Has anyone decompiled the .jar files used for covert communication? Would be quite interesting to see how they work.
On another note it is easy to shame the CIA for making such a basic mistake as using subsequent IP numbers/same file layouts on sites. Of course they should be, but funnily enough mistakes such as these happen in every intelligence service.
As example would be the Russian military intelligence (GRU/GU) who have for years sent agents abroad with fake/cleaned Russian passports. Only problem being of course that the passport numbers were sequential and as in the case of the CIA websites, if you identified one agent and his passport, you could look up the next ones in line on databases and identify all the other active agents as well.
The US government had its own issues faking Soviet passports — Soviet staples were made of regular steel but US staples were made of stainless steel, so a genuine Soviet passport would have rust stains in it while a fake passport made by the US would not.
> Has anyone decompiled the .jar files used for covert communication? Would be quite interesting to see how they work.
I took a very cursory look, since they are obfuscated and reading obfuscated code sucks. I see swing (gui) drawing code, a few references to flash and activex, as well as code to load rsa and look for a program do to encryption/decryption: PGP, OpenPGP, CFB, OFB, SIC, GTCR. And a bit of url loading. So, probably nothing one didn't expect: It receives message over a network connection and uses these programs to decypher them, then shows it .. I don't know? directly in the gui probably. And the other way around.
But that's really just me looking for ten minutes. I could also be wildly off the mark here.
People seem to have been killed by this CIA mistake. If it wasn't actually a mistake, but purposefully putting people in danger to protect others, I don't know who would ever agree to be a mole for them in the future
We have no element to let us think that the actual active capabilities are any better than that. Do you know any elite who goes working for agencies? How can they remain elite if they don’t write on their work, share it with others, recoup best practices during conferences, etc.?
Even more silly to me is that certain Russian operatives had accounts on Russian social media under their real name, with profile pic and everything. So once under suspicion it was embarassingly easy to confirm who they were.
One of them was arrested this year here in Norway.
To be clear, in the period in question, Brazil was (and is) a democracy. The military dictatorship mentioned is the 1964 _Golpe_ or coup, which may have been partially instigated by US intelligence services.
The resulting military dictatorship was immediately recognised by the US and was responsible for innumerable human rights abuses until it fell in 1985.
This dictatorship and the US support for it is one of the main reasons that Brazil remains suspicious of the US and a primary driver behind it's continuing courtship of Russia and China.
Why "most expect"? Certainly there would have been greater focus on dictatorships/war zones? The target of websites found so far support this.
I can understand the desire to gather intelligence from every other nation, even allies. But I do believe it's a bad idea. E.g. Brazil seems to be aligning with China more and more... largely economic driven. But no need to also give it political backing.
> I can understand the desire to gather intelligence from every other nation, even allies. But I do believe it's a bad idea.
Intelligence agencies primarily spy on 'allies'. The biggest spy rings in the US are our "allies" - british, canadian, israeli, japanese, korean, etc. The biggest spy rings the soviet union had were in poland, ukraine, hungary, etc - aka their "allies". We have an infinitely larger spy ring in south korea than in north korea because holding onto an "ally" like south korea is far more important than converting an "enemy" like north korea.
It's why we demanded all our "allies" stop using huwaei tech because it would prevent us from spying on our allies. It wasn't about china spying on our "allies". Who cares about that? It's about our ability to spy on them.
The naive watch silly hollywood movies and think that's reality. Most of the spying during the cold war wasn't between the US and Soviet Union. It was mostly between warsaw pact "allies" and between NATO "allies".
> Brazil seems to be aligning with China more and more...
They should. Brazil's enemy is the US, not China. Might want to read up on the Monroe Doctrine. Think about it. The country that wants to keep brazil in check isn't china. It's the US. If Brazil has ambitions of being a major power, then it makes them our enemy and vice versa.
These seems to be related to intelligence gathering. The CIA like all other intelligence services in the world gather intelligence on any country of interest. Including on most european allies.
This article was hard to follow, if you want to see what the actual website looked like, and how the informant would communicate back to the CIA, scroll about halfway down this Reuters article:
Sure, the point of my article is to build upon the Reuters article to provide some concrete domains/archives links, add new sites to the existing Reuters list, and explain the technical details used to obtain them.
With a bit of reverse engineering, I'm sure we'd be able to get a mockup of the JavaScript ones running however: https://cirosantilli.com/cia-2010-covert-communication-websi... But in the end, it's just going to be some kind of "click something, a box opens, you type, it encrypts and sends a POST request.".
