BrusselsLeaks the European Union leaks website

Posted on 21 April, 2011 by Frank

A Wikileaks alternative with the same aspirations to publish the leaking of confidential documents to promote the freedom to know targets that Wikileaks has but this time aimed at exposing what goes on inside the European Union.

With their server located in Iceland, a country with very strong press protection laws and currently outside the European Union, although Iceland has applied to join the EU the process it is likely to take quite a few years and BrusselsLeaks has said that they will review their server location when that happens.

BrusselsLeaks describes itself as a self-funded group of activists, journalist, Non Governmental Organisation workers and public relations sector workers based in Brussels (Belgium), who want to expose what goes on behind closed doors during the decisions that are taken in the European Union.

BrusselsLeaks

They claim that no personal data is stored when you submit documents through their online form but do not explain in detail how they achieve this, their site is using a RapidSSL digital certificate which is a good thing for privacy but does nothing for anonymity.

I kept wondering if their server has any special set up to routinely wipe connection logs, nothing of this is mentioned in their security section, data encryption is mentioned but this only goes so far and my main concern would be their submission server being seized with the IP logs still inside, however unlikely it is always better not to leave anything unconsidered and I would make sure to be using a proxy if I had to submit any documents .

According to the EUObserver, BrusselsLeaks will not be publishing anything itself but will instead check the documents authenticity and pass them on to selected media. BrusselsLeaks is willing to take your material of ethical, political, diplomatic, economic or historical significance but not opinions or documents which have already been published elsewhere.

UPDATE 2012: Project ceased to exist! Link erased.

How Google dirtballs attempted to get money out of my girlfriend

Posted on 30 March, 2011 by Frank

My girlfriend Viviana got a nice letter from Google Adsense today, they offered her free money, this free money, Google Adsense charlatans said, was in the form of free advertising to promote her sites using their Adsense program, this promotion was worth €75 (aprox. $100).

As soon as Viviana said the words Google the scam alert activated in my mind and I looked at the letter carefully, at the back of letter I found some tiny writing, I got my magnifying glass out of the drawer to be able to read the text properly, it started by saying “terms and conditions”, this is what I found.

Google Adsense breaking Google Webmaster spamming rules

A well known con artist trick used by spammers is to stuff a website with keywords using white coloured font on a white background, this way nobody can read the text except the search engine, Google has banned this practise and penalized such sites, Google Adsense terms and conditions are written using difficult to read grey ink printed on a white background.

To top it up, Google Adsense wrote the terms and conditions using a teeny-weeny font, if Google Adsense terms and conditions were to be a written on a website instead of a letter it probably would be blacklisted and flagged as spam.

Google Adsense terms and conditions

Google Adsense Marketing manager Christina Wire fake signature

The letter comes signed in blue ink by Google Marketing manager Christina Wire, on a closer look you will notice that this blue ink has in reality been printed, Christina Wire never signed your letter in person, Google has been clever enough to choose blue ink for this part of the letter, it might look to some people as if she signed it herself but the signature has in reality been machine printed.

Google Adsense demands payment upfront

While Google claims to give you €75 worth of free advertising, if you choose the easy to manage Adsense prepaid mode you will need to pay Google €5 first “to activate your account”, their credit card payment processing system requires a minimum €10 payment, in the end you end up having to pay €10 upfront for their “free present”.

There is an option to choose the “automated” Google Adsense management with no upfront payment but that method is much more likely to incur in accidental over budget expenses afterwards, whichever way you choose, Google always wins.

Google Adsense helpline premium number

Google Adsense free money letter clearly prints its phone help number on the front, what it isn’t so clear to read is the tiny terms and conditions at the back pointing out that this is not a a free call and it will cost you €0,67 minute plus a connection fee.

Google Adsense wants you to hurry up to secure the “free money” offer

Google free money/present offer is only valid for a set period of time, the longer it takes for you to sign up with them, the less “free money” you will get, after a month this “free money” offer is reduced by €25 and one month later the offer is finished.

What the Sicilian Mafia could learn from Google

There is no need to break the law to get wealthy, while I can not call Google fraudsters because they have terms and conditions that can be read by people with very sharp eyesight and others using a magnifying glass, I can certainly call Google Adsense dirtballs because honest and transparent businesses do not use degenerate marketing strategies in order to get my girlfriend’s hard earned money.

I have said it before on this blog and I will say it again until they leave us alone.

FUCK YOU GOOGLE!

Fuck Off Google!

Wikileaks alternative: OpenLeaks

Posted on 30 January, 2011 by Frank

new Wikileaks alternative has just opened for business, it is called Openleaks and their target is to help whistleblowers spread leaked documents and information. Openleaks has a contact phone number (with a German country code), fax, email address (with corresponding PGP encryption key) and Skype.

Using Skype for communications does not seem too bright for someone who is a Government target, Skype is owned by eBay and it is closed source software, I can easily envision an scenario where a US Court forces eBay to insert a backdoor in Skype for the FBI to tap into the communications.

I wonder why Openleaks didn’t choose a Jabber based instant messenger based on XMPP, the open standard for instant messaging, Gajim and PSI would be two good choices, they both support end to end encryption with SSL and do not belong to any big US corporation open to subpoenas.

Differences between OpenLeaks and Wikileaks

Openleaks will not publish any leaked information themselves they pass it on to third parties, they define themselves as a complementary project to Wikileaks, not a competitor.

There are ways for someone to anonymously send confidential information to a third party (tor proxy, remailers, etc) but that needs time and knowledge, Openleaks will make it easy to send leaked documents, acting as a middle man in between the leaker and the publisher, the more proxies you have, the harder it becomes tracking down the source.

The only doubt in my mind is, who will dare to post the next stolen top secret documents in a censorship free media without fear of consequences? I can only think of WikiLeaks, maybe Openleaks can be used to send documents to Wikileaks.

In fairness Openleaks claims to be on an alpha stage and it is still too early to judge them, I hope they succeed in their endeavours, I hope they change the Skype thing too.

Visit OpenLeaks homepage

OpenLeaks website

How to hide your phone number and still receive phone calls

Posted on 27 January, 2011 by Frank

If you want to sell something on Craiglist, eBay or Amazon your possible customers might want to speak with you. If you mention your phone number on the advert, it might stay posted there for ever and a quick Internet search for your personal phone number will find it easily together with the text which carries personal information about what you do/sell/think.

Telemarketers could also gather your phone number and annoy you with nuisance calls attempting to sell you garbage, the reasons why your phone number should never be made public are many.

Babble.ly hidden phone number

A free service called Babble.ly will hide your phone number providing you with a disposable weblink, in order for someone to call you the user needs to click on the link and Babble.ly will then connect both calls while keeping your real phone number private. Once the phone call finishes you can erase your unique URL and create a new one.

Google Voice can also be used to hide your phone number using a Google number to receive calls but it can not be used as a disposable weblink like Babble.ly does and Google Voice does not allow for a link to be directly posted to a website, in order to connect the calls Google Voice uses a hard to embed flash based widget.

Anonymous caller gossiping

Babble.ly is still in beta and only available to US and Canadian residents, maximum call length is 10 minutes, I wouldn’t bet too much on Babble.ly still being free after they get out of beta.

If you want to use extra features like custom caller greetings or number blocking, there is another similar paid for service named LetsCall.me.

Visit Babble.ly homepage

Chinese J20 stealth fighter jet photos leaked

Posted on 5 January, 2011 by Frank

First disclosed by US Office of Naval Intelligence (ONI) in 1997 as XXJ, J-20 is the 5th generation multi-role fighter to enter the service between 2015 and 2018. Chinese aviation fans says they have been taking photographs of the jet during recent high speed taxi tests from outside a fence at the Chengdu Aircraft Design Institutes’s airfield in south western China.

Chengdu J20 Chinese fith generation figther jet

The Chinese have been busy working their own designs for a twin-engine multi-role heavy fighter with stealth capability and manoeuvrability comparable to the American F-22. It took 15 years for the US military to develop the F-22, which costs around $150 million per unit, its production was terminated after President Barack Obama signed the country’s 2010 defence bill that included huge spending cuts.

Chinese Chengdu J20 stealth fighter

China air force J20 fighter jet

China’s aviation industry has made rapid progress in recent years but still relies heavily on imported technology, Russian engines are still used on China’s homemade J-10 fighter jets and the J-11, a copy of Russia’s Sukoi-27 fighter jet. The prototype features a pair of all-moving tailfins and Russian 1.44 style ventral stabilizing fins, which shield the engine nozzles.

China’s J20 secret stealth fighter jet

Stealth technology is difficult to master because it relies on systems to hide the presence of the plane while equipping the pilot with enough information to attack an enemy. Emissions must be hidden and the plane’s fuselage sculpted to avoid detection by radar and infrared sensors.

Ex-ALF prisoner and FBI tipster working for Mozilla Firefox

Posted on 2 January, 2011 by Frank

When you watch the latest Firefox4 browser promotional video you will notice someone called Justin Samuel there telling you that Firefox is “the most secure browser out there”, what he won’t tell you in the video is that he was an FBI informant in the past and helped the FBI out convicting a fellow Animal Liberation Front member in exchange for a reduced prison sentence.

Justin Samuel Mozilla Firefox video

Some question for Mozilla about Firefox

How can you trust Firefox browser when one of your employees was an FBI snitch in the past?
Has Mozilla Firefox made sure that Justin Samuel collaboration with the FBI has stopped before hiring him?
Whose idea was it to ask a former FBI informant to state in the video that Firefox is the “most secure browser”?
Are Mozilla Firefox employees encouraged to snitch others in order to get a reduced prison sentence?

Visit Justin Samuel development website

News Source: Animal Liberation Frontline Movement

Facebook Password Decryptor, Facebook password recovery tool

Posted on 27 December, 2010 by Frank

Facebook Password Decryptor recovers your lost Facebook password from most Internet browsers and messengers, this free Windows tool is fully portable and it can be run anywhere, it has been designed for good users whom have truly forgotten their Facebook password but of course the tool can also be misused by unscrupulous Government agents or Alqaeda terrorists.

In order to recover your lost Facebook password all you need to do is start the application and click on the Start Recovery button, Facebook Password Decryptor will then scan the computer for supported applications that have stored the Facebook password and show it to you in a table.

Facebook Password Decryptor

Facebook Password Decryptor attempts to install Real Player during installation, you can cancel this safely unchecking the tickbox, the software will still work.

Privacy loving people should stay out of all social sites or fill it in with fake data in the first place, but if are using Facebook and want to avoid someone hacking your account with this tool, then be clever enough not to access it at public computers like libraries and Internet cafés.

Visit Facebook Password Decryptor homepage

WikiRebels – Wikileaks The Documentary (2010)

Posted on 23 December, 2010 by Frank

Swedish public television, SVT has released its one hour documentary about Wikileaks, SVT has been following Wikileaks and its chief editor Julian Assange from Summer 2010 until now. This is a mainstream view of Wikileaks and the people behind it.

The full version Wikileaks documentary video is one hour long, this is only an extract.

WikiRebels The WikiLeaks Documentary VOSTFR 1/3

Balkan Leaks: Alternative website to WikiLeaks

Posted on 10 December, 2010 by Frank

Alternative site to WikiLeaks

The powers to be have a long way to go until they understand that when you ban something you are making sure that it will be replicated, because let’s face it, most people feels curiosity to look at forbidden goods, specially banned books, pictures, articles and secret Government documents.

The Balkan Leaks website wants to expose organized crime and political corruption in the Balkan states and it works much the same like WikiLeaks, you submit the secret leaked documents and they will host them for you.

Their website gives you instructions about how to submit documents to them anonymously, which basically consists on using the Tor browser bundle and upload your documents to a .onion website they have set up, for those who do not know, .onion websites are only accessible using the tor proxy software sites using the .onion extension are censorship free and extremely hard to take down if at all possible.

Balkan Leaks system to submit documents anonymously is exceedingly safe although not as practical as WikiLeaks PGP encrypted email submission system.

Censorship Eyechart Read

Who is behind BalKan Leaks?

The website itself does not give too much information about who is behind it and what, if any, censorship free hosting they are using. A whois on BalkanLeaks.eu using the EurID website reveals that the domain was first registered on the 8th September 2010 through French domain name registrar OVH, their DNS also points out to the site being hosted in France using French hosting company OVH.

BalKan Leaks whois domain name contact email is listed as “at @ atanas.fr” that is where things start to get interesting because using StartingPage to perform a search on that email address throws out plenty of results, including a FaceBook page.

Perhaps the most revealing result is the one found at DomainGoat, listing that very same email address as the contact for the registrar of Bulgarian website Pronto.bg (A site containing a link to Atanas.fr)

Whois:
DOMAIN NAME: pronto.bg
requested on: 23/11/2008 22:44:05.971223 EET
processed from: 07/01/2009 14:32:21.667255 EET
activated on: 29/01/2009 23:57:42.657345 EET
expires at: 07/01/2010 00:00:00 EET
registration status: Registered

REGISTRANT:
ATANAS GUEORGUIEV TCHOBANOV
SOFIA, 1000
BULGARIA

ADMINISTRATIVE CONTACT:
ATANAS GUEORGUIEV TCHOBANOV
at @ atanas.fr

I hope none of that information is confidential because anyone with 10 minutes on their hands can find out about it easily using a search engine, I just researched their background a little because I could not find any information about who is behind the BalKan Leaks on their site.

Best of luck to Balkan Leaks and their noble cause!

Visit BalKan Leaks Website

SIPRNet: The US army Secret IP Router Network

Posted on 1 December, 2010 by Frank

The publication by WikiLeaks of more than 250,000 diplomatic cables were reportedly downloaded from a classified database belonging to the US Department of Defence network. This network it is known as the Secret Internet Protocol Router Network (SIPRNet).

Introduction to SIPRNet – The beggining

After the 9/11 terrorist attacks the US Congress and the White House ordered to break down the barriers that prevented sharing of information across the different intelligence services. At the time there was more than a dozen different US intelligence agencies across the U.S. government and around the world.

In order to facilitate these security agencies the sharing of information, the Net-Centric Diplomacy database (NCD) was created, classified information up to the top secret level would be stored there and government agencies could access that database through their own secure networks.

The US Department of Defence network created in 1995 was called the Secure Internet Protocol Router Network, or SIPRNet.

Over the past decade, access to SIPRNet has sky rocketed to around half a million people. US staff having access to SIPRNet includes embassy personnel, army officials from other countries, state National Guard officials and Department of Homeland Security personnel.

SIPRNet security specifications

SIPRNet supports the Global Command and Control System (GCCS), the Defense Message System (DMS), collaborative planning and numerous classified war fighter applications. Direct connection data rates range from 56 kbps to 155Mbps. Remote dial-up services are available up to 115.2kbps.

SIPRNet acts like a closed network using packet switching over the TCP/IP protocols and it has dedicated and encrypted lines that are separate from all other communication systems.

There are no special SIPRNet computers but every authorized user must be approved by his chain of command, then he or she will receive a user identifier and will have to set up a strong password at least 10 characters long including two upper case letters, two lower case letters, two numbers, and two special characters and it must be changed at least every 150 days, the rules also specify that the user must not leave the computer while logged-in, not even for a cup of coffee.

Linking a computer with access to the SIPRNet to the Internet or to any other computer or media storage device that has not been approved for use with secret information is a serious security violation.

Once any media storage device has been plugged into a computer with access to SIPRNet it becomes classified at the secret level and can not be used in insecure networks such as the Internet, although after the Wikileaks scandal all SIPRNet computers have been blocked from downloading data to removable media.

The Secret Internet Protocol Router Network maintains an audit trail of all users, including, but not limited to, the identity of everyone accessing or attempting to access the SIPRNet, date and time of logon/logoff, and any noteworthy activities that might indicate an attempt to modify, bypass, or negate security safeguards.

Regular military precautions for using classified material also require that the computer’s random access memory must be erased and laptop computers with access to SIPRNet must be stored at a secure approved location when not in use.

US Army recruitment centre

How the Secret IP Router Network got busted

The following text below is partial chat transcript of private Bradley Manning with Adrian Lamo. Bradley Manning was a 22 year old US army private with access to SIPRNet and allegedly responsible for leaking thousands of secret US documents to Wikileaks.

(01:54:42 PM) Bradley Manning: i would come in with music on a CD-RW
(01:55:21 PM) Bradley Manning: labeled with something like “Lady Gaga”… erase the music… then write a compressed split file
(01:55:46 PM) Bradley Manning: no-one suspected a thing
(01:55:48 PM) Bradley Manning: =L kind of sad
(01:56:04 PM) Adrian Lamo: and odds are, they never will
(01:56:07 PM) Bradley Manning: i didnt even have to hide anything
(02:15:03 PM) Bradley Manning: pretty simple, and unglamorous
(02:17:56 PM) Bradley Manning: weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis… a perfect storm
(02:44:47 PM) Bradley Manning: the network was upgraded, and patched up so many times… and systems would go down, logs would be lost… and when moved or upgraded… hard drives were zeroed
(02:45:12 PM) Bradley Manning: its impossible to trace much on these field networks…
(02:46:10 PM) Bradley Manning: and who would honestly expect so much information to be exfiltrated from a field network?

Privacy Lover

Computer privacy and security for the paranoid

Category Archives: other