Black ops: how HBGary wrote backdoors for the government. On November 16, 2009, Greg Hoglund, a cofounder of computer security firm HBGary, sent an e-mail to two colleagues.
The message came with an attachment, a Microsoft Word file called AL_QAEDA.doc, which had been further compressed and password protected for safety. Its contents were dangerous. "I got this word doc linked off a dangler site for Al Qaeda peeps," wrote Hoglund. "I think it has a US govvy payload buried inside. Help Anonymous stop Palantir. Do it now. Overview The following emails clearly establish Matthew Steckman's (Foward Deployed Engineer at Planatir) involvement in the creation of the leaked presentation/proposal entitled, "The Wikileaks Threat," including content allegedly considered unethical by the Internet security firm, Palantir, and possibly illegal under U.S. law.
According to emails sent and received by Steckman, Matthew Steckman: HBGary, Anonymous, WikiLeaks, And The Concept Of Openness. Recently I’ve been reading the excellent work by Jamais Cascio and thinking about the concept of "openness.
" Much of Jamais’ work is focused on geoengineering, but the concept of openness has profound implications on many fields, including computer security. For those of you who have been following the unfolding story of HBGary Federal and the Anonymous Group, this is what Hollywood movies are made of. In fact, I don’t think a script writer could have penned this any better than the real life version. If you haven’t been following the minute details of this story, this Tech Herald article is an excellent read on how the whole thing started.
HBGary and the Future of the IT Security Industry. This is a really good piece by Paul Roberts on Anonymous vs.
HBGary: not the tactics or the politics, but what HBGary demonstrates about the IT security industry. But I think the real lesson of the hack - and of the revelations that followed it - is that the IT security industry, having finally gotten the attention of law makers, Pentagon generals and public policy establishment wonks in the Beltway, is now in mortal danger of losing its soul. We've convinced the world that the threat is real - omnipresent and omnipotent. But in our desire to combat it, we are becoming indistinguishable from the folks with the black hats. [...] ...While "scare 'em and snare 'em" may be [...]
What's more disturbing is the way that the folks at HBGary - mostly Aaron Barr, but others as well - came to view the infowar tactics they were pitching to the military and its contractors as applicable in the civilian context, as well. PersonaManagementSoftware.pdf (Objet application/pdf) US Gov. Software Creates ‘Fake People’ on Social Networks to Promote Propaganda « Our Compass. From Examiner NationalBy Sean Kerrigan The US government is offering private intelligence companies contracts to create software to manage “fake people” on social media sites and create the illusion of consensus on controversial issues.
The contract calls for the development of “Persona Management Software” which would help the user create and manage a variety of distinct fake profiles online. The job listing was discussed in recently leaked emails from the private security firm HBGary after an attack by internet activist last week. Click here to view the government contract (PDF) (Below as well) According to the contract, the software would “protect the identity of government agencies” by employing a number of false signals to convince users that the poster is in fact a real person. How Anonymous hacked the security firm hacker. Even as the FBI was conducting its ongoing campaign of surveillance and armed raids against those of us involved in the Anonymous activist collective, that and other "law enforcement" agencies were simultaneously providing resources and work opportunities to a collection of federal contractors, which were themselves engaged in a variety of reckless and unethical activities to which they are now being held to account by the press, if not the government.
Anyone who had written up such a situation as fiction would rightfully be thrown out of a publisher's office for having produced a work of fiction with such a ludicrous plot. On the Saturday before last, an article appeared in Financial Times in which a certain Aaron Barr, head of US federal contractor HBGary Federal, claimed to have identified by name what he termed Anonymous's "leadership".
We responded with a press release conceding defeat. Aaron Barr's New Look. So I decided to privately - Sun, 6 Feb 2011 01:40:06 -0500. Talk - Tue, 01 Feb 2011 22:02:58 -0500. STTR 11.A Solicitation has been issued for public release - Fri, 28 Jan 2011 00:01:01 -0500. Some of my working notes - Sat, 22 Jan 2011 16:54:52 -0500. Big maps of china - Sun, 18 Jul 2010 11:17:07 -0700. Stuxnet - Sun, 26 Sep 2010 20:26:02 -0700. FBI + HBGary - Thu, 20 Jan 2011 16:48:28 -0500. Re: Stuxnet - Fri, 6 Aug 2010 11:56:56 -0700.
HBG-Anon-WL.pdf (Objet application/pdf) HBGary Execs Run For Cover As Hacking Scandal Escalates - Andy Greenberg - The Firewall. Spy games: Inside the convoluted plot to bring down WikiLeaks. When Aaron Barr was finalizing a recent computer security presentation for the US Transportation Security Administration, a colleague had a bit of good-natured advice for him: "Scare the sh*t out of them!
" In retrospect, this may not have been the advice Barr needed. As CEO of the government-focused infosec company HBGary Federal, Barr had to bring in big clients—and quickly—as the startup business hemorrhaged cash. To do so, he had no problem with trying to "scare the sh*t out of them. " HBGary CEO Also Suggested Tracking, Intimidating WikiLeaks’ Donors - Andy Greenberg - The Firewall. Did Security Firms Pitch Bank Of America On Sabotaging WikiLeaks? - Andy Greenberg - The Firewall.