Archive for June, 2012

Julian Assange: shame on you BBC; and shame on you UK

June 30, 2012 2 comments

There was a time when I would automatically turn to the BBC for solid, unbiased, simple news. Now, like many others, I am turning elsewhere.

A case in point. Today the BBC reports on Julian Assange’s refusal to absent himself from the Ecuadorean embassy and present himself to the Metropolitan Police. The fourth paragraph, and remember that it is the first four paragraphs that also appear on Ceefax, says:

He wants to avoid being sent to Sweden to face rape and assault accusations.
Julian Assange ‘declines’ police order and Ceefax

These first four paragraphs are the ones read by most people, and seen probably by millions more on Ceefax. And that fourth paragraph misrepresents the truth so extensively it is effectively a lie. Assange repeatedly sought to have those charges properly investigated; but without the threat or possibility of subsequent, unrelated, extradition to the US.

The BBC gets closer, a little, to the truth, further on in the article:

Mr Assange fears that if he is sent to Sweden he could be sent on to the United States to face charges over Wikileaks and that there, he could face the death penalty.

There are two problems with this. Firstly, most people will have read the fourth paragraph, but not got as far as this tenth paragraph. Secondly, it is still carefully worded, so that ‘he could face the death penalty’. Most civilised people will dismiss this as paranoia: they will find it impossible to believe that the Land of the Free would execute someone for publishing genuine documents on a website. It’s simply beyond belief, therefore it can’t happen, therefore Assange is having a laugh. Therefore we don’t need to bother or even sympathise. And that is what this BBC report is designed to say; that is, what the authorities want us to hear.

The BBC report is actually about the statement by Susan Benn, a committee member on the Assange defense fund. Rather than read the sanitized BBC report, please read the full transcript here: Press Statement: By Julian Assange Defense Fund Outside the Ecuadorian Embassy. It includes this:

It should be made clear what would happen if Julian was extradited to the USA. The United Nations special rapporteur for torture, Juan Mendez has formally found that the United States has subjected Julian Assange’s alleged source in this matter, the young soldier Bradley Manning, to conditions amounting to torture. The UN found that the United States subjected Bradley Manning to “cruel, inhuman and degrading treatment”. Mr. Manning has been charged by the US government with the capital offense of “aiding the enemy” in relation to his alleged interaction with Mr. Assange. Bradley Manning has been detained without trial for two years and was placed into solitary confinement for 9 months in his cell for 23 hours a day, stripped naked and woken every 5 minutes. His lawyer and support team say these harsh measures were to coerce him into implicating Julian Assange.

This is the reality of what British justice is offering Julian Assange. And remember this: it took a British judge exercising unacceptable semantic contortions – by saying that UK law is dependent upon the French language translation of an EU requirement – in order to make the extradition from the UK to Sweden appear to be legal.

This is unacceptable. The UK should be protecting Julian Assange and the principle of free speech – not offering him up to an out-of-control United States courtesy of an increasingly worrying Swedish puppet. It makes me ashamed to be British. And ashamed to help pay for the BBC.

Categories: All, Politics

More accusations for Barclays to answer

June 29, 2012 2 comments

This document, WhistleBlowing Statement (short form), from which I have removed all supporting emails, was sent to me by Anonymous. It is a copy of an email sent to the FSA on 28 June 2012 – the day after, it is worth remembering, Barclays was fined £290m for manipulating Libor (the interbank lending rate on which the cost of all of our own loan repayments is based).

Barclay’s share value has plunged 17% on this news, and Bob Diamond’s position as CEO is considered precarious. The document I have, however, suggests that Barclay’s has not been reluctant to manipulate its share price in the other direction.

This document accuses Barclays of misrepresenting the state of the integration of Lehman’s systems (acquired less than 5 months earlier) with its own systems. Lehman’s was acquired on 16 September 2008, the day after it entered bankruptcy protection. On 22 January 2009, Barclays stated, “Barclays Capital, the investment banking division of Barclays PLC, today announces that it has completed the integration of the North American businesses of Lehman Brothers acquired in September 2008. As the final step in the integration, it has…”

Successful integration of the two worldwide financial organizations would lead to an efficient and effective company – but 5 months is an unbelievably short time to integrate such systems; and according to this document it should not have been believed.

Nevertheless, Barclays made the announcement and its share value immediately rose from a low of 51.20 on the 23 January 2009 to 88.70 on the 26 January 2009. “It was one of the speediest merger integrations in Wall Street history,” commented the New York Times at the time. And that’s because, according to the whistleblower, it never happened.

The author of the document was working for Barclay’s Capital at the time. He was involved in the integration.

I witnessed extreme pressure to complete the integration deliveries in any shape or fashion before February. Project governance and any professional integrity were sacrificed at every stage to demonstrate unrealistic/ inaccessible levels of success…

It is my belief that a meaningful completion was never fully achieved during the time boxed period up to the profit announcements made in February and that work pieces of it were moved to Day 3 because they could not be achieved within the required time frame. In other words integration work was being conveniently represented in this non industry standard format so that integration of the Banks systems could exist in different stages of completeness but still be represented as completed to interested parties external to BC.

Strangely, a report in Computerworld dated more than a year after Barclays’ own announcement, starts “Barclays has completed the integration of collapsed bank Lehman Brothers’ North American operations,” something that Barclays says it achieved more than 12 months earlier.

It is worth reading the Computerworld report together with the earlier Barclays announcement – and the whistleblower statement.

The whistleblower document has been sent to the FSA, complete with dozens of supporting emails. It is a serious accusation; and one that both Barclays and the FSA will need to address. Particularly, I repeat, because this comes to light just one day after Barclays is fined £290m for falsely manipulating the Libor rate for its own benefit.

Categories: All, Politics, Security Issues

Did Jester take down UGNazi?

June 27, 2012 Leave a comment

By now we’ve all heard of the massive FBI bust: 24 worldwide arrests and counting. Many commentators have focused on the inclusion of JoshTheGod amongst those arrested, and the closure/seizure of the UGNazi website. My own account on Infosecurity Magazine is here: FBI arrests: was UGNazi a target or an instrument?


UGNazi website – pre-FBI

But there’s a fascinating side-story to this. Jester, the self-proclaimed antidote to Anonymous, declared war on UGNazi on 7 June. “Within 23 days of this date,” he declared, “justice will be served.” Well, 20 days later the core UGNazi members were arrested and the website seized – leading many to suspect that Jester played some hidden part in this.


UGNazi website – post-FBI

Doubtful. In fact, seriously doubtful. Jester himself, of course, drops teasers to suggest he was in the know. Yesterday, the day of the bust, he did a major update to his ‘placeholder’ web post. Headed “FBI Arrests 37 In Massive International Cyber Fraud Scheme” (I’ve seen reference to 27 elsewhere, but never 37), he says:

Teaser: If I was a gambling man I might hazard a wager on the ‘CarderProfit Forum’ being a honeypot/sting that *someone* setup. Just a wild stab in the dark you understand.

Well, yes, the FBI had just said that; but also that they shut it down last month. When such a site suddenly disappears, it is either because its been busted or never was in the first place. It’s when you actually look closely at Jester’s account you see it’s full of innuendo but little substance.

I asked the other side what they thought about Jester. “Jester,” I was told, “is a past master at the art of hacking illusion – making matters that are essentially outside of his control appear to be part of a plan that he facilitates through his own hacking powers. Through his twitter and blog, with, sleight of his hand, he pretends he has the power to take down a hacking group such as UGNAZI, releasing a combination of verifiable but less descriptive pieces of info mixed in with unknown but more descriptive pieces. In truth Jester is the more competent master of the art that Reckz0r is still learning.”

Jester, according to Anonymous, is more a master of social engineering than hacking. In this instance he was in the right place at the right time; chasing UGNazi just when the FBI was closing in. And he’ll make the most of it because that’s his skill. Oh, and one other thing: don’t confuse UGNazi with Anonymous.

Categories: All, Security News

Jimmy Wales says ‘stop the extradition of Richard O’Dwyer’

June 25, 2012 1 comment

When I first checked Jimmy Wales’ petition to stop the extradition of Richard O’Dwyer to the USA, this morning at about 7:00am, the number stood at 8000 signatures. Now, just over 12 hours later, it has grown to more than 30,000. Come on guys, let’s keep it growing.

It doesn’t matter what nationality you are – there’s an international principle here. In Jimmy Wales’ words, “O’Dwyer is not a US citizen, he’s lived in the UK all his life, his site was not hosted there, and most of his users were not from the US.” So if you are American, ask yourself this: if the UK were to demand the extradition of a US citizen who lives in the USA and has broken no US laws to face trial in the UK, how would you feel?

You had the courage to face down SOPA. Now help us preserve a small piece of our liberty.

Sign the petition here. Please.

click to go to petition

Jimmy Wales, co-founder of Wikipedia, campaigns for a principle – and Richard O’Dwyer

Categories: All, Politics

How long until the RIAA tries to shut down Dropbox?

June 24, 2012 Leave a comment

No, really. It’s a logical step. Consider…

The RIAA has demanded that CNET’s remove a product that could be used, among very many other legal and valid purposes, to facilitate copyright infringement. It’s the Free YouTube Downloader, and I guess they’re worried that some of its users might use it to download, convert, store and replay copyrighted material. (Get it here now; not because you want it, not because you need it, not because you’re ever going to use it – but simply because they don’t want you to have it.)

But if they consider Free YouTube Downloader to be a problem, what are they going to do about Dropbox? Or more specifically, Dropbox + Boxopus? Boxopus is a third-party ‘add-on’ service to Dropbox.

Our Boxopus is one of the kind. He lives in the bottomless abyss of the Internet. He can stretch his tentacles and reach any content on the number of torrent-sites. Just feed him with a torrent! Whenever you do it, he’ll grab the file you need and put it in your Dropbox in a little time.

Using Boxopus to do all the work, you can now download and synchronise torrents to all of your Dropbox clients without needing a torrent client, and – wait for it – anonymously.

Oh, the RIAA is going to love this.

Categories: All, Politics, Security Issues

What is wrong with this picture?

June 22, 2012 Leave a comment

Neelie Kroes has invited business to help make the internet a safer place for children.

Neelie Kroes is an unelected un-mandated official of an undemocratic organization that, in her latest words, wants to change the internet into something she wants.


What Neelie Kroes will do for us

Microsoft is in charge of ‘notice and takedown’.

Microsoft is the organization demanding more takedowns from Google than any other organization – nearly half a million in the last month.

Transparency Report

From Google’s latest Transparency Report

Facebook is in charge of privacy settings.

Jesus wept. Need I say anything else? Facebook? Privacy? Really?

You couldn’t make it up. And of course I haven’t. But it really isn’t a laughing matter. Joe McNamee of EDRi presents a chilling discussion on how these ‘making the internet safe for our kids’ arguments will first be accepted (we all agree with ‘hang-a-pedophile-a-day’), but then will slowly morph into anti-copying, anti-terrorist, freedom-destroying net regulations under the control of our political masters and their business partners.

Categories: All, General Rants, Politics

I’m afraid I cannot engage in any conversation with you

June 22, 2012 Leave a comment

Last week I reported on an interview between a constituent and his MP, Dame Joan Ruddock. You can see the full story here: In the upper reaches of society, where does inept end and corrupt begin? In brief, however, the constituent has a complaint about his treatment by the local police, and subsequent inconsistencies in police documents.

During the interview the MP says, “I will consider everything you have said about the inconsistencies with a view to seeing if there is any reason why I should reconsider my position… I will get back to you in due course…” Tuesday was mentioned.

Tuesday came and went, so the constituent telephoned the MP’s office. This is what happened.

click for link

“I’m afraid I can’t engage in any conversation with you.” Is this really the treatment a constituent should expect from his MP?

I don’t want to tell you what I think of this. Instead I would rather you listen to the evidence itself: the initial conversation here, and then this latest one. Decide for yourself.

Our members of parliament have learned nothing from the expenses scandal. They still think we work for them, rather than pay them to work for us.

Categories: All, Politics

Reckz0r hacks MasterCard and Visa. Anonymous says no.

June 18, 2012 2 comments
Click for link

ITpro’s story on the alleged Reckz0r hack

ITpro has a short story on an alleged hack by Reckz0r:

“VISA & MasterCard HACKED – I just leaked a half data of VISA & MasterCard, the full one is about 50GB or bigger,” said Reckz0r.

Let’s be very clear: ITpro is being absolutely correct here. It clearly has some doubts, using the word ‘claims’ twice and ‘alleged’ once. It finishes by saying, “IT Pro was awaiting a response from MasterCard and Visa to confirm the authenticity of the data as this article went to press.”

I didn’t want to wait. I asked Anonymous if Reckz0r’s claims were true.

“Dude,” I was told, “never trust that guy. Reckz0r is a 14 year-old liar.”

OK, we should take the age with a pinch of salt (Reckz0r has been doxed elsewhere as a 24 year-old Saudi Arabian); but the metaphor is clear – Reckz0r is a kid in the playground.

In fact that image is re-inforced by a subsequent tweet from Jester:

reckz0r jester

Jester commenting on Reckz0r

One of the accusations against Reckz0r was that he ‘fake doxed Jester’, which might explain Jester’s arrival on the scene. But back to Anonymous. “He [Reckz0r] is considered the village idiot in Anonymous circles. He pretended he hacked Sony for LulzSec; he pretended he hacked sites that UGNAZI hacked. He has just faked another hack like he always does. Pure Bieber Hacker.”

OK, if this is just another faking story, why should I bother with it? “I would never open a file from an idiot like Reckz0r,” said Anonymous. “He is probably trying to spread a botnet.”

So there you have it: security advice from Anonymous. Do you really want to download an unknown file from a Bieber Hacker?

Categories: All, Security Issues

In the upper reaches of society, where does inept end and corrupt begin?

June 18, 2012 6 comments

It is human nature to want a quiet life. I would certainly like a quiet life. But when you choose a career in the police force, and especially if you rise to the rank of Borough Commander, you are paid by the people to protect the people – and you absent the right to a quiet life. And when you choose the career of a politician, and especially if you enter Parliament, you are paid by the people to protect and support and defend the people, and especially your own constituents – and you absent the right to a quiet life.

click for full size

Commander Burton to Joan Ruddock, MP

Faced with a claim that his station officers had not adequately investigated an instance of possible criminal behaviour over an alteration to and unauthorised release of personal medical records, Chief Inspector Burton of Lewisham Borough Police wrote to Dame Joan Ruddock, member of parliament for Lewisham Deptford, “The General Medical Council conducted their own investigation. I am informed that they concluded that Dr xxx’s actions did fall below the required standards but did not amount to criminality.”

This is not true. The GMC confirmed to the person concerned, “Please note that it is not the GMC’s role to judge whether a criminal act has occurred. I can also confirm that I have not sent any correspondence to the Met Police nor have I informed the Met Police that ‘Dr xxx’s conduct did not fall below criminality’.”

Borough Commander Burton has left himself some wriggle room. He doesn’t say who ‘informed’ him. It could have been the station janitor or a man in the street. But he has no right to imply, when this is clearly not the case, that he has received advice from the GMC. If he is being 100% honest, then the police response needs to be revisited because it was at least partly based on misinformation (and there is more not discussed here, yet). If he is not being honest, and was never so informed, then that has other implications that need to be aired.

Proof that these comments were at the very least misleading if not a simple lie was sent to the local member of parliament, Dame Joan Ruddock. An audience was requested and granted. It was recorded and published on SoundCloud.

click for link

Dame Joan Ruddock, MP, with constituent

The MP responds thus:

As a member of parliament I am in no position whatsoever to investigate anything that purports to be of this magnitude. It is not possible. It is not my job… I am powerless to tackle these issues… this is something I cannot undertake on your behalf… I’ve got absolutely no evidence of lying, as you put it… I think there may be a misunderstanding… I can’t look at this detail… here at this moment… I will look at [everything on Tuesday] but at the end of the day the chances are still very high that I will be saying to you that I don’t have any power to deal with this… there are real limits to what MPs can do, and my expectation is that I am still going to conclude that I can’t change these things for you… I will consider everything you have said about the inconsistencies with a view to seeing if there is any reason why I should reconsider my position… I will get back to you in due course…

Here is someone who doesn’t want to get involved; would rather abandon her own constituent – for the sake of an easy life – even when the evidence is in front of her (as it was). I am just a blogger, so obviously I am in no position whatsoever to investigate anything that purports to be of this magnitude. But I can write this. And a member of parliament can surely do much more, for the sake of the people who pay her wages.

It is profoundly disturbing that a senior police officer has not checked his facts and has misled a member of parliament for the sake of a quiet life. It is equally disturbing that the member of parliament then tries to ignore the situation for the sake of a quiet life. If senior police officers will not defend the law, why do we have them? And if members of parliament will not defend the people, why do we have them? And where, in the final analysis, does the man in the street go for justice?

There is more to this story. Its basis is, after all, a breach of the Data Protection Act. It will not go away; and there is more to come out.

Categories: All, Politics, Security Issues

Will the Communications Bill drive us all to the Dark Net?

June 17, 2012 1 comment

The very idea that the government should use £billions of our money to spy on us, when millions of Brits are without work, our roads are crumbling, our schools leaking and our schoolkids without adequate books, is simply obscene.

The idea that a democratic government is even contemplating a blanket and secretive monitoring system that requires no judicial oversight is abhorrent.

So, what is the solution?

There is a scary place. It’s called the Dark Net. It’s the hidden part of the internet. I don’t go there, because its full of unpleasant things. But there’s an even scarier place. It’s called the United Kingdom.

But, “because everyone (all Internet traffic) connected to the TOR Network is anonymous, there is not currently a way to trace the origin of the website. As such no other investigative leads exist,” said the FBI about the Dark Net in response to an FoI request.

There are, of course, other forces patrolling the Dark Net. Anonymous is on a hunt to find and expose pedophile sites; but I’m happy to accept that. The FBI finds it hard to patrol the Dark Net; Anonymous does not. But since I’m beginning to trust Anonymous more than I trust our government, I suspect the solution will be for us all to move to the Dark Net under the protection of Anonymous rather than stay in the open under the eyes of Theresa May.


Get every new post delivered to your Inbox.

Join 138 other followers