I never know what to write here
160 stories
·
60 followers

“Hacker X”—the American who built a pro-Trump fake news empire—unmasks himself

2 Comments
A shadowy figure holds a mask of Donald Trump.

Enlarge (credit: Aurich Lawson | Getty Images)

This is the story of the mastermind behind one of the largest "fake news" operations in the US.

For two years, he ran websites and Facebook groups that spread bogus stories, conspiracy theories, and propaganda. Under him was a dedicated team of writers and editors paid to produce deceptive content—from outright hoaxes to political propaganda—with the supreme goal of tipping the 2016 election to Donald Trump.

Through extensive efforts, he built a secret network of self-reinforcing sites from the ground up. He devised a strategy that got prominent personalities—including Trump—to retweet misleading claims to their followers. And he fooled unwary American citizens, including the hacker's own father, into regarding fake news sources more highly than the mainstream media.

Read 72 remaining paragraphs | Comments

Read the whole story
bronzehedwick
13 days ago
reply
😳 dear god.
Jersey City, NJ
Share this story
Delete
1 public comment
nocko
13 days ago
reply
"Ethical hacker"?

"Whistleblower"?

More like amoral shit-stain. He's admited to doing as much as anyone to destroy his country.

We have no choice but to wait for his full death toll to emerge... but he got some cash and lulz, though.

Sure would be nice if the white techbro class had to face consequences.

Stick Figures :: Archeology

1 Comment

Tampa, Florida’s Stick Figures revered the Delta 5, opened for the Fall and caught the attention of John Peel in their short first run, churning out a clatter and rattle, jittering post-punk more in line with London or Manchester scenes than their native South Florida. The band made only one recording in its heyday, a four-song self-titled EP. That EP plus six additional unreleased studio tracks, two live cuts and a modern day reworking of their most chaotic song “Ellis Otivator Dub” make up the new Archeology compilation.

The post Stick Figures :: Archeology appeared first on Aquarium Drunkard.

Read the whole story
bronzehedwick
41 days ago
reply
I never heard of this band, but I'm digging them. Very angular, propulsive post-punk.
Jersey City, NJ
Share this story
Delete

Manasseh Meets The Equaliser :: Dub The Millennium

1 Comment

Dub The Millennium. First released in 1993, Manasseh's swirling medley of dub, reggae, electronic, ambient and UK indie. The original vinyl edition of the lp is home to ten tracks, the CD twelve. This matters as the eleventh track, "Souljah", is a high watermark of the album-long exercise in disparate fusion.

The post Manasseh Meets The Equaliser :: Dub The Millennium appeared first on Aquarium Drunkard.





Download audio: https://aquariumdrunkard.info/upload/11%20-%20Souljah.mp3
Read the whole story
bronzehedwick
41 days ago
reply
Very cool chill-out music.
Jersey City, NJ
Share this story
Delete

Long-Secret FBI Report Reveals New Connections Between 9/11 Hijackers and Saudi Religious Officials in U.S.

1 Comment
]

ProPublica is a nonprofit newsroom that investigates abuses of power. Sign up to receive our biggest stories as soon as they’re published.

A long-suppressed FBI report on Saudi Arabia’s connections to the 9/11 plot has revealed that Saudi religious officials stationed in the United States had more significant connections to two of the hijackers than has been previously known.

The 2016 report was released late Saturday night under an executive order from President Joe Biden, who promised to make it public no later than the 20th anniversary of the Sept. 11 attacks that killed 2,977 people and injured more than 6,000 others. The 16-page document was a final inventory of circumstantial evidence and leads from the FBI’s investigation of Saudi ties to the plot; it was heavily redacted.

Never miss the most important reporting from ProPublica’s newsroom. Subscribe to the Big Story newsletter.

Nonetheless, lawyers for families of the 9/11 victims, who are suing the Saudi kingdom in federal court, said the document provided important support to their theory that a handful of Saudis connected to their government worked in concert to assist the first two Qaida hijackers sent to the United States in January 2000.