The main interest of reverse engineering to me would be to possibly find some searchable fingerprint that we could use to find more of the websites.
It's interesting to consider "how would you build it better" - especially when you realize that half of the equation is trained, educated, and safely in America, the other half is potentially anyone in the world anywhere.
If both sides are educated and trained, you can do things like hiding messages in quasi-randomly selected posts on Hacker News; but that quickly breaks down if one side doesn't have the skillset needed to hide their actions that way.
Things like TOR can help, but that can be difficult to completely hide, and so on.
> democracies have to work together and build mutual trust, and not spy on one another.
The first part seems true, but the second part doesn’t follow. Spying on allies seems an entirely reasonable, possibly even necessary, part of effective diplomacy.
I trust what you are saying more when I can verify congruence with things I can observe.
The problem is if these things are found and become public, it makes the targeted country really dislike the spying country. This creates a political pressure against aligning with the spying country.
Many Brazilians are deeply distrustful of the USA, and are even willing to align themselves with dictatorships. Personally, I'll never support a dictatorship. But many people will just to have an alternative world power pole.
Alliances are like friendships. If you spy one your friends, of course they are going to get mad and push you away. We have instead to make opt-in intelligence sharing programs with our allies.
A key part here is "democracies". Between dictatorships, mutual spying to establish trust can be a reasonable policy. But a democracy has to factor in the opinion of their citizens. People tend to dislike foreign countries spying on them, and will create incentives for their government to distance themselves from such countries.
Even if you try to keep it on the down-low, it makes it really easy for a third country to drive a wedge in the relationship.
Spying seems indistinguishable from the investigative work that undercover detectives do regularly. I think there’s a proper non-zero place for that in society as well. (There’s also improper possible applications, but the proper is not the null set.)
Sąd, but true. The sad part is that it can give "unfair" advantages to the party that is better at spying abroad and/or counterintelligence at home. After all every alliance has some points of conflict (see the Inflation Reduction Act vs Europe, as an example).
I don't really see how so many of these ended up in the wayback machine. My understanding is that they were supposed to seem like fairly unremarkable websites, but were built for basically one person. So it seems surprising that so many were visited by unrelated people.
Is there a log of who instigated a wayback archive? Could they have been a different group doing what this person was?
>Given that we cannot rule out ongoing risks to CIA employees or assets, we are not publishing full technical details regarding our process of mapping out the network at this time
I guess it's a hard thing to rule out, but I certainly hope the CIA isn't still using a communication method broken more than a decade ago.
> Is there a log of who instigated a wayback archive? Could they have been a different group doing what this person was?
Yes, IA now has a "About this capture" popdown at the far right of the injected toolbar. The first ever capture and some of the subsequent captures for one of the sites was from Alexa Crawls, provided by Alexa Internet; some later captures were from a "Survey Crawl" based on "a list of every host in the wayback machine". So this is basically automated, long-tail vacuum cleaning work.
I apparently misunderstood how the wayback machine worked. I thought it only archived pages that a user requested, and most pages end up archived due to people with the browser add-on installed to archive every page they visit.
Thanks to both people that cleared up my mistake, it has always seemed they had much stronger coverage than they should for my mistaken view of how it worked.
Readit News
On another note it is easy to shame the CIA for making such a basic mistake as using subsequent IP numbers/same file layouts on sites. Of course they should be, but funnily enough mistakes such as these happen in every intelligence service. As example would be the Russian military intelligence (GRU/GU) who have for years sent agents abroad with fake/cleaned Russian passports. Only problem being of course that the passport numbers were sequential and as in the case of the CIA websites, if you identified one agent and his passport, you could look up the next ones in line on databases and identify all the other active agents as well.
Reference for GRU passports: https://www.voanews.com/a/russia-gru-operatives-unmasked/460...
Here's one about two agents with passports 3 digits apart: https://www.bellingcat.com/news/uk-and-europe/2018/09/20/skr...
I took a very cursory look, since they are obfuscated and reading obfuscated code sucks. I see swing (gui) drawing code, a few references to flash and activex, as well as code to load rsa and look for a program do to encryption/decryption: PGP, OpenPGP, CFB, OFB, SIC, GTCR. And a bit of url loading. So, probably nothing one didn't expect: It receives message over a network connection and uses these programs to decypher them, then shows it .. I don't know? directly in the gui probably. And the other way around.
But that's really just me looking for ten minutes. I could also be wildly off the mark here.
There's advantage in appearing incompetent and creating traps to distract from actual active capabilities that are working.
One of them was arrested this year here in Norway.
Not to justify the CIA or anything, but that's exactly where I would most expect them to be actively conducting covert operations
The resulting military dictatorship was immediately recognised by the US and was responsible for innumerable human rights abuses until it fell in 1985.
This dictatorship and the US support for it is one of the main reasons that Brazil remains suspicious of the US and a primary driver behind it's continuing courtship of Russia and China.
I can understand the desire to gather intelligence from every other nation, even allies. But I do believe it's a bad idea. E.g. Brazil seems to be aligning with China more and more... largely economic driven. But no need to also give it political backing.
Deleted Comment
Intelligence agencies primarily spy on 'allies'. The biggest spy rings in the US are our "allies" - british, canadian, israeli, japanese, korean, etc. The biggest spy rings the soviet union had were in poland, ukraine, hungary, etc - aka their "allies". We have an infinitely larger spy ring in south korea than in north korea because holding onto an "ally" like south korea is far more important than converting an "enemy" like north korea.
It's why we demanded all our "allies" stop using huwaei tech because it would prevent us from spying on our allies. It wasn't about china spying on our "allies". Who cares about that? It's about our ability to spy on them.
The naive watch silly hollywood movies and think that's reality. Most of the spying during the cold war wasn't between the US and Soviet Union. It was mostly between warsaw pact "allies" and between NATO "allies".
> Brazil seems to be aligning with China more and more...
They should. Brazil's enemy is the US, not China. Might want to read up on the Monroe Doctrine. Think about it. The country that wants to keep brazil in check isn't china. It's the US. If Brazil has ambitions of being a major power, then it makes them our enemy and vice versa.
Dead Comment
https://www.reuters.com/investigates/special-report/usa-spie...
With a bit of reverse engineering, I'm sure we'd be able to get a mockup of the JavaScript ones running however: https://cirosantilli.com/cia-2010-covert-communication-websi... But in the end, it's just going to be some kind of "click something, a box opens, you type, it encrypts and sends a POST request.".
The main interest of reverse engineering to me would be to possibly find some searchable fingerprint that we could use to find more of the websites.
I see that later on you switch to "we".
JFYI, there are a couple typos I could spot, "pubic" and "lits".
If both sides are educated and trained, you can do things like hiding messages in quasi-randomly selected posts on Hacker News; but that quickly breaks down if one side doesn't have the skillset needed to hide their actions that way.
Things like TOR can help, but that can be difficult to completely hide, and so on.
The first part seems true, but the second part doesn’t follow. Spying on allies seems an entirely reasonable, possibly even necessary, part of effective diplomacy.
I trust what you are saying more when I can verify congruence with things I can observe.
Many Brazilians are deeply distrustful of the USA, and are even willing to align themselves with dictatorships. Personally, I'll never support a dictatorship. But many people will just to have an alternative world power pole.
Alliances are like friendships. If you spy one your friends, of course they are going to get mad and push you away. We have instead to make opt-in intelligence sharing programs with our allies.
Even if you try to keep it on the down-low, it makes it really easy for a third country to drive a wedge in the relationship.
Dead Comment
Is there a log of who instigated a wayback archive? Could they have been a different group doing what this person was?
>Given that we cannot rule out ongoing risks to CIA employees or assets, we are not publishing full technical details regarding our process of mapping out the network at this time
I guess it's a hard thing to rule out, but I certainly hope the CIA isn't still using a communication method broken more than a decade ago.
You can request it to archive a page at a time, but for many things it will have already found it.
Yes, IA now has a "About this capture" popdown at the far right of the injected toolbar. The first ever capture and some of the subsequent captures for one of the sites was from Alexa Crawls, provided by Alexa Internet; some later captures were from a "Survey Crawl" based on "a list of every host in the wayback machine". So this is basically automated, long-tail vacuum cleaning work.
Thanks to both people that cleared up my mistake, it has always seemed they had much stronger coverage than they should for my mistaken view of how it worked.
https://archive.org/donate/
https://www.reuters.com/investigates/special-report/usa-spie...
Great article, it’s a shame that they don’t offer any more assistance to burned informants
https://darknetdiaries.com/episode/75/