=IStanI;23769006]We need to sacrifice privacy for freedom! and subsequently our rights as well.[/QUOTE]
Do you know how many rights we relieve ourselves of just to take a plane from a city to another?
"Yes, wikileaks does support porn.
Yes, wikileaks does support downloading major software.
Yes, wikileaks does support chat clients and internet communication.
Yes, wikileaks does support people who uploads stuff..."
"How?"
"Look, just get out of my van..."
That guy's name is Chet Uber? He must be badass
He was a founding member of InfraGuard, a group that a few years ago claimed to have secret permission to kill people in case of martial law.
[QUOTE=imadaman;23769441]He was a founding member of InfraGuard, a group that a few years ago claimed to have secret permission to kill people in case of martial law.[/QUOTE]
While that sounds pretty terrible it also sounds incredibly badass.
[QUOTE=imadaman;23769441]He was a founding member of InfraGuard, a group that a few years ago claimed to have secret permission to kill people in case of martial law.[/QUOTE]
Not such a secret permission now, eh?
Sorry, you need to Log In to post a reply to this thread.