Black ops: how HBGary wrote backdoors for the government. On November 16, 2009, Greg Hoglund, a cofounder of computer security firm HBGary, sent an e-mail to two colleagues.
The message came with an attachment, a Microsoft Word file called AL_QAEDA.doc, which had been further compressed and password protected for safety. Its contents were dangerous. "I got this word doc linked off a dangler site for Al Qaeda peeps," wrote Hoglund. "I think it has a US govvy payload buried inside. Would be neat to [analyze] it and see what it's about. Help Anonymous stop Palantir. Do it now. Overview The following emails clearly establish Matthew Steckman's (Foward Deployed Engineer at Planatir) involvement in the creation of the leaked presentation/proposal entitled, "The Wikileaks Threat," including content allegedly considered unethical by the Internet security firm, Palantir, and possibly illegal under U.S. law.
According to emails sent and received by Steckman, Matthew Steckman: Was the first to correspond with Bank of America's legal representation, Hunton & Williams regarding Wikileaks, a publisher allegedly holding leaked documents from Bank of America; Was aware that Hunton & Williams had been recommended to Bank of America by the U.S. Listed emails also detail correspondance between employees of the firms HBGary and Palantir (including Aaron Barr and Matthew Steckman) among others, concerning the internet movement called Anonymous, its alleged connections to Wikileaks, and Aaron's Barr's research on Anonymous, including its alleged connections to Wikileaks. B. HBGary, Anonymous, WikiLeaks, And The Concept Of Openness. Recently I’ve been reading the excellent work by Jamais Cascio and thinking about the concept of "openness.
" Much of Jamais’ work is focused on geoengineering, but the concept of openness has profound implications on many fields, including computer security. For those of you who have been following the unfolding story of HBGary Federal and the Anonymous Group, this is what Hollywood movies are made of. In fact, I don’t think a script writer could have penned this any better than the real life version.
If you haven’t been following the minute details of this story, this Tech Herald article is an excellent read on how the whole thing started. HBGary and the Future of the IT Security Industry. PersonaManagementSoftware.pdf (Objet application/pdf) US Gov. Software Creates ‘Fake People’ on Social Networks to Promote Propaganda « Our Compass. From Examiner NationalBy Sean Kerrigan The US government is offering private intelligence companies contracts to create software to manage “fake people” on social media sites and create the illusion of consensus on controversial issues.
The contract calls for the development of “Persona Management Software” which would help the user create and manage a variety of distinct fake profiles online. The job listing was discussed in recently leaked emails from the private security firm HBGary after an attack by internet activist last week. Click here to view the government contract (PDF) (Below as well) According to the contract, the software would “protect the identity of government agencies” by employing a number of false signals to convince users that the poster is in fact a real person. Included in HBGary’s leaked emails was a government proposal for the government contract. How Anonymous hacked the security firm hacker. Even as the FBI was conducting its ongoing campaign of surveillance and armed raids against those of us involved in the Anonymous activist collective, that and other "law enforcement" agencies were simultaneously providing resources and work opportunities to a collection of federal contractors, which were themselves engaged in a variety of reckless and unethical activities to which they are now being held to account by the press, if not the government.
Anyone who had written up such a situation as fiction would rightfully be thrown out of a publisher's office for having produced a work of fiction with such a ludicrous plot. On the Saturday before last, an article appeared in Financial Times in which a certain Aaron Barr, head of US federal contractor HBGary Federal, claimed to have identified by name what he termed Anonymous's "leadership".
We responded with a press release conceding defeat. Aaron Barr's New Look. So I decided to privately - Sun, 6 Feb 2011 01:40:06 -0500. Talk - Tue, 01 Feb 2011 22:02:58 -0500. STTR 11.A Solicitation has been issued for public release - Fri, 28 Jan 2011 00:01:01 -0500. Some of my working notes - Sat, 22 Jan 2011 16:54:52 -0500. Big maps of china - Sun, 18 Jul 2010 11:17:07 -0700. Stuxnet - Sun, 26 Sep 2010 20:26:02 -0700. FBI + HBGary - Thu, 20 Jan 2011 16:48:28 -0500.
Re: Stuxnet - Fri, 6 Aug 2010 11:56:56 -0700. HBG-Anon-WL.pdf (Objet application/pdf) HBGary Execs Run For Cover As Hacking Scandal Escalates - Andy Greenberg - The Firewall. Spy games: Inside the convoluted plot to bring down WikiLeaks. When Aaron Barr was finalizing a recent computer security presentation for the US Transportation Security Administration, a colleague had a bit of good-natured advice for him: "Scare the sh*t out of them!
" In retrospect, this may not have been the advice Barr needed. As CEO of the government-focused infosec company HBGary Federal, Barr had to bring in big clients—and quickly—as the startup business hemorrhaged cash. To do so, he had no problem with trying to "scare the sh*t out of them. " When working with a major DC law firm in late 2010 on a potential deal involving social media, for instance, Barr decided that scraping Facebook to stalk a key partner and his family might be a good idea. When he sent his law firm contact a note filled with personal information about the partner, his wife, her family, and her photography business, the result was immediate. "Thanks.
This rather creepy behavior became common; Barr used it as a sign of his social media prowess. Barr at first loved the job. HBGary CEO Also Suggested Tracking, Intimidating WikiLeaks’ Donors - Andy Greenberg - The Firewall. Did Security Firms Pitch Bank Of America On Sabotaging WikiLeaks? - Andy Greenberg - The Firewall.