I was hacked yesterday.
On the scale of hacks, it was simultaneously trivial but meant to intimidate. Or else hugely inept.
I am on some politically-oriented listservs. They are all Google Groups, hence one has to have a Google account to post to them and receive messages from them. I also have one political correspondent who was very communicative a while back, and so I also filtered his messages into a separate folder. Generally I’m not a fan of filtering (I prefer to get everything in my main mail account) but these were two exceptions where it made sense to put them in a separate place. He uses Gmail. I set up both folders under my Gmail account.
Both those email boxes were gone yesterday. That does not mean the contents were gone, that means the folders were deleted and the messages were gone too (I use IMAP, not POP).
I am highly confident (to use the old Drexel formulation) that I didn’t delete them by accident. First, Macs give you all sorts of warnings for actions like that. Second, I only occasionally access those folders, and you have to highlight those accounts to do something stupid to them. Third, the removal of one could conceivably be an accident, but two? Particularly since these are the only two that are focused solely on political activity (by contrast, my main email box has so much spam, both genuine spam and news-related spamming, that the noise to content ratio is very high).
Now in fact while it would have been nice to have the messages where they used to be, I do have a backup, but I’m not sure I’m going to bother to restore them. I’m also not upset about the intrusion, since the content of the messages was hardly anything conspiratorial or revealing (and as we know from Snowden, the people we really need to be afraid of, the government, has this all already). The other thing a hacker might have seen is some of the participants of these various listservs, but again, I don’t see much/any unique information there (as in someone could find out 90%+ of this externally, from the blog and my Twitter account).
Now I am sure some readers are saying… but but but! Your computer was hacked! Yes, that does seem to be what happened. These were local folders, not mailboxes on Gmail. Plus I got no Gmail suspicious log-in alerts (Google tells you if someone is trying to log into your account from another location) which means this was not a hack using (or cracking) my password.
Even if my laptop was hacked, I keep remarkably little useful information on it. I don’t keep a current contact list. I don’t keep financial records on it. I don’t do electronic banking. I don’t keep photos on it (well, I do have an astonishingly large number of past antidotes, plus screenshots of various charts that have gone into posts, and a very very few personal photos, pretty much all official headshots. So tons of noise and just about no signal there).
The more interesting question is therefore what this signifies. Deleting two folders both politically-related, is either very clumsy or intended to send a message. If the latter, even though I regularly harass banks, I doubt they’d be that interested. I don’t do much original reporting, as opposed to interpreting and sharpening public domain information. Banks are more concerned about what runs in the New York Times or the Washington Post or USA Today (or until recently, Rolling Stone). Blogs are ankle-biters at most and I doubt they see them as any threat. By contrast, I’ve been told our efforts have been helpful in at least for now stymieing the TransPacific Partnership, and we’ve also been consistent critics of Obamacare. My sense is the Democratic party feels vulnerable on the Obamacare front, with the Senate majority at risk in the midterm elections and the Republicans pounding on that topic (as confirmed by the frequency of the attacks in Democrat-favoring blogs on the MSM stories critical of Obamacare). So the odds favor this being someone who is not happy with our political writings of late. Note that the Project on Government Oversight, clearly a more influential group than NC, had a break-in that looked designed to intimidate rather than extract information. So this may be the fashion of the month in incursions.
Nevertheless, this sort of incursion is the cyber analogue of the sort of penny-ante predation the banks engage in routinely, like charging 3% for foreign exchange transactions. Yes, you can get a separate no-FX charge card, but if you are busy like me, and you actually do buy once in a while from foreign sites, it’s altogether too easy to forget to check to pay that weirdo card you hardly use and incur more in late fees than the 3% ripoff on your regular card. Or how about the $25 account charge if you balance drops below a certain level? I had that happen all of one day in one month last year and was royally pissed, and it was due to the order in which they credited charges versus deposits that day. