Lost Chapter Now Available

There are reasons why an open debate about the role of money in politics has been stymied. It goes without saying that a truly honest conversation about the formulation of public policy is bound to make the vast majority of elected officials uneasy. The relatively small group at the top of the income spectrum is in a position where they can exert their leverage, directly or indirectly, to muddy the water and silence dissent. In some cases the mere threat of reprisal is enough to quell voices of opposition.

The 1st edition of The Rootkit Arsenal, published back in the summer of 2009, included a short epilogue that raised questions about the underlying integrity of the political system in the United States. It used the metaphor of a malware infestation to discuss aspects of popular participation and means of control. In preparing the forthcoming 2nd edition, this material has been extended and explores territory that has just barely received attention from the major news outlets. Though the publisher has opted not to include this content, it has been made available here.

The War Logs and "National Security"

In this article from the Daily Beast we see the U.S. government admitting that the Significant Activity reports in question (the documents contained in the Iraq and Afghan war logs) did NOT contain information that would compromise our key sources.

"Would a SIGACT, if it was released, compromise our key sources?"

"No sir."

National security is the perfect apology, an all-purpose justification used to marginalize us and give free reign to those who would abuse it. -BB(2011-12-18)

The 2012 National Defense Authorization Act

This op-ed, written by two retired four-star Marine generals, notes that U.S. legislators believe that we must choose between our safety and our ideals:

"One provision would authorize the military to indefinitely detain without charge people suspected of involvement with terrorism, including United States citizens apprehended on American soil. Due process would be a thing of the past. Some claim that this provision would merely codify existing practice. Current law empowers the military to detain people caught on the battlefield, but this provision would expand the battlefield to include the United States -- and hand Osama bin Laden an unearned victory long after his well-earned demise."

For details, see section 1031 of this bill. The very fact that something of this nature has been attempted should raise a red flag. As Dave Lindorff observes:

"A hollowed-out country like the this one, which is under-funding education, health care, infrastructure investment, research, and environmental protection, while its governing class steadily disenfranchises, disempowers, and impoverishes the public while systematically taking away their right to protest, is ultimately doomed."

Dana Priest has reported, on the vast domestic security apparatus that was built up in the wake of 9/11. Re-visit the above op-ed one more time and consider this development. Then consider who funds all those lobbyists in D.C. -BB(2011-12-17)

Putting a Face on the 1%

Sylvia Allegretto, a labor economist from Berkeley takes a look at the Forbes 400 and compares it to the Survey of Consumer Finances (SCF).

"The Forbes list reveals that six Waltons -- all children (one daughter-in-law) of Sam or James 'Bud' Walton the founders of Wal-Mart -- were on the list. The combined worth of the Walton six was $69.7 billion in 2007 -- which equated to the total wealth of the entire bottom thirty percent!"

Six people own more than the bottom 30%. Can you imagine the political influence these six people have? Somebody funds all those lobbyists. It's only natural that these people have moved to cut back on employee benefits. -BB(2011-12-15)

Related: The Guardian reports that the top one percent received 27-40% pay hikes last year. How are you doing?

Old School Journalists Line Up

Julian Assange has recently become a target for columnists like David Brooks and Marc Thiessen . They say he's an "old-fashioned anarchist" and that WikiLeaks is a "criminal enterprise." Really?

David Samuels provides a degree of clarity to what's really at stake.

"The fact that so many prominent old school journalists are attacking him with such unbridled force is a symptom of the failure of traditional reporting methods to penetrate a culture of official secrecy that has grown by leaps and bounds since 9/11, and threatens the functioning of a free press as a cornerstone of democracy."

"The result of this classification mania is the division of the public into two distinct groups: those who are privy to the actual conduct of American policy, but are forbidden to write or talk about it, and the uninformed public, which becomes easy prey for the official lies exposed in the Wikileaks documents"

John Young of Cryptome chimes in about the media's double standard:

"This scapegoating of WikiLeaks and Assange by the New York Times counsel commences a defense against prosecution for conspiracy. Expect all those who have profited from the WikiLeaks salacious material and worldwide consumption of it, including the WSJ, will do the same. Official secrecy is the biggest cause of leaks, and nobody leaks more than governments and lawyers in their own interest, under guise of national security, law and order, fair play, and other dissimulation."

The media relies heavily on the government as a source of information. You can expect the major outlets to tow the line. -BB(2011-12-14)

Why They Occupy

While critics have claimed a lack of focus, this is just misinformation. As Robert Fisk explains, people are outraged because:

"They have for decades bought into a fraudulent democracy: they dutifully vote for political parties which then hand their democratic mandate and people's power to the banks and the derivative traders and the rating agencies, all three backed up by the slovenly and dishonest coterie of 'experts' from America's top universities and 'think tanks', who maintain the fiction that this is a crisis of globalization rather than a massive financial con trick foisted on the voters."

Mark Shields adds:

"I think the message, which is, people say, unclear is a lot stronger than the messenger... It cuts across partisan, religious, racial, age divisions. So I think that is a direct consequence of the movement. I think the movement's message has been very effective in getting across."

Internet Freedom Hypocrisy

Our Secretary of State proclaims the following during a speech at the Hague:

"This is an urgent task. It is most urgent, of course, for those around the world whose words are now censored, who are imprisoned because of what they or others have written online, who are blocked from accessing entire categories of internet content, or who are being tracked by governments seeking to keep them from connecting with one another."

Glenn Greenwald points out the obvious double standard:

"What Hillary Clinton is condemning here is exactly that which not only the administration in which she serves, but also she herself, has done in one of the most important Internet freedom cases of the last decade: WikiLeaks. And beyond that case, both Clinton specifically and the Obama administration generally have waged a multi-front war on Internet freedom."

Once again, Clinton wields the unspoken assumption of American exceptionalism. -BB(2011-12-09)

Related: WikiLeaks has published an information pack on the banking blockade.

The Oligarchy Spells Out Its Endgame

Henry Ford paid his workers enough so that they could buy the cars they produced. Alan Nasser points out that this dynamic has changed:

"Conventional economic wisdom teaches that it is not in the interests of employers to drive wages down to desperation levels, since most consumers are wage earners and consumption demand generates from 66 to 72 percent of the Gross Domestic Product. Were employers to drive wages too low they would at the same destroy their customer base, which is good for neither capital nor labor. This line of reasoning assumes that capitalism is organized such that each nation's labor market is both entirely domestic and the sole source of the demand for its economy's output. But capitalism is a global system and its sovereign components are not closed economies."

The emergence of demand in other countries will allow business leaders to profit by hollowing out of the American middle class. Our loss is their gain because they don't care what we can or cannot afford. After all, they can always give us loans so that we can purchase what they tell us we should have.

These people at the top are pressing their advantage and they're in this game to take it all. -BB(2011-12-03)

The U.S. Financial System and Drug Money

Years ago I read about this in Michael Ruppert's book Crossing the Rubicon, but wasn't sure what to make of it. Here we see that Mr. Ruppert was indeed right on target:

"Banking powerhouse Wachovia Corp. last year agreed to pay $160 million in forfeitures and fines after U.S. federal prosecutors accused it of 'willfully' overlooking the suspicious character of more than $420 billion in transactions between the bank and Mexican currency-exchange houses - much of it probably drug money, investigators say."

As Ruppert points out, any business with access to cheap raw materials (capital, in the case of banking) has an notable advantage. Large banks might just overlook half a trillion dollars worth of drug-related business because it serves shareholders.

Notice how no one goes to jail for fundamentally enabling an industry that results in untold misery and destruction. Again, this just goes to show you who really runs this country. -BB (2011-12-02)

Related: check out Roger Ebert's review of Ruppert's 2009 documentary.

The International Mass Surveillance Industry

There's a whole industry that caters to police states. WikiLeaks is helping to expose it.

"'Who here has an iPhone?' Assange asked attendees of the press conference in London. 'Who here has a Blackberry? Who here uses Gmail? Well you are all screwed. The reality is intelligence contractors are selling right now to countries across the world mass surveillance systems for all of those products.'"

Assange also warns that:

"SSL is no longer safe and alleged that intelligence agencies have compromised Certificate Authorities (CAs). CAs issue digital certificates used for SSL. Hundreds of intermediate CAs can issue SSL certificates linked back to a root CA."

This is not a good sign. -BB(2011-12-02)

Bailout Secrets Revealed

Again, we see how secrecy is used to marginalize us.

"The Fed didn't tell anyone which banks were in trouble so deep they required a combined $1.2 trillion on Dec. 5, 2008, their single neediest day. Bankers didn't mention that they took tens of billions of dollars in emergency loans at the same time they were assuring investors their firms were healthy. And no one calculated until now that banks reaped an estimated $13 billion of income by taking advantage of the Fed's below-market rates."

"The amount of money the central bank parceled out was surprising even to Gary H. Stern, president of the Federal Reserve Bank of Minneapolis from 1985 to 2009, who says he 'wasn't aware of the magnitude.' It dwarfed the Treasury Department's better-known $700 billion Troubled Asset Relief Program, or TARP. Add up guarantees and lending limits, and the Fed had committed $7.77 trillion as of March 2009 to rescuing the financial system, more than half the value of everything produced in the U.S. that year."

Lawmakers weren't aware of details. Even they were marginalized. This fact, all by itself, demonstrates who wields the real power in this country. -BB(2011-11-29)

Secrecy and Soft Money in D.C.

A couple of weeks ago, 60 Minutes ran a story that examines ideas presented in a book written by Peter Schweizer of the Hoover Institute. Schweizer contends that:

"The fact is, if you sit on a healthcare committee and you know that Medicare, for example, is considering not reimbursing for a certain drug that's market moving information. And if you can trade stock off of that information and do so legally, that's a great profit making opportunity. And that sort of behavior goes on."

"The buying and selling of stock by corporate insiders who have access to non-public information that could affect the stock price can be a criminal offense, just ask hedge fund manager Raj Rajaratnam who recently got 11 years in prison for doing it. But, congressional lawmakers have no corporate responsibilities and have long been considered exempt from insider trading laws, even though they have daily access to non-public information and plenty of opportunities to trade on it."

"In mid September 2008 with the Dow Jones Industrial average still above ten thousand, Treasury Secretary Hank Paulson and Federal Reserve Chairman Ben Bernanke were holding closed door briefings with congressional leaders, and privately warning them that a global financial meltdown could occur within a few days. One of those attending was Alabama Representative Spencer Bachus, then the ranking Republican member on the House Financial Services Committee and now its chairman."

"These meetings were so sensitive-- that they would actually confiscate cell phones and Blackberries going into those meetings. What we know is that those meetings were held one day and literally the next day Congressman Bachus would engage in buying stock options based on apocalyptic briefings he had the day before from the Fed chairman and treasury secretary. I mean, talk about a stock tip."

They say that the grandfather clock in the Skull-and-Bones Tomb at Yale is set 5 minutes fast. There's something to this, as financial institutions profit by being first, being smarter, or by cheating. Offering access to information, which can then be monetized, is a more subtle means of influence peddling. Compare this to the brazen tactics of a lobbyist like Grover Norquist, who'll threaten to unseat Republicans who don't sign his pledge. As Cryptome's John Young explains.

"Secrecy poses the greatest threat to the United States because it divides the poplulation into two groups, those with access to secret information and those without. This asymmetrial access to information vital to the United States as a democracy will eventually turn it into an autocracy run by those with access to secret informaton, protected by laws written to legitimate this privileged access."

This may help to explain why the founders of the CIA were heavily involved in finance. -BB(2011-11-27)

Against the Corporatocracy

Reading a DHS threat assessment of the Occupy Pittsburgh campaign, authorities seem to think that the protests are primarily "focused on the banking and finance sector."

This merely hints at the core goals of this movement, which aims to instigate a "soft regime change" to "end the pervasive corruption at the heart of our political system, in which corporate money wins elections, drafts laws and trumps citizen desires."

It's not just indignation at the all-consuming greed of certain financial institutions. It's a desire to fundamentally alter our political institutions to remove the influence of big money. -BB (2011-11-25)

EU Enters its Endgame

In this New York Times op-ed Ross Douthat describes how the 'Groupe de Francfort (GdF)' is reminding everyone who's really in charge:

"There were few tears in Italy and Greece for Silvio Berlusconi and George Papandreou, the prime ministers -- respectively corrupt and hapless -- whose downfalls were engineered by the Brussels-Berlin-Paris axis. But their forced departures, however welcome, open a troubling window on what a true European state would look like. Stability would be achieved at the expense of democracy: the rituals of parliaments and elections would endure, but the real decision-making power would pass permanently to the forces represented by the so-called 'Frankfurt Group' -- an ad hoc inner circle consisting of Germany's Angela Merkel, France's Nicolas Sarkozy and a cluster of bankers and E.U. functionaries, which has been spearheaded European crisis management since October."

You can expect to see more of this as decision makers encourage us to passively accept what's transpiring. -BB(2011-11-20)

Financial Lobbying Firm Proffers Attacks Against OWS

Lobbyists see a chance to cash in.

"A well-known Washington lobbying firm with links to the financial industry has proposed an $850,000 plan to take on Occupy Wall Street and politicians who might express sympathy for the protests...The proposal was written on the letterhead of the lobbying firm Clark Lytle Geduldig & Cranford and addressed to one of CLGC's clients, the American Bankers Association."

This is a novel trench-level view of the 1%'s propaganda machine. -BB(2011-11-19)

Related: Read about the "Lower Manhattan Security Initiative." The decision makers have been quietly coordinating their own strategy.

Rootkit Arsenal Plagiarism

Very interesting...

"The InfoSec Institute (infosecinstitute.com) offers a variety of training on security topics such as penetration testing and reverse engineering. After it was discovered that ISI took large portions of material from Corelan.be without credit or license, additional review was performed of available material. This included a presentation from founder/owner Jack Koziol and other contract instructors. It became clear that the Corelan incident was not a one-off, and likely not the work of a rogue contractor as ISI claimed."

Greetings to Reddit and attrition.org. -BB(2011-11-19)

The Growing Edifices of the Security State

In the wake of 9/11 our decision makers funneled hundreds of billions of dollars into our intelligence apparatus. Yet, as Richard Clark explains:

"We're all very glad that bin Laden has finally been caught, but it was a handful of people. It wasn't this enormous, bloated, tens of thousands of people apparatus that we've set up. It was a small, highly-skilled, highly dedicated group of intelligence analysts. That's who found him, not all of these contractors, not these giant agencies and giant centers."

This point raises other questions. Dana Priest, for example, asks:

"Why do we need such a large intelligence effort ---the 1,300 agencies we identified that are a part of this effort--- to defeat a couple thousand people?"

Perhaps Chris Hedges can shed some light on the topic:

"George Orwell wrote that all tyrannies rule through fraud and force, but that once the fraud is exposed they must rely exclusively on force. We have now entered the era of naked force. The vast million-person bureaucracy of the internal security and surveillance state will not be used to stop terrorism but to try and stop us."

As Miles Copeland has observed, our security services are firmly a part of the establishment. -BB(2011-11-15)

Related: City Councilman Ydanis Rodriguez would probably agree.

Politics: "The Shadow Cast on Society by Big Business"

Chomsky describes how the elite have given up on the social contract that emerged after WWII. Now they're just out to save themselves.

"In the past 30 years, the 'masters of mankind,' as Smith called them, have abandoned any sentimental concern for the welfare of their own society, concentrating instead on short-term gain and huge bonuses, the country be damned -- as long as the powerful nanny state remains intact to serve their interests."

The New York Times just published an op-ed by Jeff Sachs where he offers a few ideas on how to implement change:

"Shareholders, for example, should pressure companies to get out of politics. Consumers should take their money and purchasing power away from companies that confuse business and political power."

Is this realistic, given that large segments of shareholders might actually have a vested interest in lobbying elected officials? Will we, as consumers, be able to act as a countervailing force? It may not be so simple. The people that actually control this country have demonstrated in the past exactly how far they'll go to maintain control and criminalize dissent. -BB(2011-11-14)

Related: The Miracles of Modern Propaganda

"Ronald Reagan beat out Franklin Delano Roosevelt as the former president Americans would like to see in the White House during these trying economic times."

National Security, Secrecy, and Viktor Bout

Viktor Bout is an international arms dealer who hails from Russia. He was extradited to the United States in 2010 from a prison in Thailand. Earlier this month he was convicted of conspiracy to kill U.S. citizens and provide aid to a terrorist organization.

Daniel Estulin traveled to Thailand to interview Bout before he was extradited.

The New York Times points out that:

"Irbis Air [Owned by Bout] landed in Baghdad 92 times between January and May 2004, while also conducting deliveries elsewhere in Iraq. Mr. Bout earned $60 million between 2003 and 2005 -- in addition to the free fuel that the United States military gave to regular cargo operators."

"Mr. Bout's client list in Iraq made for intriguing and damning reading: The United States Air Mobility Command, Federal Express, Fluor and KBR, among others. At the time Mr. Bout was supposedly wanted by the F.B.I. and the C.I.A., as well as being the subject of an Interpol arrest warrant."

Apparently the law does not apply to people who are useful to decision makers. Our rulers conveniently turn a blind eye and then shroud what's going on under the veil of national-security-imposed secrecy. The decision makers themselves are likewise immune. -BB(2011-11-12)

The Danger of a Band-Aid Solution

In an article that's been published by The Economist readers are told that:

"Braver politicians would focus on two things. The first is tackling the causes of the rage speedily. Above all that means doing more to get their economies moving again."

In a sense, there's misdirection taking place. The state of our economy is not a root cause, only a symptom. The markets upon which our economy is based are governed by rules that our legislators establish. Starting in the 1970s, industry leaders got organized and executed what is essentially a corporate coup. The market crash of 2008 is merely a natural result of this.

Talking about the economy is easier, it saves people from facing a more painful reality about who runs this country and how they operate. Better to stick to band-aid solutions that placate Main Street without really threatening Wall Street. This is tragic, because the fundamental problem and its consequences will continue to plague us despite how we address its symptoms. -BB(2011-11-09)

The Intellectual Corruption of The 1%

NYC Mayor Michael Bloomberg shows his true colors when explaining the cause of the mortgage crisis:

"It was not the banks that created the mortgage crisis. It was, plain and simple, Congress who forced everybody to go and give mortgages to people who were on the cusp."

Matt Taibbi reveals this for what it is: a pathetic conservative talking point.

"This was an orgiastic stampede of lending, undertaken with something very like bloodlust. Far from being dragged into poor neighborhoods and forced to give out home loans to jobless black folk, companies like Countrywide and New Century charged into suburbs and exurbs from coast to coast with the enthusiasm of Rwandan machete mobs, looking to create as many loans as they could."

"They lent to anyone with a pulse and they didn't need Barney Frank to give them a push. This was not social policy. This was greed. They created those loans not because they had to, but because it was profitable. Enormously, gigantically profitable -- profitable enough to create huge fortunes out of thin air, with a speed never seen before in Wall Street's history."

Later on he adds that:

"The whole game was based on one new innovation: the derivative instruments like CDOs that allowed them to take junk-rated home loans and turn them into AAA-rated instruments. It was not Barney Frank who made it possible for Goldman, Sachs to sell the home loan of an occasionally-employed janitor in Oakland or Detroit as something just as safe as, and more profitable than, a United States Treasury Bill. This was something they cooked up entirely by themselves and developed solely with the aim of making more money."

Personally, I'm amazed that Bloomberg was able to keep a straight face while he offered up his twisted version of reality. I mean, c'mon, who do you think spends all that money lobbying congress? Could it be any more obvious who owns these politicians? -BB(2011-11-04)

Related: Nobel Prize winner Paul Krugman takes on those attempting to discredit the recent CBO findings:

"The usual suspects have rolled out some familiar arguments: the data are flawed (they aren't); the rich are an ever-changing group (not so); and so on. The most popular argument right now seems, however, to be the claim that we may not be a middle-class society, but we're still an upper-middle-class society, in which a broad class of highly educated workers, who have the skills to compete in the modern world, is doing very well."

"It's a nice story, and a lot less disturbing than the picture of a nation in which a much smaller group of rich people is becoming increasingly dominant. But it's not true."

"Workers with college degrees have indeed, on average, done better than workers without, and the gap has generally widened over time. But highly educated Americans have by no means been immune to income stagnation and growing economic insecurity. Wage gains for most college-educated workers have been unimpressive (and nonexistent since 2000), while even the well-educated can no longer count on getting jobs with good benefits. In particular, these days workers with a college degree but no further degrees are less likely to get workplace health coverage than workers with only a high school degree were in 1979."

As one commentator from The Economist stated:

"If we don't agree that rich people have more political power than poor people and that they use that power to pursue their economic interests, then we've really got a communications problem."

Duqu C2 Moves to Belgium

This story demonstrates that identifying the geographic origin of an attack doesn't necessarily result in attribution...

In a recent report, the Office of the National Counterintelligence Executive (ONCIX) admits this flat out.

"US private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China, but the IC [intelligence community] cannot confirm who was responsible."

Nevertheless, officials will make a lot of noise about this, perhaps blaming China despite the fact that they don't really know who's actually responsible, because they need to frame what's happening such that it will benefit them in terms of control and federal funding. -BB(2011-11-03)

How The 1% Implements Social Control

Noam Chomsky speaks out in an interview published by Guernica:

"About 80% of the businesses in Mexico are involved in one manner or another with the drug racket. Now once you start publishing things like that and looking into it, you're getting to the power centers of Mexican society, and they're simply not going to want to be exposed. If they can use the drug assassins to stop it, they will."

"The drug problem is in the United States, not in Mexico. It's a demand problem and that is to be dealt with here, and it is not being dealt with. It's been shown over and over that prevention and treatment are far more cost effective than police action, out-of-country action, border control, and so on. But the money goes in the other direction and never has an impact."

"Only two plausible answers to that. All the leaders are collectively insane, which we can rule out, or else they are just pursuing different goals. Abroad, it's a counterinsurgency campaign, cover for counterinsurgency in Colombia. At home, it's a way of getting rid of a superfluous population."

"Governments are not in the business of catering to their citizens. It's as old as Adam Smith. The governments work for their main constituencies. When the Republicans come into office with plans to increase benefits for the wealthy -- like making sure that the super wealthy get tax cuts, making sure that the insurance companies and the financial institutions are unconstrained in their operations -- that's not for the benefit of U.S. citizens. That's for the benefit of their constituency. Same when Obama poured money into the banks. That's his constituency. In fact, that's the main source of his campaign funding. The things governments are doing here that have harmful effects abroad are not being done for the benefit of the citizens here."

Being from a state that tends to spend more on prisons than on education, I'm inclined to agree with Professor Chomsky. -BB(2011-10-30)

CBO Report Released

Eugene Robinson states in a Washington Post op-ed:

"The hard-right conservatives who dominate the Republican Party claim to despise the redistribution of wealth, but secretly they love it - as long as the process involves depriving the poor and middle class to benefit the rich, not the other way around. That is precisely what has been happening, as a jaw-dropping new report by the nonpartisan Congressional Budget Office demonstrates. Three decades of trickle-down economic theory, see-no-evil deregulation and tax-cutting fervor have led to massive redistribution. Another word for what's been happening might be theft."

It should be interesting to see how the commentators at Fox News try to discredit this report. -BB(2011-10-28)

Related: Ralph Nader, in a Couterpunch article, states that:

"Each new protest gives the protesters new insights. The protestors are learning how to challenge controlling processes. They are assembling and using their little libraries on site. They are learning the techniques of open, non-violent civil disobedience and building personal stamina. They are learning not to be provoked and thereby win the moral authority struggle which encourages more and more people to join their ranks."

Nothing Beats a Fixed Fight

Bernie Sanders laments the state of our financial system. He warns that:

"Not only do they run the banks, they run the institutions that regulate the banks."

This approach seems to be working out very well for the 1%. What this means is that the Occupy Movement has its work cut out for it, going up against an entrenched and formidable power structure. As one participant notes, they seem to have, at least for the time being, avoided a common pitfall:

"The good news is that even those Occupiers who do not identify as anti-capitalist/radical/revolutionary seem to recognize that the political system as presently constituted is irredeemably broken and that, consequently, selling the movement out to Democratic Party would be, at best, a gross exercise in futility"

Where to go from here? They can't bide their time forever. Perhaps they can learn something from the Civil Rights Movement. -BB(2011-10-20)

Related: This is who Occupy Wallstreet is up against. An economic "super-entity" that spans nations in such a manner that "a large portion of control flows to a small tightly-knit core of financial institutions." In short, the United States has been rooted. The only thing that will save us will be to rebuild the system.

A comedian, of all people, realized this years ago.

Duqu Red Herring

Symantec describes a Remote Access Trojan (RAT) that doesn't self-replicate. It also lacks industrial control system features. Though, according to Symantec, parts of Duqu are indentical to Stuxnet. Additional details can be gleaned from Wired.

George Smith cautions against hysteria and presumption:

"Once a thing is in world circulation it is not protected or proprietary property. Such malicious code may contain hindrances to copying or reverse engineering but these can be overcome given enough effort. Add to this the fact that source code for malware has never been secure. It always becomes something coveted by many, often in direct proportion to its fame. Therefore, it would not be surprising given the Byzantine and secretive interlinked nature of this world, that Stuxnet code had leaked, even if only in bits and pieces."

If I were running a black bag op and wanted to misdirect investigators, this is definitely an approach that I would consider. Nothing beats muddying the waters. -BB(2010-10-19)

Related: For all the hype surrounding cyberwar, even the United States resists the temptation because:

"Administration officials and even some military officers balked, fearing that it might set a precedent for other nations, in particular Russia or China, to carry out such offensives of their own, and questioning whether the attack could be mounted on such short notice. They were also unable to resolve whether the president had the power to proceed with such an attack without informing Congress."

Oh, and while you're fixated on this RAT, never mind the rise of the Plutonomy...

Striking at The Root

Lawrence Lessig explains why people are occupying Wall Street:

"As every financial analyst not dependent upon the corruption that is Wall Street has screamed since the bill was passed, financial reform changed nothing. We are more at risk of a major financial collapse today than we were a decade ago. And the absolutely obscene bonuses of an industry that pays twice its pretax profits in salaries are even more secure today."

Then he continues on to explain how the political rootkit maintains control:

"Neither party dares to cross Wall Street, since both parties know they could not win control of Congress or the White House without Wall Street's money. So they feed the addiction, and ignore the real work that they should be doing."

The idea that we live in a representative democracy is a misconception. It doesn't matter who gets elected if the lobbyists simply buy off whoever happens to be in office. -BB(2011-10-05)

Related: Mother Jones has published a couple of instructive articles on economic inequality and the state of unions

The DHS Examines Stuxnet

"'The virus was brought back in here and run in a contained facility against actual control system equipment so that we could study those effects to release mitigation measures to the general public,'... Edwards would not reveal details of the analysis because it was sensitive information."

In a sense, this report appears to contradict claims that the United States created Stuxnet. Would the DHS really spend all this effort dissecting Stuxnet if they could get their hands on technical specifics the easy way? Or, perhaps the right hand doesn't know what the left hand is doing in the body politic of US Intelligence? -BB(2011-09-30)

Measuring Risk: Cybergeddon or Goldman Sachs?

In a truly incredible fit of candor, a trader being interviewed by the BBC stated that:

"Most traders we don't really care about having a fixed economy, having a fixed situation, our job is to make money from it... Personally, I've been dreaming of this moment for three years. I go to bed every night and I dream of another recession... This is not a time right now for wishful thinking that governments are going to sort things out... The governments don't rule the world, Goldman Sachs rules the world."

Faced with such honesty, detractors have tried to scream hoax. To no avail. The BBC stands by its story, and a group of pranksters known as the "Yes Men" have also denied involvement. The Yes Men web site comments:

"Who in big banking doesn't bet against the interests of the poor and find themselves massively recompensed - if not by the market, then by humongous taxpayer bailouts? Rastani's approach has been completely mainstream for several years now; we must thank him for putting a human face on it yesterday."

For all of the media hype that's accompanied the notion of cybergeddon and the fear-mongering that another nation will bring down our banking system, the raw numbers speak volumes. In terms of actual loss I think people would be well advised to much more frightened of Goldman Sachs. -BB(2011-09-26)

Related: The New York Times reports that "protesters say they so distrust their country's political class and its pandering to established interest groups that they feel only an assault on the system itself can bring about real change."

Wall Street Market Manipulation

"A Wall Street regulator said industry complaints about market manipulation and trade reporting have spiked this year, raising questions about the adequacy of banks' internal controls over their traders."

Related: Senate report on the 2008 collapse.

"This Report is the product of a two-year bipartisan investigation by the U.S. Senate Permanent Subcommittee on Investigations into the origins of the 2008 financial crisis. The goals of this investigation were to construct a public record of the facts in order to deepen the understanding of what happened; identify some of the root causes of the crisis; and provide a factual foundation for the ongoing effort to fortify the country against the recurrence of a similar crisis in the future."

Related: This New York Times article claims that "A Secretive Banking Elite Rules Trading in Derivatives."

"In theory, this group exists to safeguard the integrity of the multitrillion-dollar market. In practice, it also defends the dominance of the big banks. The banks in this group, which is affiliated with a new derivatives clearinghouse, have fought to block other banks from entering the market, and they are also trying to thwart efforts to make full information on prices and fees freely available."

All the destruction of a WMD without the radioactive aftertaste - BB(2011-09-21)

Moving Towards a Garrison State

Many thanks to Bruce Schneier for directing me towards this report.

"An ACLU report release to coincide with the 10th anniversary of 9/11 warns that a decade after the attacks, the United States is at risk of enshrining a permanent state of emergency in which core values must be subordinated to ever-expanding claims of national security."

Remember, there's a reason why Orwell is censored in China. Silent weapons are being deployed in a quiet war against the state's most dangerous enemy, it's own population. Control versus Liberty: choose. -BB(2011-09-12)

Related: Dick Destiny adds a few words along this line.

"Arms control agencies, any public information source that didn't directly serve the war on terror by finding new threats, any threats, went silent, were marginalized or ceased to exist. It's a matter of economics and capitalism. There is no money in not feeding the fear."

DigiNotar Hacker Speaks

It appears that a hybrid (Ring-0/Ring-3) rootkit may have been used in the DigiNotar hack.

"a) I'm single person, do not AGAIN try to make an ARMY out of me in Iran. If someone in Iran used certs I have generated, I'm not one who should explain."

"b) This attack was really more sophisticated than simple Stuxnet worm. 0-days? I already have discovered similar bugs, trojan? I already wrote most sophisticated undetectable ring0 and ring3 rootkit (works together), signing certificates? huh, man! I have around 300 code signing certificates and a lot of SSL certs with again code signing permission, look at Google's cert, I have code signing privilege! You see? I owned an entire computer network of DigiNotar with 5-6 layer inside which have no ANY connection to internet, I have so much to explain, but later... You have to wait!"

It would be interesting to see exactly how this was done. -BB(2011-09-07)

Related: GlobalSign freaks out.

APT Origins

Infiltrated.net offers a welcome antidote to the growing misconception that China is the world's source of all APTs:

"We often forget that not too long ago that the boogeyman was Russia. That threat came during the arms race (Cold War) and it was business as usual then too. Many companies profited heftily during this period and I am sure many companies stand to profit handsomely from a Cyber Arms Race. This is nothing more than history being repetitive however, the platform has changed to a computing based battleground. Based on 'evidence' smack dab in front of our faces and under our noses, what else do we see or know of in regards to experts' explanation of APT? Not much. We have these experts consistently relying on word of mouth of each other and of IP addressing. Completely ignoring the fact that IP is a horrible identifier. Every security professional knows that IP addressing is not an identifier rather well, yet many are quick to fist pump and shout: 'APT, China!!! Look at that IP' even though FACTUAL evidence proves otherwise."

False flag operations are as old as warfare. I'd argue that in cyberspace they're even easier to execute. -BB (2011-08-31)

Cornel West: Cui Bono?

The New York Times features an op-ed by Cornel West:

"The age of Obama has fallen tragically short of fulfilling King's prophetic legacy. Instead of articulating a radical democratic vision and fighting for homeowners, workers and poor people in the form of mortgage relief, jobs and investment in education, infrastructure and housing, the administration gave us bailouts for banks, record profits for Wall Street and giant budget cuts on the backs of the vulnerable."

Perhaps this is to be expected. As Matt Taibbi explains, Goldman Sachs was Obama's number-one private campaign contributor.

This, in turn, unearths an even more unsettling reality. In the United States, our two-party system is really just a single-party system: the corporate party. -BB (2011-08-26)

An Apocalypse of Our Own Creation

Rep. Ted Poe offers his solution for dealing with intellectual property theft:

"It's time to get tough on China. And that's just the way it is."

Really Ted, some details might help. Personally, I think it's constructive to put this into perspective.

"American businesses... downsized and outsourced their manufacturing to Asian labor, effectively turning themselves into artisan custom shops for the plutocracy. In this bargain, repeated all across US non-military domestic production, the American companies gave up their intellectual property and trained the Chinese to make their goods for the sake of the short term bottom line."

"And it is only logical that some Chinese, maybe many, would see no point in maintaining licensing agreements with American multi-nationals once they could copy the goods on their own."

"Comments left on the Chinese sales site, and many YouTube vidoes, show young American men who have no problem buying fakes of US premium goods. Since wages have been destroyed, this too is a logical development."

"And American companies, individually and collectively, do not have the resources needed to combat the problems brought upon us by the great trade imbalance."

It's ironic that businesses are now complaining about a trend that they themselves were instrumental in creating. -BB(2011-08-24)

Warren Buffet and The Mega-Rich

In Warren Buffet's recent New York Times op-ed he notes that:

"While the poor and middle class fight for us in Afghanistan, and while most Americans struggle to make ends meet, we mega-rich continue to get our extraordinary tax breaks... These and other blessings are showered upon us by legislators in Washington who feel compelled to protect us, much as if we were spotted owls or some other endangered species. It's nice to have friends in high places."

I, for one, particularly enjoyed his scathing rebuttal of a well-known conservative talking point:

"Back in the 1980s and 1990s, tax rates for the rich were far higher, and my percentage rate was in the middle of the pack. According to a theory I sometimes hear, I should have thrown a fit and refused to invest because of the elevated tax rates on capital gains and dividends."

"I didn't refuse, nor did others. I have worked with investors for 60 years and I have yet to see anyone - not even when capital gains rates were 39.9 percent in 1976-77 - shy away from a sensible investment because of the tax rate on the potential gain. People invest to make money, and potential taxes have never scared them off. And to those who argue that higher rates hurt job creation, I would note that a net of nearly 40 million jobs were added between 1980 and 2000. You know what's happened since then: lower tax rates and far lower job creation."

What this essay underscores is how unhealthy our political system has become. The three or four thousand families at the top of the income spectrum appear to have a special relationship with legislators. Why is that? -BB(2011-08-16)

Mudge Speaks on Malware

At Black Hat USA Peiter Zatko (aka Mudge), a program manager at DARPA, touched on the nature of offensive software:

"Zatko analyzed 9,000 samples of malware code and found that, on average, each consisted of 125 lines of software code. That's not a lot of cost, time, or engineering effort. By comparison, the most sophisticated cyber protection software uses about 10 million lines of code. And, based on research by IBM, there are one to five bugs introduced in every 1,000 lines of code, Zatko said."

"Malware writers thrive by finding bugs and exploiting the vulnerabilities that the bugs introduce. Modern day operating systems may consist of 150 million lines of code, which means that each new OS can introduce 150,000 bugs to exploit. These numbers make it seem like keeping up with the bad guys is a losing game, Zatko said."

You may recall that this most recent patch tuesday included roughly 40 MB of updates for Windows Server 2008. Rather than treat the symptoms of the problem, why not address the underlying cause and find ways to build better software? -BB(2011-08-11)

Cofer Black: Visions of Cybergeddon (Must be the Heat)

Cofer Black appeared at Vegas this past week, ominously warning that "he sees parallels between the terrorism threat that emerged before the September 11 attacks a decade ago and the emerging cyber threat now."

That's interesting... I see parallels also: I see yet another former government official who's trying to drum up business by shamelessly leveraging the attacks of 9/11. On second thought, I supposed this should come as no surprise, given that Mr. Black was a Vice Chairman at Blackwater USA. It goes without saying that the aftermath of 9/11 was a gold rush for these people.

Cofer Black sanctimoniously claims that "Men's minds have difficulty adapting to things which they have no personal experience." This, no doubt, is a variation of "I could tell you, but it's classified" argument; typical of ex-agency types who fall back on the veil of secrecy when they've got nothing better to buttress their sales-pitch with. As former CIA agent John Stockwell can attest, "it's a very powerful argument, our presidents use it on us. President Reagan has used it on the American people, saying, 'if you knew what I know about the situation in Central America, you would understand why it's necessary for us to intervene.'"

Never mind the billions of dollars we actually lose every year to cybercrime, espionage, fraud, identity theft, and the like. In the tradition of Mike McConnell and Michael Hayden, Mr. Black would rather fixate on Cyberwar because... well, because none of the truly immediate (and far more tangible) threats will divert federal funding to his private sector interests. -BB(2011-08-07).

Related: Consensus Reality and Cybergeddon

Why do hypothetical stories of Cybergeddon garner so much bandwidth when reports of million dollar cyber-heists appear almost every day?

Perhaps, as this article from the Columbia Journalism Review suggests, this is a result of PR firms filling the void left by shrinking news rooms. As Arthur Brisbane queries: "Is it a concern to you that The Times relies to some extent on P.R. professionals for story ideas?"

The Vampires of Silicon Valley

At first blush this recent article in the San Francisco Chronicle reads like a late night infomercial for local hi-tech firms. My, my, my. Look at all the attractive, hip, 30-somethings from out-of-town being pursued by eager corporate suitors and showered with any number of tantalizing recruiting perks. Local Bay Area talent, one can only hope, has seen this sort of mating dance before and knows how it ends.

Closer inspection of this story yields a picture that is far more telling. There's a sinister punch line waiting for those who are able to see beyond the carefully constructed mirage: as workers, we are viewed by the decision-makers as disposable cogs. Contrary to the propaganda from human resources, the people at the top could care less about your long-term well-being. You're just a means to an end, and one with a conspicuously limited shelf-life at that.

As Wharton's Peter Cappelli explains, if the folks in HR had the guts to be honest they'd probably admit that: "We don't want to have to train anybody, and when those skills become obsolete we don't want to have to retrain them."

Like any successful black widow, they'll lure you into their web with a well-practiced sales pitch, bleed you for everything that you've got, and then toss your withered cadaver into the dumpster outside when they're done. Heck, when food gets scarce enough the Jackals in the executive suite will gladly turn on each other. Why should corporate America care? After all, they can simply throw a few more cocktail parties and round up yet another herd of fresh meat. -BB(2011-08-04)

Related: Cryptome's analysis of NSA help-wanted propaganda ...

"Recruiters are devious as they must be or nobody would join the secretkeepers if they knew the truth of what was in store for them to give up control of their lives and minds forever, and remain compelled to lie, lie and lie some more, and, to be sure, recruit noobs by writing noobish nonsense."

Telling Truth to Power

You may have heard of the story of Tom Drake, a high-ranking NSA employee who warned of mismanagement and waste in the agency on a massive scale. Specifically, he told of a failed project called "Trailblazer" which consumed $1.2 billion before being cancelled. As a result he was charged with the Espionage Act of 1917 and threatened with a 35-year sentence. Drake claims that this was done to send a message:

"To other whistleblowers, to others in the government, not to speak up or speak out. Do not tell truth to power. We'll hammer you."

The ensuing trial, where Drake was sentenced to a a year of probation and 240 hours of community service, has proved very interesting. The presiding Judge, Richard D. Bennett, stated that:

"I don't think that deterrence should include an American citizen waiting two and a half years after their home is searched to find out if they're going to be indicted or not. I find that unconscionable. Unconscionable. It is at the very root of what this country was founded on against general warrants of the British."

As in the case of Glenn Greenwald, WikiLeaks, and HBGary Federal, what we're seeing is the lengths that powerful institutions will go to in order to silence whistle-blowers. -BB(2011-07-30)

Cyber-Weapons and The Hegelian Dialectic

Though attention seems to be focused on nation-state players the true facilitators here are often corporate entities. Keep in mind that these same private-sector interests have no inherent sense of national loyalty. They exist strictly to serve shareholders and financial backers, period. If they could make a buck off of it I doubt if they'd have a problem with offering their services to both sides of an altercation. As the author of this article from Business Week observes:

"U.S. companies don't appear to face export restrictions, as the Pentagon's manufacturers of bombs and fighter jets do. In fact, companies like Endgame have cropped up all over the world. Appin Technologies, to cite one example, is a New Delhi company that offers a wide variety of computer security services, including helping countries analyze attacks and, if needed, respond in kind."

"...And so the unregulated cyber-weapons makers flourish, selling to the highest bidder. Business is great."

In other words, these companies help to both create incidents and then help clean up the mess afterwards. It reminds me of certain U.S. banking interests during WWII who did business with the Germans. You see, it doesn't matter who wins or loses, what matters is conflict and the lucrative business it generates. To actually address of the root cause of incidents (e.g. buggy software ) might impact the bottom line. As Tom Henderson notes:

"They aren't financially compelled to stop the problem before it starts. There is no motivation for an ounce of prevention that prevents the hideous pounds and costs of cure."

The unpleasant reality is that there's a lot of money to be made in selling offensive weaponry and, as a result, it's convenient to get policymakers to simply side-step much more effective preventative measures. -BB(2011-07-24)

Inside the Hunt for the CIA's "John"

In this article recently published by The Observer we see the power of open source intelligence as Cryptome's John Young demonstrates how easy it is to follow up on the clues provided by the Associated Press and leverage the Internet to discover the identity of the man in charge of tracking down Osama bin Laden. Young asserts that there's a hidden agenda at play:

"Putting this guy in the picture was no accident. To show him directly behind Panetta? I think they wanted to reward this guy's hard work and get some favorable publicity and it worked. It's one of the few successes they can crow about..."

"I think they shopped him to Obama with his height and his basketball background and his looks, and Obama fell in love with him... C.I.A. John is a very marketable product now... I think he'll be on the lecture trail. First it will be private briefings, and slowly he'll ease out. Isn't he a great role model? Tall, athletic. They're going to make the most of this."

There's definitely something to be said for this train of thought. As good PR is a valuable commodity in the political realm that often leads to funding. At the same time, could there be a degree of risk associated with this sort of self-congratulatory disclosure?

"John could be in serious danger if exposed, not from Al-Qaeda, necessarily, but from rogue elements of the Pakistani intelligence agency, the I.S.I., who have made common cause with Al-Qaeda and have access to greater resources."

That's an interesting point, even if it's moot in the context of this story. What's the use of spending billions of dollars to destroy a terrorist threat when the organization that spawned it will simply create another? - BB(2011-07-15)

Kaspersky Speaks on Attribution

The founder of Kaspersky Lab admits that tracking down the origin of a cyberattack can be an extremely difficult (if not impossible) task:

"viruses unfortunately don't carry ID cards. We can at least usually identify the originator's language, and that's at the moment the inventor communicates with his virus and gives it a command..."

"...I have no information pointing toward China as the actual originator. Professionals do their work through proxy servers. They can be located in China but controlled from the United States. Perhaps it was just competitors -- but people then pointed the finger at China. Anything can happen in our business."

