Ex-ALF prisoner and FBI tipster working for Mozilla Firefox

Posted on 2 January, 2011 by Frank

When you watch the latest Firefox4 browser promotional video you will notice someone called Justin Samuel there telling you that Firefox is “the most secure browser out there”, what he won’t tell you in the video is that he was an FBI informant in the past and helped the FBI out convicting a fellow Animal Liberation Front member in exchange for a reduced prison sentence.

Justin Samuel Mozilla Firefox video

Some question for Mozilla about Firefox

How can you trust Firefox browser when one of your employees was an FBI snitch in the past?
Has Mozilla Firefox made sure that Justin Samuel collaboration with the FBI has stopped before hiring him?
Whose idea was it to ask a former FBI informant to state in the video that Firefox is the “most secure browser”?
Are Mozilla Firefox employees encouraged to snitch others in order to get a reduced prison sentence?

Visit Justin Samuel development website

News Source: Animal Liberation Frontline Movement

Facebook Password Decryptor, Facebook password recovery tool

Posted on 27 December, 2010 by Frank

Facebook Password Decryptor recovers your lost Facebook password from most Internet browsers and messengers, this free Windows tool is fully portable and it can be run anywhere, it has been designed for good users whom have truly forgotten their Facebook password but of course the tool can also be misused by unscrupulous Government agents or Alqaeda terrorists.

In order to recover your lost Facebook password all you need to do is start the application and click on the Start Recovery button, Facebook Password Decryptor will then scan the computer for supported applications that have stored the Facebook password and show it to you in a table.

Facebook Password Decryptor

Facebook Password Decryptor attempts to install Real Player during installation, you can cancel this safely unchecking the tickbox, the software will still work.

Privacy loving people should stay out of all social sites or fill it in with fake data in the first place, but if are using Facebook and want to avoid someone hacking your account with this tool, then be clever enough not to access it at public computers like libraries and Internet cafés.

Visit Facebook Password Decryptor homepage

WikiRebels – Wikileaks The Documentary (2010)

Posted on 23 December, 2010 by Frank

Swedish public television, SVT has released its one hour documentary about Wikileaks, SVT has been following Wikileaks and its chief editor Julian Assange from Summer 2010 until now. This is a mainstream view of Wikileaks and the people behind it.

The full version Wikileaks documentary video is one hour long, this is only an extract.

WikiRebels The WikiLeaks Documentary VOSTFR 1/3

Balkan Leaks: Alternative website to WikiLeaks

Posted on 10 December, 2010 by Frank

Alternative site to WikiLeaks

The powers to be have a long way to go until they understand that when you ban something you are making sure that it will be replicated, because let’s face it, most people feels curiosity to look at forbidden goods, specially banned books, pictures, articles and secret Government documents.

The Balkan Leaks website wants to expose organized crime and political corruption in the Balkan states and it works much the same like WikiLeaks, you submit the secret leaked documents and they will host them for you.

Their website gives you instructions about how to submit documents to them anonymously, which basically consists on using the Tor browser bundle and upload your documents to a .onion website they have set up, for those who do not know, .onion websites are only accessible using the tor proxy software sites using the .onion extension are censorship free and extremely hard to take down if at all possible.

Balkan Leaks system to submit documents anonymously is exceedingly safe although not as practical as WikiLeaks PGP encrypted email submission system.

Censorship Eyechart Read

Who is behind BalKan Leaks?

The website itself does not give too much information about who is behind it and what, if any, censorship free hosting they are using. A whois on BalkanLeaks.eu using the EurID website reveals that the domain was first registered on the 8th September 2010 through French domain name registrar OVH, their DNS also points out to the site being hosted in France using French hosting company OVH.

BalKan Leaks whois domain name contact email is listed as “at @ atanas.fr” that is where things start to get interesting because using StartingPage to perform a search on that email address throws out plenty of results, including a FaceBook page.

Perhaps the most revealing result is the one found at DomainGoat, listing that very same email address as the contact for the registrar of Bulgarian website Pronto.bg (A site containing a link to Atanas.fr)

Whois:
DOMAIN NAME: pronto.bg
requested on: 23/11/2008 22:44:05.971223 EET
processed from: 07/01/2009 14:32:21.667255 EET
activated on: 29/01/2009 23:57:42.657345 EET
expires at: 07/01/2010 00:00:00 EET
registration status: Registered

REGISTRANT:
ATANAS GUEORGUIEV TCHOBANOV
SOFIA, 1000
BULGARIA

ADMINISTRATIVE CONTACT:
ATANAS GUEORGUIEV TCHOBANOV
at @ atanas.fr

I hope none of that information is confidential because anyone with 10 minutes on their hands can find out about it easily using a search engine, I just researched their background a little because I could not find any information about who is behind the BalKan Leaks on their site.

Best of luck to Balkan Leaks and their noble cause!

Visit BalKan Leaks Website

SIPRNet: The US army Secret IP Router Network

Posted on 1 December, 2010 by Frank

The publication by WikiLeaks of more than 250,000 diplomatic cables were reportedly downloaded from a classified database belonging to the US Department of Defence network. This network it is known as the Secret Internet Protocol Router Network (SIPRNet).

Introduction to SIPRNet – The beggining

After the 9/11 terrorist attacks the US Congress and the White House ordered to break down the barriers that prevented sharing of information across the different intelligence services. At the time there was more than a dozen different US intelligence agencies across the U.S. government and around the world.

In order to facilitate these security agencies the sharing of information, the Net-Centric Diplomacy database (NCD) was created, classified information up to the top secret level would be stored there and government agencies could access that database through their own secure networks.

The US Department of Defence network created in 1995 was called the Secure Internet Protocol Router Network, or SIPRNet.

Over the past decade, access to SIPRNet has sky rocketed to around half a million people. US staff having access to SIPRNet includes embassy personnel, army officials from other countries, state National Guard officials and Department of Homeland Security personnel.

SIPRNet security specifications

SIPRNet supports the Global Command and Control System (GCCS), the Defense Message System (DMS), collaborative planning and numerous classified war fighter applications. Direct connection data rates range from 56 kbps to 155Mbps. Remote dial-up services are available up to 115.2kbps.

SIPRNet acts like a closed network using packet switching over the TCP/IP protocols and it has dedicated and encrypted lines that are separate from all other communication systems.

There are no special SIPRNet computers but every authorized user must be approved by his chain of command, then he or she will receive a user identifier and will have to set up a strong password at least 10 characters long including two upper case letters, two lower case letters, two numbers, and two special characters and it must be changed at least every 150 days, the rules also specify that the user must not leave the computer while logged-in, not even for a cup of coffee.

Linking a computer with access to the SIPRNet to the Internet or to any other computer or media storage device that has not been approved for use with secret information is a serious security violation.

Once any media storage device has been plugged into a computer with access to SIPRNet it becomes classified at the secret level and can not be used in insecure networks such as the Internet, although after the Wikileaks scandal all SIPRNet computers have been blocked from downloading data to removable media.

The Secret Internet Protocol Router Network maintains an audit trail of all users, including, but not limited to, the identity of everyone accessing or attempting to access the SIPRNet, date and time of logon/logoff, and any noteworthy activities that might indicate an attempt to modify, bypass, or negate security safeguards.

Regular military precautions for using classified material also require that the computer’s random access memory must be erased and laptop computers with access to SIPRNet must be stored at a secure approved location when not in use.

US Army recruitment centre

How the Secret IP Router Network got busted

The following text below is partial chat transcript of private Bradley Manning with Adrian Lamo. Bradley Manning was a 22 year old US army private with access to SIPRNet and allegedly responsible for leaking thousands of secret US documents to Wikileaks.

(01:54:42 PM) Bradley Manning: i would come in with music on a CD-RW
(01:55:21 PM) Bradley Manning: labeled with something like “Lady Gaga”… erase the music… then write a compressed split file
(01:55:46 PM) Bradley Manning: no-one suspected a thing
(01:55:48 PM) Bradley Manning: =L kind of sad
(01:56:04 PM) Adrian Lamo: and odds are, they never will
(01:56:07 PM) Bradley Manning: i didnt even have to hide anything
(02:15:03 PM) Bradley Manning: pretty simple, and unglamorous
(02:17:56 PM) Bradley Manning: weak servers, weak logging, weak physical security, weak counter-intelligence, inattentive signal analysis… a perfect storm
(02:44:47 PM) Bradley Manning: the network was upgraded, and patched up so many times… and systems would go down, logs would be lost… and when moved or upgraded… hard drives were zeroed
(02:45:12 PM) Bradley Manning: its impossible to trace much on these field networks…
(02:46:10 PM) Bradley Manning: and who would honestly expect so much information to be exfiltrated from a field network?

Video: Half naked kid searched at the airport line by TSA staff

Posted on 25 November, 2010 by Frank

Apparently it is not enough for the Transportation Security Administration in the US to have access to strip search X-ray scanner images of airport passengers they seem to think that it is perfectly OK to search a half naked kid too.

This amateur video was filmed by student Luke Tait at Salt Lake City airport on November 19th, he claims that the boy went through a metal detector and didn’t see him to set it off but was selected for a pat-down search nevertheless, the kid did not feel comfortable with the TSA agent doing a pat down search on him so the kid’s dad took his son’s t-shirt off and gave it to the TSA agent who did not appear to have any qualms about patting down a half naked kid at the airport line in full view of everyone.

The guy who filmed this invasive TSA airport search claimed in during an interview in the Glenn Beck program that airport security staff questioned him about his videotaping of the incident and repeatedly asked him to erase the video to which he refused.

Advice for USA airport travellers

According to TSA rules travellers can not be asked to remove clothing (other than shoes, coats, and jackets) at a TSA checkpoint, if TSA staff asks you to remove your clothing ask for a supervisor or manager to speak with.

Remember that your laptop computer can also be searched when taking a flight, you should use full disk encryption to stop the TSA staff from getting their noses in your own business.

British police officer infiltrated in campaign groups exposed

Posted on 22 October, 2010 by Frank

The UK Government does not have enough presiding over the country in the World with most CCTV per habitant, they do not have enough recording all of the websites British people visit, they do not have enough with inviting ISPs to block access to a secret list of websites (suspected child porn they call it), they do not have enough keeping a record of the numbers people call to and who is sending an email to whom, in order to satisfy Great Leader, they need even more data.

That British undercover officers infiltrate campaign groups is nothing new, what is more unusual is that they are caught red handed, just proof of their incompetence if nothing else.

Undercover British police officer Mark Kennedy

According to various threads at Indymedia UK a very well known political activist known as Mark Stone, is in reality “Mark Kennedy” a British undercover police officer who has been informing on activists for the last 10 years.

Indymedia Scotland post naming “Mark Stone” as undercover police officer Mark Kennedy:

http://www.indymediascotland.org/node/21947

Indymedia UK with pictures of suspected undercover police officer Mark Kennedy:

http://www.indymedia.org.uk/en/2010/10/466477.html

In other order of news, Officer A already confessed on video a few months ago to being part of a secretive Metropolitan Police unit whose job was to infiltrate political campaigns and pass on the information to his bosses at the police department, claiming prevention of public disorder to justify their spying on perfectly legal political campaign groups.

Officer A provides an account of a secretive British police unit spying on protest groups.

If you are UK political activist and want protection from state voyeurism you can get a free guide on privacy for political activists at the sites below:

Activist Security: http://www.activistsecurity.org/

Legal resource centre for UK political campaigners: http://www.freebeagles.org/

Internet Explorer privacy mode browsing vulnerability

Posted on 21 September, 2010 by Frank

Internet Explorer 8 and above comes with a feature called InPrivate browsing, this privacy setting instructs the browser not to save the browsing history, temporary Internet files, form data, cookies, and usernames and passwords and stops that personal data from being retained by the browser leaving no evidence of your browsing or search history, once you close the browser everything is meant to be gone, not quite.

Internet Explorer index.dat files storing browsed sites

Index.dat is a little known Windows file that Internet Explorer uses, this file does not exist in Firefox, Chrome, Safari and Opera browser.

The index.dat file is extremely hard to find, not only it is marked as hidden but also designated as a system file and as such a Windows search will not find it. System files and folders are are effectively cloaked from casual searches even if you instruct Windows to show hidden files, in addition the index.dat file is locked and Windows prevents it from being deleted.

Note: There are other Windows components using a file named index.dat this is not exclusive of Internet Explorer, do not confuse them.

Internet Explorer InPrivate mode browsing

The index.dat file is a database file containing information such as visited websites, search queries and recently opened files. Its purpose, according to Microsoft, is to enable quick access to data used by Internet Explorer, no other browser uses it, this little file will be very helpful for a computer forensics investigator hell-bent on recoving your internet browsing activities.

Items such as the cached filename and page header information will be written to index.dat file while you use Internet Explorer privacy mode (aka porn mode).

The index.dat file can not be erased manually like your Internet cache and history can, you will need some specialist privacy software to erase the contents of Internet Explorer index.dat.

More Internet Explorer privacy mode vulnerabilities

Internet Explorer InPrivate browsing mode will not run completely in volatile RAM memory, while using InPrivate browsing mode in Internet explorer temporary internet files will be stored on disk so pages work correctly, but deleted when you close the browser.

This clearing of the cache is another privacy risk as it is simply marked as free space but not actually overwritten, and like with all the data that is not securely erased, it can be retrived until it is overwritten.

A computer forensics expert can recover the deleted internet cache of your Internet Explorer InPrivate mode without too much effort, in a matter of minutes.

Internet Explorer plugins like Silverlight are also able to set a cookie that will not be removed after the session.

Index.dat file computer forensics

Privacy mode browsing vulnerabilities in Chrome, Safari & Firefox

Although Internet Explorer is the only browser to use index.dat you should still be wary of other browsers privacy mode because they will also leave some tracks on your hard disk.

A team of researchers from Stanford and Carnegie Mellon University found that local attackers can access the DNS resolution history in a cache on a machine and enable him to reconstruct if and when a user visited a website, according to the researchers. This scenario assumes you are using the privacy mode for internet surfing in a public computer.

At home when using privacy browsing mode with Chrome, Safari and Firefox, you will need to watch out for plugins, according to these researchers “Browser addons (extensions and plug-ins) pose a privacy risk to private browsing because they can persist state to disk about a user’s behavior in private mode.“

Stanford University researchers paper: Analysis of Private Browsing Modes in Modern Browsers

How to delete Internet Explorer index.dat file?

Internet Explorer index.dat is a binary file and you can not use Notepad to look at its content. You will need to use a free hexadecimal editor like HxD freeware Hex editor but it requires some skill, it is much easier to download something like the free Index.dat Analyzer from Systenance this tool can view and erase your index.dat files content.

To delete index.dat you can open it with the hex editor and overwrite everything with zeroes, then save it, make sure the file is not opened as Read-Only. The quickest and easier way to delete your index.dat file is by using specialist privacy software to clean it.

Police warn parents about pedophile bear

Posted on 13 September, 2010 by Frank

San Luis Obispo County Sheriff’s Department is warning parents about what they call “a disturbing new phenomenon made popular by pedophiles and sexual deviants“ and are cautioning parents to be aware of PedoBear, particularly at public events.

The Sheriff Department advices anyone with concerns about the image to contact the Sexual Assault Felony Enforcement division of the sheriff’s department at 805-781-4550.

“An Introduction to PEDOBEAR”

San Luis Obispo Country Sheriff Public Safety Information Bulletin (Click to enlarge):

Police bulletin "An introduction to PedoBear"

Police bulletin 2 "An introduction to PedoBear"

A
R
E

T
H
E
Y

I
D
I
O
T
S

The fact that this Californian police department is serious about this it is really really troubling.I would have thought the cops would realise that PedoBear is an internet joke and not something that deserves their attention. This to me seems to be an indication that they have too much time on their hands, no pun intended.

PedoBear not arrested yet

The PedoBear picture featured in the police bulletin was taken at Comic Con and you can clearly see that the man wearing a bear costume is standing next to a little baby trying to hug him. Why did the police fail to arrest him? Will they feature him in the most wanted list? Is there a reward for turning in PedoBear? Lots of unanswered questions for the Sheriff’s department.

PedoBear police warning on USA TV news

Who is really behind pedophilia?

I said it before and I will say again because I have no fear of saying the truth. Secret agencies are working behind the courtains in order to scare people into thinking that pedophiles are everywhere, while the most likely place for a child to get abused is a religious institution, the Quran itself relates how Prophet Mohammed had sexual intercourse with an 11yo girl (his wife) but you get no police warning about this.

Cops have no interest whatsoever in warning parents about the dangers of religion for their children, they rather concentrate on a little pedophile bear who can’t fend by himself because he never existed for real.

Pedobear disguissed as policeman

How to deactivate geolocation tracking in Firefox and Opera browsers

Posted on 2 September, 2010 by Frank

The latest Opera 10.6 and Firefox 3.5 browsers come with a feature called location-aware, this feature allows websites compatible with Geode (not many at present) to learn where you are.

Google location services are used to determine your whereabouts using your computer’s IP address, nearby wireless access points and a random client identifier given to you by Google, which is meant to expire in two weeks.

The first time you go to a website that requests geolocation information, Google Location Services terms and conditions are presented, you will need to agree to them, which can easily be done inadvertently or wihout understanding what that means, after that, every time a website requests geolocation information your internet browser tells you, and gives you a choice: to send your location data, or not to send it.

Where are you?

Both browsers, Opera and Firefox come with location aware enabled by default, I don’t know about Internet Explorer because I care about internet privacy and do not use that piece of crap.

How to disable location aware in Firefox and Opera browsers

To disable location aware in Firefox, type about:config in the toolbar and change the geo.enabled value to false by double-clicking on the key.

To disable geolocation tracking in Opera go to Settings > Preferences > Advanced > Network, and uncheck Enable geolocation.

Test your geolocation browser awareness at: http://browserspy.dk/geolocation.php

Learn more about geolocation tracking in Firefox and Opera

Mozilla location aware browsing FAQ: http://www.mozilla.com/en-US/firefox/geolocation/

Opera browser geolocation help page: http://help.opera.com/Windows/10.60/en/geolocation.html

Privacy Lover

Computer privacy and security for the paranoid