Profile picture
Robᵇᵉᵗᵒ Graham
@ErrataRob
, 10 tweets, 3 min read Read on Twitter
The indictment for Daniel Hale leaking to Jeremy Scahill at The Intercept is below. I thought I'd mention a few things about it.
justice.gov/usao-edva/pres…
It starts with Hale looking up Scahill on Google from this work computer. This is the problem for leakers: They start by planning NOT to leak, and thus leave traces like this behind. By the time they change their mind and decide to leak, they've left a trail like this behind.
This is why you should just get into the habit of "incognito" browsing, using Tor, and using Signal for messaging, for everyday things. If you only use crypto when your life depends upon it, you are already hosed. You should use them when your life doesn't depend on them.
This poses a problem for a journalist like Scahill. They need to develop sources in much the same way the CIA develops their HUMINT sources. Ideally, for the sources own protection, Scahill would strongarm them early in the process, refusing to response to unencrypted text msgs.
But if he did that, then many sources would simply walk away rather than take the trouble to install Signal or use Jabber. Only when the source has committed themselves by the first illegal leaking of a document are they likely to take the trouble -- and then it's too late.
"The Intercept" is getting a lot of criticism in the way it's failing to protect its leakers, but on the other hand, they are dealing with leakers who don't take the necessary steps themselves. Such as Googling "The Intercept" from their work computers.
As long as The Intercept gets a large number of leaks, and it will, arrested leakers will be somehow tied to The Intercept.
By the way, the phone company keeps a record of all SMS messages indefinitely. Even if both sides delete the messages from their phones, all SMS messages are preserved and searchable by the government. Moreover, 4rth amendment doesn't apply -- they don't even need a warrant.
In other words, whenever a reporter publishes leaked classified documents, investigators will grab all the SMS messages to/from that reporter. They will also review their work computers for every employee who has googled that reporter or accessed their publication's website.
Let's talk about deleting files from thumbdrives. Remember that once you delete a file, it's not gone from the drive until that space is eventually overwritten, which can be never. This is especially true with thumbdrives where that space may not be overwritten even when full.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Robᵇᵉᵗᵒ Graham
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @ErrataRob see all

Profile picture
Robᵇᵉᵗᵒ Graham
@ErrataRob
The principle of the "rule of law" is that the rules apply equally to everyone. It's the same rules when the grand jury investigating Trump's associates compels testimony as the grand jury investigating Assange compels testimony from Chelsea Manning.
If you are saying that the Grand Jury can't jail Chelsea for not testifying, then you'd have to also agree that the Grand Jury couldn't have compelled testimony from Trump's associates.
Yes, I think the investigation into Assange is bad, and Chelsea's resistance to questioning heroic, but at the same time, that's not an argument why the rules shouldn't apply to our side, while at the same time applying to the opposing side.
Read 4 tweets
Profile picture
Robᵇᵉᵗᵒ Graham
@ErrataRob
1/ This comment by Kim and Josh is extremely bad, reflecting the authoritarian nature of today's infosec. The vast majority of WinXP systems have RDP disabled and thus don't need to be patched, for example.
2/ There are many ways of mitigating bugs like this RDP vuln, through microsegmentation of the network, firewalling, hardening the system, disabling features, adding features, and so on. As others have pointed out, this RDP vuln can be mitigated with a simple configuration change
3/ Only a vanishingly tiny percentage of vulns are "wormable" like this RDP vuln. We are talking a couple vulns a year out of the tens of thousands that are assigned CVE identifiers.
Read 10 tweets
Profile picture
Robᵇᵉᵗᵒ Graham
@ErrataRob
"A new attack on Intel CPUs -- but AMD and ARM aren't affected".

Um, no. AMD and ARM have their own separate, similar issues, but researchers aren't looking for them.
This research takes a lot of work. AMD has too little market share to see what sorts of similar issues might affect them. ARM is too fragmented, what works for one CPU won't work for others. The only ARM CPU worth targeting is Apple's.
The ARM CPU in the iPhone is largely based on the Intel architecture, a custom design by Apple itself, made by former Intel engineers. It'd be surprising if it didn't have similar issues as the recently announced Intel issues.
Read 5 tweets