How difficult do you think it would be for a small group of skilled developers to use internationalized tools to develop malware that appears to have been created from another country? Putting your faith in the veracity of embedded strings is utter foolishness.

If Stuxnet is truly the "super weapon" that the media says it is, do you honestly think the engineers who built it would be sloppy enough to give themselves away so easily? False flag operations are a time-honored practice in the wilderness of mirrors. -BB (2011-07-14)

An Electronic Pearl Harbor

George Smith elaborates on how worst-case thinking causes us to focus too heavily on perceived threats rather than addressing tangible ones. Smith laments that:

"The world economy was put in a tailspin by Wall Street financial systems in 2008. It has yet to recover.

And while Wall Street has done nicely since then, Main Street America has not. And by all accounts, no significant protections against Wall Street's predations have been put in place in the intervening period.

The argument that the US financial system ought to be protected from electronic Pearl Harbor would, if all Americans actually knew of it, strike them as ridiculous.

It's easily observable that people are much more interested in protection from the racket that's the American financial system. Cyberwar and hack attacks on it, when compared to the damage inflicted by Wall Street misbehavior, are absurdly small things."

Yet we hear much more about these perceived threats because certain corporate entities stand to profit handsomely from the hysteria that they produce. Such is the madness of crowds. -BB (2011-06-28)

Homeland Security Threat Assessment: 2008-2013

This is one of the reports pilfered by LulzSec. It has more than a couple of gems related to cybersecurity. For example:

"Foreign nations are the most capable and resource-rich cyber threat actors. The most advanced nations have established active and robust information operations (IO) or CNO organizations. Some nations' military and intelligence agencies have created distinct directorates to carry out aspects of IO, such as CNE, CND, and CNA."

I assume that a list of such nations would include the United States? In fact, I would wager that in terms of sheer efficacy, we're near (or at) the top of the list. As General Hayden commented, other countries are scared of us:

"There was a survey done not too many months ago. They asked the citizens of some cyber-savvy nations around the world, who do you fear most in the cyber-domain? And, quite interestingly, we were number one."

In this sense, the nature of international relations could be characterized as anarchic. With very few exceptions, everyone spies on everyone else. This is something to keep in mind when reading Cyberwar stories. We're hardly an innocent bystander. It's probably closer to the truth to say that we're an active participant. - BB (2011-06-24)

Recurring Themes: The Fannie Mae Scandal and CyberWar

New York Times columnist David Brooks offers a blistering commentary on the Fannie Mae scandal:

"The scandal has sent the message that the leadership class is fundamentally self-dealing. Leaders on the center-right and center-left are always trying to create public-private partnerships to spark socially productive activity. But the biggest public-private partnership to date led to shameless self-enrichment and disastrous results..."

"The final message is that members of the leadership class have done nothing to police themselves. The Wall Street-Industry-Regulator-Lobbyist tangle is even more deeply enmeshed."

This dynamic isn't limited to the financial sector of our economy. Look around at the media's coverage of recent cyberattacks and, even more telling, the solutions that government officials propose . -BB (2011-06-18)

Cryptome.org asserts that David Brooks' conclusions are:

"Equally applicable to the cybersecurity gov-mil-spy-media industry where deliberately inept, weak security -- to allow spying and data gathering -- is obscured by blaming hackers and foreign agents with demand for increased budgets and contracts."

Related: Agent.btz thrives and still no word of conclusive attribution.

Related: Check out the NSA's "Site M," a $5.2 billion centralized cyber-command center.

False Flags, Killswitch Tech, and The Easy Way Out (...Just Blame China)

This is an excellent piece on the idea of an Internet killswitch and the inherent shortcomings associated with it.

"Creating a killswitch for the Internet would never work because of the flaw in attribution. Who is attacking? Seriously, ask yourself, who is attacking?

This is at the core of why most of these ridiculous ideas will fail. Because we cannot attribute an identifiable aggressor, then who are we cutting ourselves off from? Not to mention, because of the flaws associated with attribution, an attacker can pretend to be anyone he or she or Country Y wants to be. In fact, should a killswitch ever be implemented, an attacker can cause huge financial fall-out by simply pretending to be a country of his or her or Country Y's choice. Imagine having an entire banking infrastructure disconnected because of a bunch of script kiddies. For every step this government (the United States) takes, they seem to take the same redundant steps backwards."

This essay might also shed some light on Richard Clark's recent op-ed in the Wall Street Journal. Chinese Generals claim they need to protect themselves against the US Military. American officials point to the Chinese and offer similar dire warnings. Methinks the two sides keep each other in business. - BB (2011-06-16)

Related: Does this seem like a veiled threat to you?

Alan Paller: Stop Blaming the User, Build Better Software

A few days ago, Alan Paller (the director of research at The SANS Institute) made a few comments about cyber-security on the PBS News Hour:

"For too long, the corporations and governments have been what we call blaming the users... It's very much like automobiles 50 years ago. We said that the drivers had to be safe drivers, and that would solve all the problems. But we didn't solve most of the -- we didn't do as well on automobile safety until we fixed the cars and we fixed the roads. We haven't done enough to make software that people buy safe"

The current state of affairs is something that the software industry, as a whole, doesn't want to face. You can educate users all you want and lock down your servers like Fort Knox, but a skilled attacker armed with weaponized zero-day exploits will waltz right through your defenses and sink your battleship. Once that happens, short of turning the damn things off, you're out of luck.

This is not a problem that you can buy your way out of with expensive, high-end, security products (contrary to the subliminal whispers of the marketing execs). Nor can we deal with it by falling back on the threat of conventional military force or spending a few billion on cyberweapons. To evolve beyond our current state of cyber-insecurity we need to invent better ways to build secure software. -BB (2011-06-06)

The Futility of Sabre Rattling

Today the Wall Street Journal published an article describing a Pentagon report which depicts cyberattacks as acts of war and discusses the option of responding with conventional military force. As one anonymous official stated, "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."

This may seem sensible, until you consider how difficult it is, in practice, to tackle the issue of attribution. As I've stated many times in the past, our government funded projects like TOR to ensure that we could perform operations online that could never be traced back to us. Is it unreasonable to assume that other nations have developed similar technology?

Can you imagine what would happen if we accused another country of committing a cyberattack and bombed them, only to discover later on that we were wrong?

Even more unsettling is the idea that this sort of military strategy could allow a nation-state to attack itself and then use the staged event as a pretext to launch a conventional military attack? Doesn't anyone remember Operation Northwoods?

According to James Bamford, in his book Body of Secrets:

"Operation Northwoods, which had the written approval of the Chairman and every member of the Joint Chiefs of Staff, called for innocent people to be shot on American streets; for boats carrying refugees fleeing Cuba to be sunk on the high seas; for a wave of violent terrorism to be launched in Washington, D.C., Miami, and elsewhere. People would be framed for bombings they did not commit; planes would be hijacked. Using phony evidence, all of it would be blamed on Castro, thus giving Lemnitzer and his cabal the excuse, as well as the public and international backing, they needed to launch their war"

The Wall Street Journal also reports that "Pentagon officials believe the most-sophisticated computer attacks require the resources of a government."

I don't necessarily agree with this. As many venture capitalists in the Bay Area will tell you, talent and skillset are important factors. Given the right group of ten people, you could build a formidable cyberweapon for a few million dollars. This is well within the reach of private corporate interests, who could then sell their technology to the highest bidder... putting the kibosh on the notion that "the best way to deter major attacks is to hold countries that build cyber weapons responsible." - BB(2011-05-31)

A Grifter's Utopia

In the wake of the 2008 financial collapse, the standard account provided by free market ideologues is that our banks sold mortgages to people who should've known better, the tools they used to quantify risk were flawed, and that federal regulators couldn't keep up with the flood of work that inundated their offices. Our capitalistic system runs in cycles, so they say, and this is just one of those occasional low points that we should all come to expect.

The service that Matt Taibbi does for us in his latest book is to expose this explanation for what it is: a cover story. Free market apologies aside, core components of this nation's power structure have been subverted by a relatively small group of moneyed interests that have used their leverage to buy off anyone who stands in their way. The rules that dictate how our markets operate are being rigged by a veritable army of corporate lobbyists. The benefactors of this hostile takeover, the economically privileged families at the top of the income spectrum, have witnessed exorbitant gains. Everyone else has had to make do with treading water.

As Taibbi explains: "While the rest of us argue about Mexican babies before the midterms, hotshot DC law firms like Skaden, Arps, Slate, Meagher & Flom may have as many as a hundred lawyers working on unresolved questions in the Dodd-Frank bill. And that's just one firm. Thousands of lobbyists will be employed; millions of lobbying dollars will be spent."

