p2pnet view P2P | Freedom:- I’m about as non-technical as they get and I’m totally lost when it comes to understanding how it’s possible to create online “personas” — virtual people who can be remotely controlled, singly or together.
And that’s even if I understand the basic contention correctly; that HBGary, the sorry US ‘security’ company hacked by Anonymous, has managed to create hordes of doppelgangers which/who can be controlled en masse
Do I have that right? Can it be real?
Yes — “replete with background, history, supporting details, and cyber presences that are technically, culturally and geographacilly [sic] consistent”.
Nor is HBGary by any means alone.
‘As many as you’d like … ‘
“In the continuing saga of data security firm HBGary, a new caveat has come to light: not only did they plot to help destroy secrets outlet WikiLeaks and discredit progressive bloggers, they also crafted detailed proposals for software that manages online ‘personas,’ allowing a single human to assume the identities of as many fake people as they’d like”, says the Raw Story.
“The revelation was among those contained in the company’s emails, which were dumped onto bittorrent networks after hackers with cyber protest group ‘Anonymous’ broke into their systems.
“In another document unearthed by ‘Anonymous,’ one of HBGary’s employees also mentioned gaming geolocation services to make it appear as though selected fake persons were at actual events. ‘There are a variety of social media tricks we can use to add a level of realness to all fictitious personas,’ it said.”
According to an embedded MS Word document found in one of the HB Gary emails, it involves creating an army of sockpuppets, with sophisticated “persona management” software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online.
That’s for “the purposes of infiltration, data mining, and (here’s the one that really worries me) ganging up on bloggers, commenters and otherwise ‘real’ people to smear enemies and distort the truth.”
Rockefeller quotes from the post >>>
Persona management entails not just the deconfliction of persona artifacts such as names, email addresses, landing pages, and associated content. It also requires providing the human actors technology that takes the decision process out of the loop when using a specific persona. For this purpose we custom developed either virtual machines or thumb drives for each persona. This allowed the human actor to open a virtual machine or thumb drive with an associated persona and have all the appropriate email accounts, associations, web pages, social media accounts, etc. pre-established and configured with visual cues to remind the actor which persona he/she is using so as not to accidentally cross-contaminate personas during use.
Too much? Not at all. It’s frighteningly real.
Synopsis: Added: Jun 22, 2010 1:42 pm Modified: Jun 22, 2010 2:07 pmTrack Changes
0001- Online Persona Management Service. 50 User Licenses, 10 Personas per user.
Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly [sic] consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user’s situational awareness by displaying real-time local information.
0002- Secure Virtual Private Network (VPN). 1 each
VPN provides the ability for users to daily and automatically obtain randomly selected IP addresses through which they can access the internet. The daily rotation of the user s IP address prevents compromise during observation of likely or targeted web sites or services, while hiding the existence of the operation. In addition, may provide traffic mixing, blending the user s traffic with traffic from multitudes of users from outside the organization. This traffic blending provides excellent cover and powerful deniability. Anonymizer Enterprise Chameleon or equal
0003- Static IP Address Management. 50 each
Licence protects the identity of government agencies and enterprise organizations. Enables organizations to manage their persistent online personas by assigning static IP addresses to each persona. Individuals can perform static impersonations, which allow them to look like the same person over time. Also allows organizations that frequent same site/service often to easily switch IP addresses to look like ordinary users as opposed to one organization. Anonymizer IP Mapper License or equal
0004- Virtual Private Servers, CONUS. 1 each
Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated CONUS Light Geosite or equal
0005- Virtual Private Servers, OCONUS. 8 Each
Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated OCONUS Light Geosite or equal
0006- Remote Access Secure Virtual Private Network. 1 each
Secure Operating Environment provides a reliable and protected computing environment from which to stage and conduct operations. Every session uses a clean Virtual Machine (VM) image. The solution is accessed through sets of Virtual Private Network (VPN) devices located at each Customer facility. The fully-managed VDI (Virtual Desktop Infrastructure) is an environment that allows users remote access from their desktop into a VM. Upon session termination, the VM is deleted and any virus, worm, or malicious software that the user inadvertently downloaded is destroyed. Anonymizer Virtual Desktop Infrastructure (VDI) Solution or equal.
Contracting Office Address:
2606 Brown Pelican Ave.
MacDill AFB, Florida 33621-5000
Place of Performance:
Performance will be at MacDIll AFB, Kabul, Afghanistan and Baghdad, Iraq.
MacDill AFB , Florida 33679
Primary Point of Contact.:
Phone: (813) 828-4729
Fax: (813) 828-5111
Adds Raw Story:
“A list of interested vendors responding to the Air Force contract for “persona management software” included HBGary subsideary HBGary Federal, further analysis of a government website has revealed.
Now you know. Or do you?
Because this isn’t unusual. In fact, fake people seem to be de rigeur.
Think about it.
Jon Newton – p2pnet
Raw Story – Revealed: Air Force ordered software to manage army of fake virtual people, February 18, 2011
p2pnet – HBGary ‘nearing completion of incident response’, February 18, 2011
Daily Kos – The HB Gary Email That Should Concern Us All, February 16, 2011
First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi
World War III will be a global information war with no division between civilian & military participation ~ Marshall McLuhan
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.