/All/
|
index
catalog
recent
update
post
|
/math/
/tech/
/misc/
/free/
/meta/
/test/
|
Guide
light
mod
Log
P13103
CIA niggers glow in the dark
Mon 2022-10-03 15:21:41
link
reply
cce59a4f9be9aa27e51ec006a5ce67281586ebb012e43b38bc06c82a55068fce.png
538 KiB 1000x985
https://www.reuters.com/investigates/special-report/usa-spies-iran/
What Hosseini didn’t know was that the world’s most powerful intelligence agency had given him a tool that likely led to his capture. In 2018, Yahoo News reported that a flawed web-based covert communications system had led to the arrest and execution of dozens of CIA informants in Iran and China.
Reuters located the secret CIA communications site identified by Hosseini, Iraniangoals.com, in an internet archive where it remains publicly available. Reuters then asked two independent cyber analysts – Bill Marczak of University of Toronto’s Citizen Lab, and Zach Edwards of Victory Medium – to probe how Iran may have used weaknesses in the CIA’s own technology to unmask Hosseini and other CIA informants. The two are experts on privacy and cybersecurity, with experience analyzing electronic intelligence operations. The effort represents the first independent technical analysis of the intelligence failure.
Marczak and Edwards quickly discovered that the secret messaging window hidden inside Iraniangoals.com could be spotted by simply right-clicking on the page to bring up the website’s coding. This code contained descriptions of secret functions, including the words “message” and “compose” – easily found clues that a messaging capability had been built into the site. The coding for the search bar that triggered the secret messaging software was labeled “password.”
Far from being customized, high-end spycraft, Iraniangoals.com was one of hundreds of websites mass-produced by the CIA to give to its sources, the independent analysts concluded. These rudimentary sites were devoted to topics such as beauty, fitness and entertainment, among them a Star Wars fan page and another for the late American talk show host Johnny Carson.
Each fake website was assigned to only one spy in order to limit exposure of the entire network in case any single agent was captured, two former CIA officials told Reuters.
But the CIA made identifying those sites easy, the independent analysts said. Marczak located more than 350 websites containing the same secret messaging system, all of which have been offline for at least nine years and archived. Edwards confirmed his findings and methodology. Online records they analyzed reveal the hosting space for these front websites was often purchased in bulk by the dozen, often from the same internet providers, on the same server space. The result was that numerical identifiers, or IP addresses, for many of these websites were sequential, much like houses on the same street.
“The CIA really failed with this,” said Marczak, the Citizen Lab researcher. The covert messaging system, he said, “stuck out like a sore thumb.”
In addition, some sites bore strikingly similar names. For example, while Hosseini was communicating with the CIA through Iraniangoals.com, a site named Iraniangoalkicks.com was built for another informant. At least two dozen of the 350-plus sites produced by the CIA appeared to be messaging platforms for Iranian operatives, the analysts found.
All told, these features meant the discovery of a single spy using one of these websites would have allowed Iranian intelligence to uncover additional pages used by other CIA informants. Once those sites were identified, nabbing the operatives using them would have been simple: The Iranians just had to wait and see who showed up. In essence, the CIA used the same row of bushes for its informants worldwide. Any attentive espionage rival would have been able to spot them all, the analysts said.
This vulnerability went far beyond Iran. Written in various languages, the websites appeared to be a conduit for CIA communications with operatives in at least 20 countries, among them China, Brazil, Russia, Thailand and Ghana, the analysts found.
CIA spokeswoman Thorp declined to comment on the system.
Reuters confirmed the nature of the intelligence failure of the CIA’s cookie-cutter websites with three former national security officials.
The agency wasn’t fully aware that this system had been compromised until 2013, after many of its agents began to go missing, according to the former U.S. officials.
Still, the CIA had never considered the network safe enough for its most prized sources. Top-tier informants receive custom-made covert communications tools, built from scratch at agency headquarters in Langley, Virginia, to seamlessly blend into the life of a spy without drawing attention, three former CIA officers said.
The mass-produced sites, they said, were for sources who were either not considered fully vetted or had limited, albeit potentially valuable, access to state secrets.
“This is for a person viewed as not worth the investment of advanced tradecraft,” one of the former CIA officials said.
The CIA declined to comment on the covert communications system and the intelligence failure.
Referenced by:
P13105
P13257
P13729
P13105
Mon 2022-10-03 15:48:54
link
reply
P13103
The website looks mirrored and outdated, but atleast no bloaty javascript, right?
Referenced by:
P13106
P13107
P13108
P13108
Mon 2022-10-03 15:59:59
link
reply
527d3d7d96715a79c37eaa3fb0aa72b0e655d177226a6809d1e0dbc3f4a4123d.jpg
105 KiB 1280x720
P13105
There's a bunch of obfuscated Javascript.
According to /watch?v=a6v3cT3b59A it launches a Java applet when you type in a password.
Referenced by:
P13110
P13112
P13257
Wed 2022-10-05 06:13:34
link
reply
P13103
I'm surprised they don't just use something mainstream and based in the US like facebook or twitter.
Referenced by:
P13261
P13387
P13261
Wed 2022-10-05 06:28:53
link
reply
P13257
They might. It would work well in countries where those websites are mainstream and not blocked.
P13387
Thu 2022-10-06 01:32:16
link
reply
P13257
Duh, Face and Twitter be like:
"Your privacy is safe with us."
P13729
Sat 2022-10-08 18:49:06
link
reply
>>
P13103
[bold:
Only chads watch Seytonic
]
https://yewtu.be/watch?v=a6v3cT3b59A
Referenced by:
P13732
P13732
Sat 2022-10-08 19:05:26
link
reply
4c47f55ce7f0047abd1475dfd774e64bfd9ad7ccbdd852e0bcb92629b5bb2cff.jpg
160 KiB 1280x720
P13729
Those North Korean hackers chose a great target to steal from.
Mod Controls:
x
Reason: