Senate Confirms Gina Haspel as CIA Director

It looks like Donald Trump and members of the #Resistance have finally found common ground. Republicans, with the help of a half dozen democrats, just sent an ominous message to the world. An official directly involved in torture has been rewarded with power and status. Accountability, it would seem, is reserved for leaders who don't have the military strength or clout necessary to garner immunity, and for whistleblowers.

The CIA has a long and storied history of torturing people. When you hear the name Gina Haspel, think of Dan Mitrione. A monster who built a sound-proofed basement in his Uruguay residence so that he could test out his methods:

"If you ask me whether there were interrogations, I'd say no, because the unfortunate beggars who were being tortured had no way of answering because they were asked no questions. They were merely guinea pigs to show the effect of electric shock on different parts of the human body."

But hey, our leaders love their monsters. Especially when they're following orders . If there's an upside to this, it's that we get to see the true face of the American Deep State. -BB(2018-05-18)

Thomas Piketty: Oligarchy is Bipartisan

Matt Taibbi at Rolling Stone covers a recent paper by Thomas Pikkety:

"Piketty just puts numbers behind an observation that anyone covering recent American presidential elections could have made: That huge pluralities of voters on both sides of the aisle feel unrepresented and even insulted, and increasingly see both major parties as tools of the very rich... This simple idea, that the real split in American society was less like 50-50 and more like 99-1, was completely logical in a country where the top 1% owns more wealth than the bottom 90%."

Or, in Piketty's words, "high-education elites now vote for the 'left', while high-income/high-wealth elites still vote for the 'right' (though less and less so). I argue that this can contribute to explain rising inequality and the lack of democratic response to it, as well as the rise of 'populism'"

Thus the fracturing that's taking place within both parties as the oligarchs fight to maintain control. -BB(2018-03-31)

Both Parties Gorged on Facebook Data

What's scandal for one side is brilliance for the other. A member of Obama's 2012 analytics team (which scraped fives times as much data as Cambridge Analytica) explains how Facebook played favorites with regard to data access:

"'Facebook was surprised we were able to suck out the whole social graph, but they didn’t stop us once they realized that was what we were doing.' The social graph is Facebook's map of relationships between users and brands on its platform. And after the election, she recently acknowledged, Facebook was 'very candid that they allowed us to do things they wouldn't have allowed someone else to do because they were on our side.'"

Keep in mind that Cambridge Analytica is just one influence peddler in an industry devoted to subtle cognitive manipulation. There are customers with deep pockets in both the GOP and the Democratic Party.

Don't buy into the myth that you can protect your privacy on Facebook. The very act of using social media creates a significant trail of data. This information will be sold to the highest bidder and generously shared with spies at home and abroad. Social media is surveillance. The service is free because your personal data is the product. The only way to truly protect yourself is to opt out.

Big Brother, like the oligarhcy it serves, is bipartisan. -BB(2018-03-22)

AMD Processor Bugs Unearthed

First it was Intel, now it's AMD:

"The basic nature of some of these vulnerabilities amounts to complete disregard of fundamental security principles. This raises concerning questions regarding security practices, auditing, and quality controls at AMD."

Note how the researchers don't mince their words:

"The CHIMERA vulnerabilities are an array of hidden manufacturer backdoors inside AMD's Promontory chipsets."

I repeat, "manufacturer backdoors." In other words, deliberate neglect is a distinct possibility. In light of compartmented efforts like BULLRUN and the SIGINT Enabling Program, it would be naïve to think that these flaws are the product of innocent mistakes.

The IC's subversion programs didn't magically vanish after Ed Snowden went public. Implement whatever mitigation strategies you want and American spies will dance right over them. They don't call it information dominance for nothing. This report is a graphic reminder. Facing down the NSA/CIA entails severe controls. You've been warned -BB(2018-03-13)

The CIA Impersonates Kaspersky on The Internet

This is why, when it comes to nation-states, attribution is wishful thinking. Spy masters have invested the resources in technology and operational planning necessary to thwart investigators. Witness the CIA's Hive software:

"Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA..."

"Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated."

What? The CIA is masquerading as Kaspersky to launch attacks? Who would've guessed?... -BB(2017-11-09)

ICIJ Releases Paradise Papers

A campaign involving hundreds of journalists has spent the better part of a year wading through 13.4 million files acquired by the German newspaper Süddeutsche Zeitung. Here's a nutshell summary:

"[The investigation] reveals offshore interests and activities of more than 120 politicians and world leaders, including Queen Elizabeth II, and 13 advisers, major donors and members of U.S. President Donald J. Trump"

There are details about Apple's offshoring strategy. Other tech companies are also mentioned:

"One of the Kremlin-owned firms, VTB Bank, quietly directed $191 million into an investment fund, DST Global, that used the money to buy a large stake in Twitter in 2011. They also show that a subsidiary of the Kremlin-controlled energy giant Gazprom heavily funded an offshore company that partnered with DST Global in a large investment in Facebook."

Think of these documents every time you hear the political class mention "shared sacrifice". -BB(2017-11-05)

Vault 7 and The Specter of Vendor Collusion

A WikiLeaks press release describes the CIA's efforts to develop firmware-level rootkits:

"Included in this release is the manual for the CIA's 'NightSkies 1.2' a 'beacon/loader/implant tool' for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.

"While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization's supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise."

The notion that all of Silicon Valley's secret deals somehow ended in 2013 is delusional. In a recent interview Julian Assange calls out the usual suspects:

"Other companies affected by the CIA's hacking tools, such as Google, Microsoft and Apple, in contrast, simply forwarded WikiLeaks' offer to provide further information to their legal departments. Assange claims that this was done because these companies work with US intelligence agencies. It is also the reason that so many employees at such companies have US government security clearance, especially those who work in cybersecurity departments."

The bitter pill is this: you cannot have your cake and eat it too regardless of how much money the C-suites in the Bay Area throw at public relations and overt gestures of defiance. -BB(2017-03-23)

WikiLeaks Releases CIA Hacking Documents (Vault 7)

Years ago Cryptome warned that the CIA's role in mass surveillance was being overlooked. Today this claim is shown to be 100% spot on. WikiLeaks reveals that the CIA is neck deep in hacking.

"By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified."

Cryptome has a history of being correct about spies and their ops. And so I'll repeat a prescient observation from John Young:

"The last thing CIA and its supporters want is a revelation of its manipulation of civilian leaders institutionalized by the 1947 National Security Act (also opposed by the military)."

Note the mention of anti-forensic techniques. Does this raise a few questions about allegations of Russian hacking? There's a reason why President Truman regretted the cloak and dagger authorization he granted the CIA. -BB(2017-03-07)

Update: The CIA has responded with an official statement. Which is essentially a pack of lies. The CIA's job is to implement policy which is mandated primarily by economic elites and organized groups representing business interests. It exists to assist in opening up markets and providing access to resources on behalf of oligarchic factions. Executive Order 12333 enables CIA operations within our borders. As Dennis Kucinich correctly notes "we are sliding down the slippery slope toward totalitarianism."

Several weeks ago, an exec at Microsoft called for a "Digital Geneva Convention." This may be interpreted as a public relations gesture by a documented NSA partner. Arms control in the cyber realm is nothing more than pleasant fiction.