“This validates what we have been saying,” said James Kreindler, one of the attorneys for the plaintiffs. “The FBI agents working this case detailed a Saudi government support network that was working in 1999, 2000 and 2001 to provide the hijackers with everything they needed to mount the attacks — apartments, money, English lessons, flight school.”

The Saudi government has always denied any role in the attacks, noting that al-Qaida and its former leader, Osama bin Laden, were sworn enemies of the royal family. But the 2016 report shows that FBI agents found evidence that several Saudi religious officials working in the United States had connections not only to people who assisted the hijackers but also to other Qaida operatives and suspected extremists. At the time, there were many Saudis in the country who had diplomatic credentials but were mainly involved in religious activity. The FBI later investigated many of them for extremism.

The FBI agents investigating possible Saudi involvement in the 9/11 attacks were part of a largely secret second phase of the bureau’s examination of the plot, called Operation Encore. The story of that inquiry, and the obstacles it faced, was first revealed last year by ProPublica and The New York Times Magazine.

The report released on Saturday was written by a senior analyst on the Encore team, John Nicholson, after the leader of the FBI’s Joint Terrorism Task Force in New York, Carlos Fernandez, decided with federal prosecutors to reassign Nicholson and the rest of his New York team, effectively shutting down their work.

Although the FBI stopped investigating the case, officials said, it kept the Encore file nominally open until earlier this year. The Justice Department repeatedly cited the continuing inquiry as a primary reason why it could not disclose Encore files to families of the 9/11 victims. But relatives of the victims say the U.S. government has maintained a shield of secrecy to protect the Saudi kingdom from embarrassing revelations.

“There is no reason this shouldn’t be brought to light,” said Christopher Ganci, a battalion chief in the New York Fire Department, whose father, Peter, was the highest-ranking fire official to die in the attacks. “The American people deserve to know this information. The ground troops, the FBI agents on the street, have been chomping at the bit to have this come out. It’s been so frustrating for them and for us.”

Among the pieces of new evidence cited in the 2016 report are telephone records showing that a Saudi graduate student who helped the two first hijackers to settle in San Diego was in contact with a Saudi religious official stationed in the United States, who in turn had connections to other Qaida operatives and later became a target of a new investigation.

The Saudi student, Omar al-Bayoumi, was a middle-aged man who rarely attended classes and was being paid surreptitiously by the Saudi Defense Ministry, where he had previously worked. Starting in 1998, the FBI had investigated him for suspected extremist activity, but that inquiry was inconclusive.

An FBI official who was a case agent for the bureau’s initial investigation of the attacks, Jacqueline Maguire, testified to the bipartisan 9/11 Commission in 2004 that “by all indications” Bayoumi’s first meeting with the hijackers “was a random encounter.” Maguire and other FBI officials have described Bayoumi as an unwitting accomplice.

But the Encore team came to believe that Bayoumi not only gave extensive help to the two Qaida operatives, Nawaf al-Hazmi and Khalid al-Mihdhar, but later lied about his dealings with them and others.

Although Mihdhar and Hazmi were seasoned Qaida operatives, they spoke virtually no English, could not read street signs and were unable to navigate around the United States without considerable help, people who knew them told investigators. The Encore team believed that a support network of Saudi officials and other extremists in Southern California mobilized before their arrival in Los Angeles on Jan. 15, 2000.

Witness testimony in the 2016 report provides the strongest evidence yet that on Feb. 1, 2000, Bayoumi went directly from a meeting at the Saudi Consulate in Los Angeles to a nearby cafe, where he waited for Hazmi and Mihdhar, approached them when they arrived and then spent about half an hour speaking with them.

Another witness, who appears to be a former Yemeni student in Los Angeles, told the FBI that a friend of his was tasked with helping the hijackers by a Saudi imam assigned to the Saudi Consulate, Fahad al-Thumairy. The FBI report quotes the witness as saying his friend, an Eritrean worshipper at Thumairy’s mosque named Mohammed Johar, was instructed to take the two hijackers to the cafe where they met Bayoumi.

In interviews through his lawyer with ProPublica and in his statements to the FBI, Johar denied having been asked by Thumairy to assist the hijackers as well as allegations that he provided lodging for them at Thumairy’s direction. According to the 2016 report, he said that a few days after the lunch meeting, he took Hazmi and Mihdhar to a Greyhound station to catch a bus to San Diego. They were met there by Bayoumi, who found them an apartment in his building, loaned them money to rent it, helped them arrange English classes and flying lessons, and introduced them to a circle of other Muslims, including the future Qaida cleric Anwar al-Awlaki.

FBI officials had previously described Bayoumi as having been in close telephone contact with Thumairy, the Saudi imam and consular official in Los Angeles. The 2016 report reveals that Thumairy was also in telephone contact with the family home in Saudi Arabia of two Qaida militants, Suleyman and Abd al Aziz Al-Khalidi, who were later captured in Afghanistan and sent to the U.S. detention camp at Guantanamo Bay, Cuba. The detainees’ older brother, Issa, was killed by Saudi forces during the 2004 kidnapping of an American worker in Saudi Arabia, Paul Johnson, who was beheaded by his captors.

According to the 2016 report, Thumairy also had telephone contacts with some alleged Muslim extremists in Los Angeles who were suspected of helping Ahmed Ressam, an Algerian who was captured by U.S. border agents as he tried to cross from Canada on his way to bomb Los Angeles International Airport in late 1999. It is not clear if the FBI determined the extent of those suspected connections.

The FBI investigated Thumairy after the attacks, and the State Department withdrew his diplomatic visa on the suspicion that he led a radical Islamist faction at the King Fahad Mosque in the Los Angeles suburb of Culver City. He was deported to Saudi Arabia when he tried to return to Los Angeles in 2003; he has denied knowing the hijackers or supporting militant causes. Investigators for the 9/11 Commission concluded that he was not a credible witness.

That 2016 report also cites an intriguing but briefly described report from a source that Thumairy received a telephone call from an unidentified person in Malaysia shortly before Hazmi and Mihdhar flew into Los Angeles International Airport on Jan. 15, 2000.

It has long been known that the CIA had the hijackers under surveillance in Malaysia as they met there with other Qaida operatives early that January, days before leaving for the United States. The CIA then lost the hijackers’ trail and neglected for more than 16 months to alert the FBI, even after learning that at least one of them had entered the United States.

The 2016 report also reveals a new layer to Bayoumi’s efforts, noting telephone records that show he was in touch with another Saudi religious official, Mutaeb al-Sudairy, who was then assigned to the Saudi Embassy in Washington. Significantly, “Bayoumi called Sudairy five times” during the crucial period when the hijackers met Bayoumi in Los Angeles and he helped them move to San Diego, the report says.

Sudairy, the son of a prominent Saudi family, traveled extensively in the United States as a Muslim missionary for the Saudi Ministry of Islamic Affairs, according to documents and interviews. During this period, the Encore report states that he also spent four months as the roommate of Ziyad Khaleel, a Palestinian-American extremist who was living in Missouri. The FBI investigated Khaleel for terrorism-related activities, including the procurement of a satellite phone for bin Laden, according to court documents and interviews. (Khaleel has since died.)

After the Sept. 11 attacks, an American who knew Sudairy in Missouri reported him to the FBI as a possible extremist. But the Saudi religious official had left the country, and the result of the report is not known.

In 2010, Sudairy caught the FBI’s attention again. While examining old phone activity of Bayoumi, an analyst on the Encore team discovered links to Sudairy. Soon afterward, the analyst learned that Sudairy and another official in the religious ministry had recently applied for new U.S. visas to study English at the University of Oklahoma. This was strange because the two Saudis were educated, wealthy officials who had lived and worked in the United States years earlier. Because of their suspected extremist links, agents believed that the plan to study in Oklahoma might be a cover for something more nefarious.

In contrast to other leads developed by the Encore team, FBI leaders took the matter seriously. They authorized an operation to put the two Saudis under full-time surveillance after they landed in the United States, former officials have told ProPublica.

But the episode ended when CIA officers in Riyadh, the Saudi capital, objected strongly to the FBI plan, one former official said. For reasons that remain unclear, the two Saudis canceled the visit at the last minute. Former investigators felt they lost an important opportunity to learn more about the suspected role of Saudi officials in the support network of the Sept. 11 hijackers. The new information about Sudairy raises even more questions about why U.S. authorities were not able to pursue the lead more aggressively in 2010.

Read the whole story
bronzehedwick
44 days ago
reply
Maaaaaaan
Jersey City, NJ
Share this story
Delete

Russia’s SolarWinds Attack and Software Security

1 Share

The information that is emerging about Russia’s extensive cyberintelligence operation against the United States and other countries should be increasingly alarming to the public. The magnitude of the hacking, now believed to have affected more than 250 federal agencies and businesses — ­primarily through a malicious update of the SolarWinds network management software — ­may have slipped under most people’s radar during the holiday season, but its implications are stunning.

According to a Washington Post report, this is a massive intelligence coup by Russia’s foreign intelligence service (SVR). And a massive security failure on the part of the United States is also to blame. Our insecure Internet infrastructure has become a critical national security risk­ — one that we need to take seriously and spend money to reduce.

President-elect Joe Biden’s initial response spoke of retaliation, but there really isn’t much the United States can do beyond what it already does. Cyberespionage is business as usual among countries and governments, and the United States is aggressively offensive in this regard. We benefit from the lack of norms in this area and are unlikely to push back too hard because we don’t want to limit our own offensive actions.

Biden took a more realistic tone last week when he spoke of the need to improve US defenses. The initial focus will likely be on how to clean the hackers out of our networks, why the National Security Agency and US Cyber Command failed to detect this intrusion and whether the 2-year-old Cybersecurity and Infrastructure Security Agency has the resources necessary to defend the United States against attacks of this caliber. These are important discussions to have, but we also need to address the economic incentives that led to SolarWinds being breached and how that insecure software ended up in so many critical US government networks.

Software has become incredibly complicated. Most of us almost don’t know all of the software running on our laptops and what it’s doing. We don’t know where it’s connecting to on the Internet­ — not even which countries it’s connecting to­ — and what data it’s sending. We typically don’t know what third party libraries are in the software we install. We don’t know what software any of our cloud services are running. And we’re rarely alone in our ignorance. Finding all of this out is incredibly difficult.

This is even more true for software that runs our large government networks, or even the Internet backbone. Government software comes from large companies, small suppliers, open source projects and everything in between. Obscure software packages can have hidden vulnerabilities that affect the security of these networks, and sometimes the entire Internet. Russia’s SVR leveraged one of those vulnerabilities when it gained access to SolarWinds’ update server, tricking thousands of customers into downloading a malicious software update that gave the Russians access to those networks.

The fundamental problem is one of economic incentives. The market rewards quick development of products. It rewards new features. It rewards spying on customers and users: collecting and selling individual data. The market does not reward security, safety or transparency. It doesn’t reward reliability past a bare minimum, and it doesn’t reward resilience at all.

This is what happened at SolarWinds. A New York Times report noted the company ignored basic security practices. It moved software development to Eastern Europe, where Russia has more influence and could potentially subvert programmers, because it’s cheaper.

Short-term profit was seemingly prioritized over product security.

Companies have the right to make decisions like this. The real question is why the US government bought such shoddy software for its critical networks. This is a problem that Biden can fix, and he needs to do so immediately.

The United States needs to improve government software procurement. Software is now critical to national security. Any system for acquiring software needs to evaluate the security of the software and the security practices of the company, in detail, to ensure they are sufficient to meet the security needs of the network they’re being installed in. Procurement contracts need to include security controls of the software development process. They need security attestations on the part of the vendors, with substantial penalties for misrepresentation or failure to comply. The government needs detailed best practices for government and other companies.

Some of the groundwork for an approach like this has already been laid by the federal government, which has sponsored the development of a “Software Bill of Materials” that would set out a process for software makers to identify the components used to assemble their software.