Related threads

Profile picture
Runa Sandvik
@runasand
Former intel analyst charged with disclosing classified information to a reporter, the indictment illustrates challenges/risks with journalist/source comms. justice.gov/usao-edva/pres…
P5 outlines comms: analyst researched reporter, attended reporter's book event, searched for classified info re: reporter's beat, texted friends about the event + meeting reporter, reporter emailed analyst article about Snowden, analyst and reporter exchanged texts, emails, etc.
Indictment suggests the analyst and the reporter communicated via emails, texts and in-person meetings prior to using encrypted comms. Book event in April 2013, reporter suggested Jabber in September. Could be they used encrypted comms sooner without this being highlighted here.
Read 4 tweets
Profile picture
Adam Wagner
@AdamWagner1
Some thoughts on the Assange indictment dated 3.6.18 but now unsealed (justice.gov/usao-edva/pres…)

I think there are potential serious implications for free speech and freedom of the press (thread)
2/ The indictment relates solely to the download by Chelsea Manning between Jan and May 2010 of hundreds of thousands of classified documents using her "top secret" security clearance which Wikileaks then published over the next year or so
3/ Assange's role appears to have been to assist Manning in cracking a password which would allow her to set up an alternative user account making it harder for her to be caught for downloading the files
Read 26 tweets
Profile picture
Karol 🌿
@karolcummins
🔥J-Ass🔥

J-Ass Charged w/ Conspiracy to Hack a DOD Computer

Freedom of the press doesn’t allow for cracking encrypted PWs to hack & steal TS DoD info in an effort to compromise US NatSec & our Democracy.

Superseding Indictment incoming.

WikiLeaks (GRU) Isn’t Whistleblowing
🔥J-Ass2🔥

📌Oct 2016: Trump mentioned Wikileaks 164 times in the last month of the 2016 elex, now claims it didn’t impact one voter

📌Pompeo repeatedly cited WikiLeaks to attack Clinton during campaign

📌Assange's Swedish accuser asks for rape case to be reopened in Sweden
🔥J-Ass3🔥

Clapper: 'Stunning & scary' that Barr wd raise spying allegation

It’s called a FISA warrant for surveillance, not spying

Comey: Barr's comments abt the FBI "spying" during ‘16: "I have no idea what the heck he's talking abt."

Barr Is the Most Dangerous Man in US
Read 66 tweets
Profile picture
JMHendersonSr❌
@JMHendersonSr
Here's a what if that's tickling my brain:

What if you changed "Chelsea Manning" to "operatives of the Russian Federation" and "Julian Paul Assange" to @HillaryClinton?
How close would we be to locking up a spy that was, formerly, First Lady of Arkansas, First Lady of the US, and a US Senator?

Seriously.

Read the Assange indictment. Here: justice.gov/usao-edva/pres…
Here are the key paragraphs:
Read 8 tweets
Profile picture
Wendy Siegelman
@WendySiegelman
Assnage Indictment: WikiLeaks Founder Charged in Computer Hacking Conspiracy

According to court documents unsealed today, the charge relates to Assange’s alleged role in one of the largest compromises of classified information in the history of the US

justice.gov/usao-edva/pres…
The indictment alleges in March 2010, Assange engaged in a conspiracy with Chelsea Manning, to assist Manning in cracking a password stored on US Department of Defense computers connected to the Secret Internet Protocol Network (SIPRNet)
justice.gov/usao-edva/pr/w…
Assange is charged with conspiracy to commit computer intrusion

Manning and Assange engaged in real-time discussions regarding Manning’s transmission of classified records & Assange actively encouraging Manning to provide more information.

justice.gov/usao-edva/pr/w…
Read 4 tweets
Profile picture
Andrew S. Weiss
@andrewsweiss
Public service reminder: the US Intelligence Community will pass judgement within 45 days after Election Day about the extent of any foreign interference. whitehouse.gov/presidential-a… 1/
Once the Intelligence Community renders its verdict, it will be up to Secretaries Pompeo and Mnuchin, and, ultimately, Trump himself to decide on possible sanctions/penalties against those responsible (within 30 days per the E.O. issued on Sept 12 2018). 2/
Articles like this one by @kevincollier suggest that the famed Russian Troll Factory is employing rather rudimentary tactics to hide its tracks during the US midterm elections (eg using VPNs, working on social media during US business hours) buzzfeednews.com/article/kevinc… 3/
Read 7 tweets

Trending hashtags

#Retweet #DesperateMeasures #MichaelCohen #The200 #GRINGO11 #SMARTech #Justice #witnesstampering #MAGA #ThePatriotTimes #cargotheft #TrumpRelectionStrategy #Assange #fraud #Massachusetts #ThesePeopleAreSick #NutShellReport #indictment #drugtrafficking #CSE #MAGA2020 #GroupDig #homegrownterrorism #elderly #MS13
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!