[cryptome] Cryptome, Twitter Deletions & Log Leaks & the Internet of Things

  • From: doug <douglasrankine2001@xxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Sat, 10 Oct 2015 12:57:08 +0100

Dear Colleagues,
I have been a follower of the Cryptome website almost since the day it opened, and usually visit it at least once a day, except when I am away on holiday. When I joined the Cryptome mailing list in 2013, I did so after reading all the posts since it started and decided that it had something to offer me in terms of new knowledge and experience, in return for which I would be able to share my own pennyworth with others. After a sticky start and a number of misunderstandings both by myself and by others, I have settled down and am thoroughly enjoying the experience and have gained a lot from my subscription, for which I thank our colleagues very much...and hope to continue doing so.

As most of you will know on this list, I am not a "techie" or "geek", understanding very little of the mathematics or the theory of computer software and hardware, and one of the reasons I subscribed was to find out more about those areas and how they affect the use of our computers. My own experience and knowledge of communications technology has been derived more from the practice of political dissent and the philosophy and practice of survival, both of the species...and more importantly...myself... :-). I don't subscribe to Twitter or Facebook...not because of any fears I may have, but because I have never felt the need for them. I therefore know next to nothing about them.

I have known for many years, at least since the 1960's about the surveillance which is carried out by the international intelligence and security services, both in the UK and abroad, as it was at that time I became a political dissenter, so called revolutionary and communist. In my time it was telephone tapping and opening of the post mainly, or taking photographs of people going on political demonstrations or attending "subversive" political meetings and taking notes of the speeches made, who attended etc. The more costly forms of surveillance were kept for the foreign diplomats, Soviet spies or for those people who tried to penetrate the British State or companies and contractors supplying secret services and goods, particularly in the arms industry and the military, and tried to steal patents or intellectual property etc. I have personally never discovered whether my telephone had been tapped or my post opened...that is not to say that it didn't happen of course, even though my role in the communist party and trades union movement was a purely minor one, and I was only a member for around 7 years, before becoming more learned and discerning and moved on to more interesting areas. It may well be that the British Security services respected my human rights, my right to privacy of communications, without a wiretap etc. I do know that the British communist party hq was broken in to by criminals, long after I left and that the personal details of all the members, including previous ones were stolen.

In my time, I have known some of the original founders of the British Communist Party, spoken with them and listened to their experiences and work for the communist party and the surveillance they came under, including travelling abroad, to those places which were considered as enemy lands and peoples. The reason I am saying this is because it is as well to remember that surveillance by the authorities has taken place, not only in your lifetime and my lifetime, but also since time immemoriam. Some of those records are now available in the National Archives and the Public Records Office (if one wants to pay for them). The difference nowadays is that new technology and the spread of I.T. and the cheapness and convenience of the internet of things, has led to mass forms of surveillance, collection of nearly all data on a global scale, by many, many intelligence services and the security sector, not only to mention the private sector which is much more sophisticated and in depth. The development of individual profiles and the use of sophisticated forms of sifting and sorting, echelon, and algorithms and their incorporation into a huge and wide variety of computer forensic tools, has meant that powerful generic tools have been turned into even more powerful targetting and surveillance tools, working in real time as well as in hindsight. In the private sector, organisations like Amazon are even using predictive software, attempting to anticipate the next book or consumer good a person is going to buy. Those predictions may seem somewhat banal and simple at the moment, but they are getting better at it. Goodness knows what is happening in the state sector.

Personally, I have never had any illusions about state or other surveillance taking place on or around Cryptome and its environs. In fact, I would be very surprised indeed if it wasn't happening. I am not surprised either, by the attacks on Cryptome which have come from various quarters, from the state intelligence and security agencies of various nations to representations by body corporates and their umbrella organisations for alleged breaches of their copyright, to sick individuals seeking credo from pwning or denials of access or for money, or misinformation being planted by trolls and others with ulterior motives. After all, Cryptome does specialise in revealing secret or compromising information, data, documents, either about the state or individuals working for the state, or others who are up to some kind of hanky panky, feathering their own nests or that of their friends, in the name of honesty, civility, sincerity and do gooding and such like...:-).

As part of the "open source" resources of the various intelligence services, it is a nice easy and quick way to find out what Cryptome knows and has published about what they have been up to, though Cryptome only manages to get access to the teeny weeniest of what they are up to or have been up to. The website has a wide user base too, associated with a number of different mailing lists and organisations which specialise in the same sort of areas, subject matter, human rights and whisteblowing. It also has many volunteers working for it, supplying it with information on an ad hoc voluntary basis, disseminating that information all over the world wide web, and it is very much an amateur organisation, beholden to no one but itself.

In fact, in my view it makes a unique and major contribtion to the field of human rights, computer education, security and intelligence, all of which is open source and John Young and Deborah Natzios should be congratulated for their dedication and time they have spent and do spend creating and developing Cryptome...For John Young, especially at his age, his output is quite incredible... :-). I particularly liked the warning he issues on the website regarding the main principles of security and about the individual's false sense of security being the main problem. I notice that this has been recently deleted...Such is the way of life of the internet...they move on... :-).

I have been following the correspondence with Mike Best on this list and at Cryptome's Twitter Account regarding his research on the Cryptome logs, and finding them "leaky" whatever that means! I personally would like to thank him very much for his drawing to my attention, the leak via this list, and I hope that we all learn from his research. However, I am not particularly concerned about it, having adopted the approach, long before Snowden confirmed it, that everything and everyone on this list, in common with all other lists and internet activitiy is surveilled not only by GCHQ but most other intelligence services, whether it be in real time or at some later date, or during a targetting operation, and that everyone who visits is recorded as to who they are, length,subjects explored, duration, time, date, and all the other metadata which is available for sifting and sorting, and that this behaviour has been going on for a very long time...logs being leaky or not. I have also been pointing this out for a long time...in common with others, as has John Young. However, there are still many who live under the illusion...

The deletion of a record, whether it be from Twitter or any other social internet group, doesn't mean a thing. All the experts agree that any deletion from a hard disk is temporary until such time as the hard disk is destroyed, and even then if it has been on the internet, it is still recorded somewhere, and the deletion can be undeleted using forensic software. It is interesting to note that the UK Intelligence Services Committee enquiry into protecting human rights suggested the method of deletion from the mass surveillance records of an individual as a way of protecting their human rights if the information was wrong. This suggestion shows either its ignorance of computer storage, or is a deliberate ploy to mislead the public. The only way to protect your secret and private data is not to go on the internet at all....and even then... :-).

For what it is worth Tor and Tails do not give absolute secrecy or anonymity to communications, neither does encryption. However, there are some who have fallen by the wayside who believed it does, and I dare say that there will be many more before the message sinks in...:-). These security systems have their uses of course.

There are various methods which can be used to recover the meta data and the plain text or message and these methods have also existed since time immemorium. This includes not only forensics, analysis, etc, but legal methods, such as compulsion on pain of imprisonment for contempt of court. In fact, historically, there are very few texts which haven't been broken. Cypher creation and cypher breaking go hand in hand. One can see one list of some of them at url: https://www.newscientist.com/round-up/unbreakable-codes/

Have fun... :-).
ATB
Dougie.
P.S. Snowden tells the truth. He is also a liar, and a hypocrite...just like me...and everyone else I know... :-). Heroes have a way of letting one down, I have noticed.










Other related posts: