We Are Legion

[O Really]

I'm thinking about lowering my "expectations."

[rstrong]

Imagine we purchase a USB drive.
Imagine we take it to our workplaces.
Imagine we pretend we have to work late hours.
Imagine we accumulate all sort of evidences about illegal deeds

Imagine that we set a Group Policy on our domain controller to lock out flash drives on all PCs on our network.

Imagine that we did it in 2003.

I should update this post:

The New York Times reports that Snowden gave Greenwald literally thousands of documents. Other sources are reporting that Snowden used a thumb drive to download and transport those documents.

I'm replacing Symantec Enterprise Antivirus with Symantec EndPoint Protection on a network that doesn't have a USB Group Policy set. (The old Enterprise Antivirus - even with today's virus definitions - has become rather useless.)

Today a virus was found one machine - a virus known for spreading using the auto-run feature in USB thumb-drives. It turned out that an employee had plugged his Android phone into the PC's USB port to charge. The old XP machine treated it like a USB drive and ran what Autorun.inf told it to run.

So, I decided to lock down the USB ports on most workstations. But NOT disable them.

EndPoint Protection let me "Block access to Autorun.inf", "Block programs from running from removable drives", "Make all removable drives read-only" and "Block writing to USB drives." This way even the locked-down systems can still read from USB drives, and USB printers and other devices are not affected. People can still charge their phones.

There's a great many other options that you can apply separately to USB, FireWire, Floppies, SD cards, tape drives, Bluetooth, ports, etc. You can block Browser Helper Objects, Toolbars, file shares, or every program except the ones you specify.

The ability to lock out USB using Group Policies has been in Windows since Server 2003. Symantec Endpoint Protection has been out since 2007, and even the current version has been out for two years.

There's no excuse for Top Secrets to be allowed to leave a network via USB drives.

[\V/]

And yet it happened...what now?

[rstrong]

And yet it happened...what now?

Now maybe those in the "campaign donations for government defense contracts" business like Booz Allen Hamilton will take a look at the basic security measures that those in REAL private industry have been using for a full decade now.

The company I do IT work for has three different ways to lock down USB ports:
- A Group Policy object on our Windows domain
- Anti-virus / endpoint protection software
- Turning off the USB controllers in the workstation BIOS and then password protecting them.

We've had two of those methods for over a decade. Two of those methods can be implemented company-wide in two minutes, without getting up from my desk. None would cost us an extra dime, and frankly we never asked for the ability. It's just there.

Actually, given the level of incompetence required for those ports NOT to be locked down, I expect "what now" is that other intelligence services will conclude that the Snowden affair is an insultingly unbelievable American operation to spread false intelligence. (The "damaging to America" information released so far merely states what everyone else assumed.) Which is why even China and Russia aren't enthusiastic about granting refuge to Snowden. And the Russians have been getting more and more sarcastic about it.

[rstrong]

On the other hand, the U.S. Army's Network Enterprise Technology Command has admitted that after The Guardian began running stories about NSA data trawling, the Army began limiting access to The Guardian's website via DoD networks. Because, I guess, they wouldn't want classified information that everyone else on the planet already has leaking INTO their network.

So they have the firewall and end-point protection ability. It's just facing the wrong way.

[rstrong]

As if soldiers don't have access to email and reports by other media sources.

A lawyer and former federal prosecutor over at Popehat looked at the charges against Snowden:

Note that the second and third charges both require the feds to prove that Snowden's release of information to the press was harmful to the United States. This puts our government in the position of attempting to prove that it is harmful to release accurate information about how it is spying on us, and how it is misleading us about spying on us.

Espionage charges usually describe someone with classified information leaking that information to powers hostile to the United States government.

We, the people, are those hostile powers.

[rstrong]

I'm thinking about lowering my "expectations."

No need. Here's where you can count on them in real life.

[rstrong]

We Are Job Creators

One can only hope that those sweat shop workers find hope and pride in knowing that those masks will inspire someone to hack a Twitter feed and post comic book slogans.

[rstrong]

Leader of Anonymous Steubenville Op on Being Raided by the FBI

Yup. I listed a great many Anonymous/LulSec arrests earlier in this thread, with citations. With both ISPs and servers keeping records - and plenty of tricks to negate proxy servers etc. - the police don't seem to have any problem rounding up anyone who goes beyond posting comic book slogans to forums.

As I said above about the intelligence services, "So they have the firewall and end-point protection ability. It's just facing the wrong way."

Anonymous suffers the same problem: Their comic book slogans are facing the wrong way. Facing law enforcement their anonymity is non-existent, and it's law enforcement that has repeatedly demonstrated "We do not forgive. We do not forget. Expect us." And suppose Anonymous ever tried to support their own when they got into legal trouble. Ever tried to turn their empty claims about brothers/sisters/legion into something credible. Law enforcement's support organizations would be a pretty good role model.

[rstrong]

The "one track" I've stuck to in this thread is the Anonymous's claims of anonymity. That doesn't mean that their motives are wrong; I usually support the whole whistle-blowing movement, and I've been pretty clear about that. Again, conning would-be supporters with false claims of invincibility through anonymity and strength in numbers, tarnishes their moral high ground.

But yes, seeing that finally one of their number is getting some support, is a good step in the right direction.

[\V/]

[\V/]

Download these documents, share them, mirror them, don't allow them to make them disappear. Spread them wide and far. Let these people know, that we will not be silenced, that we will not be taken advantage of, and that we are not happy about this unwarranted, unnecessary, unethical spying of our private lives, for the monetary gain of the 1%.

http://thedocs.hostzi.com

[rstrong]

[Boatrocker]

We need a LIKE button.

[\V/]

[bannination]

Download these documents, share them, mirror them, don't allow them to make them disappear. Spread them wide and far. Let these people know, that we will not be silenced, that we will not be taken advantage of, and that we are not happy about this unwarranted, unnecessary, unethical spying of our private lives, for the monetary gain of the 1%.

http://thedocs.hostzi.com

Link appears to be down.

[\V/]

Docs

[O Really]

Page is missing.
Virus checker went off. Computer crashed. Jackboots knocking at door. Gotta get outta.....

[bannination]

Page is missing.
Virus checker went off. Computer crashed. Jackboots knocking at door. Gotta get outta.....

Don't know if you were serious about the virus checker going off, but the page does appear to be clean at the moment. https://www.virustotal.com/en/url/f85bd ... 378599946/


But yeah, content not found. Try this, not sure if it's the content \V/ intended though.

http://leaksource.wordpress.com/2013/06 ... w/?wref=tp

[O Really]

Sorry, should have put a smiley. No virus checker. No jackboots, either.