Let retired officials-turned-management-consultants trade in their credibility to peddle inflated tales of Cybergeddon . As far as our financial infrastructure is concerned, the clear and present danger that we face comes from within. Most of the propaganda that's jettisoned into the public arena is an effort to conceal this fact, to re-direct our anger and outrage away from responsible parties. As Taibbi warns, the people who played pivotal roles in creating this crisis are the same individuals who've been recruited to prevent it from happening again. "We have to trust these people to do the right thing, but we can't, because, well, they're scum. Which is kind of a big problem, when you think about it." - BB (2011-05-28)

Related: To see how these recent developments fit into a historical trend that began back in the early 1970s, you might also want to read the book Winner-Take-All Politics . For additional details on the mortgage crisis, I'd strongly recommend viewing the movie Inside Job

More On Our Double Standard

The New York Times reports that the founder of Blackwater, Erik Prince, has been hired by the crown prince of Abu Dhabi to form an 800-member mercenary force. This article states that these troops "could be deployed if the Emirates faced unrest in their crowded labor camps or were challenged by pro-democracy protests like those sweeping the Arab world this year."

This article also mentions that:

"In recent years, the Emirati government has showered American defense companies with billions of dollars to help strengthen the country's security. A company run by Richard A. Clarke, a former counterterrorism adviser during the Clinton and Bush administrations, has won several lucrative contracts to advise the U.A.E. on how to protect its infrastructure."

As Chomsky has noted:

"In the real world, elite dislike of democracy is the norm. The evidence is overwhelming that democracy is supported insofar as it contributes to social and economic objectives, a conclusion reluctantly conceded by the more serious scholarship."

"Elite contempt for democracy was revealed dramatically in the reaction to the WikiLeaks exposures. Those that received most attention, with euphoric commentary, were cables reporting that Arabs support the U.S. stand on Iran. The reference was to the ruling dictators. The attitudes of the public were unmentioned. The guiding principle was articulated clearly by Carnegie Endowment Middle East specialist Marwan Muasher, formerly a high official of the Jordanian government: 'There is nothing wrong, everything is under control.' In short, if the dictators support us, what else could matter?"

Q&A With Ralph Langer

He makes some interesting statements:

"We concluded that the U.S. is the leading force behind Stuxnet development. They didn't do it on their own; they had help from nation states. But it's clearly the work of the U.S."

"If you look at the facts, it is pretty clear that the attackers had substantial Siemens insider information. Just by looking at the attack code, you can infer this because it would take an outsider years to discover the vulnerabilities that were exploited by Stuxnet by just reverse engineering."

If someone goes around throwing rocks through other people's windows, it's kind of hard to be sympathetic when they complain about someone else doing it to them... -BB(2011-05-11)

Assange Points Out The 'Appalling Spy Machine'

There's no need for oppressive arm-twisting. People are literally opting to be monitored. Really, I have to admit, it's an extremely clever approach. Recall how the former executive from HBGary Federal leveraged social networking as an intel resource. Yet most people don't recognize this, they're too enamored by stories that cast social networking as a tool for political change in the Middle East. They fail to see the vast potential for abuse...

...and pundits want me to trust "The Cloud" with my data. Ha! -BB (2011-05-06)

Related: Some people may consider the Internet itself to be a massive tool for surveillance. There's something to be said for this train of thought. With regard to the hunt for Osama Bin Laden, the New York Times published a story that describes how our leaders "turned to one of their greatest investigative tools - the National Security Agency began intercepting telephone calls and e-mail messages between the man's family and anyone inside Pakistan."

Related: According to the Federation of American Scientists, domestic surveillance grew in 2010.

Rogelio Hackett: One More Drop in the Bucket

"A federal search warrant executed on the defendant's residence on June 30, 2009 located 676,443 stolen credit card accounts on the defendant's computers and in his e-mail accounts. Credit card companies have identified tens of thousands of fraudulent charges on these accounts totaling $36,624,815.52"

There's no denying that cybercrime is a credible and well-documented threat. Yet, for whatever reason (ahem), this concrete threat tends to be overshadowed by vague intimations of cyberwar that often have only one foot in reality. -BB(2011-04-22)

Related: As usual, the media is rife with stories that describe data breaches and wire fraud. On the other side of the fence are somewhat dubious accusations of cyberwar and attempts to paint other countries as the boogeyman. This is what happens when federal funding is at stake and certain business interests stand to gain from fear mongering.

Update: Here are a couple of articles that focus on this trend (with thanks to Bruce Schneier).

Uncle Sam's Button Man

This article describes Mr. Rizzo as an "elegant 63-year-old who wears cuff links and pale yellow ties." Though, I think that his interview banter is far more telling.

"How many law professors have signed off on a death warrant?" he asks.

If you'd like to address this rhetorical question, I suppose you could stop by for a chat and take this up with Mr. Rizzo. -BB(2011-04-12)

Internet Samizdat Takes on Corruption

This New York Times article looks at a web site run by Aleksei N. Navalny. There's also a New Yorker piece on this story as well.

Navalny admits to ambitions towards holding public office. He's also been accused of being a CIA plant. According to the NYTimes report, he supplied his wife with "a list of phone numbers to call if he disappeared... other lawyers, journalists and opposition politicians."

With billions of dollars at stake, it will be interesting to see how Aleksei's crusade evolves and even more interesting to see how the corporate power structure responds. -BB(2011-03-31)

They Never Wanted Attribution To Begin With

According to Michael G. Reed, a researcher at the Naval Research Laboratory who helped to develop TOR, the motivation behind the creation of this technology was to enable spooks to shield themselves from attribution.

"The *PURPOSE* was for DoD / Intelligence usage (open source intelligence gathering, covering of forward deployed assets, whatever). Not helping dissidents in repressive countries."

This is why ridiculous ideas like cyberwar deterrence and international treaties are nothing more than philosophical hubris. When faced with an organized intrusion set, trying to track down their identities would be an exercise in futility. Governments have funded research efforts like TOR to ensure that this is the case. -BB(2011-03-25)

Legislators Call for Investigation

The plot thickens as Hunton & Williams faces increased scrutiny. -BB (2011-03-02)

"A group of House Democrats is calling on Republican leaders to investigate a prominent Washington law firm and three federal technology contractors, who have been shown in hacked e-mails discussing a 'disinformation campaign' against foes of the U.S. Chamber of Commerce."

"In a letter to be released Tuesday, Rep. Hank Johnson (D-Ga.) and more than a dozen other lawmakers wrote that the e-mails appear 'to reveal a conspiracy to use subversive techniques to target Chamber critics,' including "possible illegal actions against citizens engaged in free speech."

Related: The House Armed Services Subcommittee on Emerging Threats and Capabilities on Wednesday asked the Defense Department and its intelligence arm - the National Security Agency - to hand over copies of any contracts they may have signed with HBGary Federal, Palantir Technologies and Berico Technologies.

Related: Anonymous takes aim at the Koch brothers. This article from the New York Times may help explain why.

Send Lawyers, Guns, and Money

Here's an article from Salon on Hunton & Williams, the law firm that BofA hired to deal with their Wikileaks problem (by way of a Dept. of Justice recommendation). H&W, in turn, called up their fixers and, well, you know the rest. -BB (2011-02-16)

"What makes Hunton's involvement in the anti-WikiLeaks scheming so striking is that the firm represents some of the biggest names in corporate America. Hunton's website touts its representation of Wells Fargo, Altria (aka Phillip Morris), the telecom Cingular, and defense contractor General Dynamics, among many others."

RELATED: the inside scoop on how Anonymous hacked HBGary Federal.

RELATED: Check out this op-ed from Wired. Paul Roberts observes "how effortlessly and seamlessly the focus on 'advanced persistent threats' shifted from government backed hackers in China and Russia to encompass political foes like ThinkProgress or the columnist Glenn Greenwald. Anonymous may have committed crimes that demand punishment - but its up to the FBI to handle that, not 'a large U.S. bank' or its attorneys ...What threat to all of our liberties does that kind of IT security firepower pose when its put at the behest of corporations, government agencies, stealth political groups or their operatives?"

Inside The Campaign Against WikiLeaks

Wired provides additional backdrop on the affair. It's interesting to see how quickly companies like Palantir and Berico backpedal once this plot comes to light. Would they have done so otherwise? -BB(2011-02-15)

RELATED: Glenn Greenwald, who was to be targeted as a part of the campaign, offers his comments:

"The real issue highlighted by this episode is just how lawless and unrestrained is the unified axis of government and corporate power. I've written many times about this issue -- the full-scale merger between public and private spheres -- because it's easily one of the most critical yet under-discussed political topics. Especially (though by no means only) in the worlds of the Surveillance and National Security State, the powers of the state have become largely privatized. There is very little separation between government power and corporate power. Those who wield the latter intrinsically wield the former."

"That's what this anti-WikiLeaks campaign is generally: it's a concerted, unified effort between government and the most powerful entities in the private sector (Bank of America is the largest bank in the nation). The firms the Bank has hired (such as Booz Allen) are suffused with the highest level former defense and intelligence officials, while these other outside firms (including Hunton & Williams and Palantir) are extremely well-connected to the U.S. Government. The U.S. Government's obsession with destroying WikiLeaks has been well-documented. And because the U.S. Government is free to break the law without any constraints, oversight or accountability, so, too, are its 'private partners' able to act lawlessly. That was the lesson of the Congressional vesting of full retroactive immunity in lawbreaking telecoms, of the refusal to prosecute any of the important Wall Street criminals who caused the 2008 financial crisis, and of the instinctive efforts of the political class to protect defrauding mortgage banks."

Defense Contractors: Too Big To Fail

"Why should the Pentagon be talking up the stocks, even implicitly, of the companies it buys from? ...The answer, I eventually learned, has to do with something that happened a very long time ago, and goes under the category of 'Be careful what you wish for.' Let's just say that banking isn't the only industry where the government has allowed a handful of companies to become too big to fail."

Defense spending is currently around $700 billion, roughly half of the discretionary spending in our budget. You can bet that this industry is looking for new reasons for us to keep spending... -BB (2011-02-12)

Documents on Wikileaks from HBGary Federal and Palantir

Here is a version of the report that HBGary Federal compiled on Anonymous. Is this the genuine article or just grist for another spook paper mill?

Even more interesting is this synopsis of "The Wikileaks Threat" written up by the likes of Palantir Technologies, HBGary Federal, and Berico Technologies. It would appear that members of the establishment have started talking to the corporate equivalent of hired guns.

"Together, Palantir Technologies, HBGary Federal, and Berico Technologies bring the expertise and approach needed to combat the WikiLeaks threat."

Looks like we know who lost the first round... -BB (2011-02-10)

The Shortest Path to the Executive Washroom

"In the years after the Sept. 11, 2001, terrorist attacks, officers who committed mistakes that left people wrongly imprisoned or even dead received only minor admonishments or no punishment at all, an Associated Press investigation has found ...many officers who made significant missteps are now the senior managers fighting Obama's spy wars."

Years ago, in 1997, I recall a Control Data veteran confiding in me that you weren't considered material for upper-level management until you had at least one really big failure under your belt. - BB (2011-02-09)

Turmoil In Egypt

"In a stunning collapse of authority, most police have withdrawn from major cities, and soldiers fired shots into the air in an effort to control the crowds, seized by growing fears of lawlessness and buoyed by euphoria that three decades of President Hosni Mubarak's rule may be coming to an end."

Related: This study released by the USAF Institute for National Security Studies "challenges the current US policy towards Egypt and its underlying assumption that regime stability supercedes a US interest in true political development."

Related: Wikileaks reports that "As recently as February 2010, as indicated in 10CAIRO213, an activist implored the United States diplomats to get closer to the Egyptian government in order to combat torture and reduce the growing brutality of the police. The answer from Vice President Biden is that the political leader, the highest authority in the country, is not a dictator. The answer from the U.S. is silence, and dismissal of the Egyptian people's desire to create a better future."

I think it's important to note that Egypt, which is a recipient of billions of dollars of US Aid, was our first partner in the CIA's rendition program in the mid-1990s. - BB(2011-01-30)

Interesting Historical Records

One can only guess what the unofficial conversations were like. The following are declassified snippets from various formal meetings during the reign of the Ford administration.

Richard Helms (former CIA Director) speaking with President Ford on the Church Commission:

"If allegations have been made to Justice, a lot of dead cats will come out. I intend to defend myself. I don't know everything which went on in the Agency; maybe no one really does."

Commentary: That's an interesting conjecture. Nobody really knows everything that goes on. Plausible deniability in action.

Henry Kissinger (then Secretary of State) adding his two cents in a different conversation along the same lines:

"Hoover did things which won't stand scrutiny, especially under Johnson. We will put these out in generic terms as quickly as possible. The Bureau would like to dribble it out. This will divert attention and show relative cooperation with the committee."

Commentary: How was Hoover able to survive, if not thrive? If there was a solid argument for an organization like Wikileaks, this is it. There are instances when all of our celebrated checks and balances break down...

William Colby (then CIA Director) speaks with President Ford and Henry Kissinger:

"They have asked for all the records of our relations with PanAm, [edited out] ITT and others. If we acknowledge a relationship, we will kill these companies and our ability to place agents and get cooperation."

Commentary: If you look at the key players in the CIA's history, you'll find that there are strong ties with this country's financial engine. -BB (2011-01-25)

What Do We Still Manufacture?

With the demise of the steel industry and other manufacturing sectors in the US, George Smith addresses this question.

"From 2009, another appalling graph produced from data taken by the US Census, part of Commerce, on military production in the US versus everything else (and originally shown in the NY Times):"

"While what production of durable goods in the US that remains is charted, it along with the fortunes of the middle class and mass unemployed cratered in 2009. However, military production did not. It went through a minor dip and then soared. This is immoral. It destroys any argument on fairness and shared burden and consequences being a part of US society. It broadly and mercilessly insults the intelligence of all those who must listen to, see or read about the Department of Defense making nibbles around the edges to trim its budget in the coming time of austerity."

The risk to our nation from cyberwar is dwarfed by the economic hole that we've been digging. The Chinese have been there, gladly, helping us do just that. Perhaps this is a function of our collective short-term view. Our leaders only look towards the next business quarter or the next election cycle. All the while, a culture that measures time in terms of 200-year dynasties looks on and quietly smiles. -BB (2011-01-20)

OECD Report: Risk of Cyberwar Exaggerated

A study done by researchers from Oxford and the London School of Economics concludes (among other things) that:

"Analysis of cybsersecurity issues has been weakened by the lack of agreement on terminology and the use of exaggerated language. An 'attack' or an 'incident' can include anything from an easily-identified phishing attempt to obtain password details, a readily detected virus or a failed log-in to a highly sophisticated multi-stranded stealth onslaught. Rolling all these activities into a single statistic leads to grossly misleading conclusions...Cyberespionage is not a 'few keystrokes away from cyberwar.'"

"It is unlikely that there will ever be a true cyberwar."

"Large numbers of attack methods are based on faults discovered in leading operating systems and applications. Although the manufacturers offer patches, their frequency shows that the software industry releases too many products that have not been properly tested."

Of course, I could have told you that. -BB (2011-01-18)

Wikileaks and The Propaganda Model

Is the mass media a watchdog or merely a cheerleader?

"As Columbia University digital journalism expert Emily Bell argues, it [Wikileaks] forces journalists and news organisations to demonstrate to what extent they are now part of an establishment it is their duty to report. In other words, WikiLeaks exposes the degree to which normal journalism has lost its watchdog role. Mainstream journalism stands accused of failing to be critical enough of those in authority. Over the economic crash of 2007 and over intelligence and the Iraq war, it failed to challenge the conventional wisdom. It was not a conspiracy or a failure of resource. It was because journalism can be too responsible, balanced and passive. Sometimes journalism needs to be disruptive, critical and even partial."

Aside: To see just how passive the media can be, I'd strongly urge you to view Bill Moyer's eye-opening documentary Buying The War. You won't find this kind of in-depth analysis elsewhere, which is why I support PBS. -BB (2011-01-16)

The PhD Shortage Myth

Contrary to what the corporate decision makers have been telling us, there is no shortage of talent in the United States. In fact, there's a surplus! According to this recent article in The Economist:

"In a recent book, Andrew Hacker and Claudia Dreifus, an academic and a journalist, reports that America produced more than 100,000 doctoral degrees between 2005 and 2009. In the same period there were just 16,000 new professorships. Using PhD students to do much of the undergraduate teaching cuts the number of full-time jobs."

Without a doubt, the claim of a "talent shortage" is merely a pretext for offshoring and H-1B initiatives. In a nutshell, it's all about access to cheap labor. Universities benefit as do business interests. All the while executive salaries continue to skyrocket. What will this do to the United States over the long run as people realize that no one wants to hire an American with a PhD in the hard sciences? Would you like some fries with that? -BB (2011-01-08)

Related: Proponents of offshoring and H-1B often use the free market argument as a convenient ideological excuse. As John Cassidy's recent article in The New Yorker demonstrates, the idea of a free market is also somewhat mythical.

"During the half century after Lincoln's Presidency, the business-backed Republican Party was in power for most of the time, and tariffs on manufactured goods remained at forty to fifty percent, the highest levels anywhere. It was during these years that the US economy grew to rival the economies of Britain and Germany in industries such as iron and steel and chemicals ...The fact is that not one of today's economic powers practiced free trade during its developmental stage."

In other words, state intervention to protect US domestic interests enabled the United States to emerge as a financial powerhouse, not free markets. Large multinationals dust off the free market argument when it suits their interests, not ours. -BB (2011-01-09)

Related: Another New York Times article on China's "indigenous innovation" policy. -BB (2011-01-12)