This scrutiny can’t end with purchase. These security requirements need to be monitored throughout the software’s life cycle, along with what software is being used in government networks.

None of this is cheap, and we should be prepared to pay substantially more for secure software. But there’s a benefit to these practices. If the government evaluations are public, along with the list of companies that meet them, all network buyers can benefit from them. The US government acting purely in the realm of procurement can improve the security of nongovernmental networks worldwide.

This is important, but it isn’t enough. We need to set minimum safety and security standards for all software: from the code in that Internet of Things appliance you just bought to the code running our critical national infrastructure. It’s all one network, and a vulnerability in your refrigerator’s software can be used to attack the national power grid.

The IOT Cybersecurity Improvement Act, signed into law last month, is a start in this direction.

The Biden administration should prioritize minimum security standards for all software sold in the United States, not just to the government but to everyone. Long gone are the days when we can let the software industry decide how much emphasis to place on security. Software security is now a matter of personal safety: whether it’s ensuring your car isn’t hacked over the Internet or that the national power grid isn’t hacked by the Russians.

This regulation is the only way to force companies to provide safety and security features for customers — just as legislation was necessary to mandate food safety measures and require auto manufacturers to install life-saving features such as seat belts and air bags. Smart regulations that incentivize innovation create a market for security features. And they improve security for everyone.

It’s true that creating software in this sort of regulatory environment is more expensive. But if we truly value our personal and national security, we need to be prepared to pay for it.

The truth is that we’re already paying for it. Today, software companies increase their profits by secretly pushing risk onto their customers. We pay the cost of insecure personal computers, just as the government is now paying the cost to clean up after the SolarWinds hack. Fixing this requires both transparency and regulation. And while the industry will resist both, they are essential for national security in our increasingly computer-dependent worlds.

This essay previously appeared on CNN.com.

Read the whole story
bronzehedwick
292 days ago
reply
Jersey City, NJ
Share this story
Delete

Justice Department Charges Zoom With Suppressing U.S. Calls About Tiananmen Square, at Behest of China

2 Comments and 3 Shares

Drew Harwell and Ellen Nakashima, reporting for The Washington Post:

A security executive with the video-tech giant Zoom worked with the Chinese government to terminate Americans’ accounts and disrupt video calls about the 1989 massacre of pro-democracy activists in Tiananmen Square, Justice Department prosecutors said Friday. […]

Prosecutors said the China-based executive, Xinjiang Jin, worked as Zoom’s primary liaison with Chinese law enforcement and intelligence services, sharing user information and terminating video calls at the Chinese government’s request.

Jin monitored Zoom’s video system for discussions of political and religious topics deemed unacceptable by China’s ruling Communist Party, the complaint states, and he gave government officials the names, email addresses and other sensitive information of users, even those outside China.

Outrageous in so many ways. How in the world can Zoom ever claim that calls are private and encrypted when they’ve clearly demonstrated the ability to monitor them, and abused that in patently offensive ways? Best to assume that every call made with Zoom is monitored by the Chinese government. Remember too that Zoom employs 700 Chinese nationals on its engineering staff. I’d be surprised if Zoom’s source code and server infrastructure was not riddled with backdoors and eavesdropping features.

Read the whole story
bronzehedwick
312 days ago
reply
Yikes. Tempted to repeatedly say Tiananmen Square in a Zoom and see what happens.
Jersey City, NJ
zippy72
312 days ago
reply
FourSquare, qv
Share this story
Delete
1 public comment
jqlive
309 days ago
reply
Wow. the xenophobia in the last 2 sentences is strong. Just because you hire Chinese nationals, doesn't automatically mean they're up to no good.
CN/MX
kyounger
299 days ago
Do you think the likelihood goes up, the more you hire? This isn't a slight on the Chinese people, but their government.
jqlive
292 days ago
No, I do not. That's like saying if you hire enough Mexicans, you'll get some cartel members, or if you hire enough Russians you'll get FSB agents. One bad overzealous actor does not represent an entire group of people.
Next Page of Stories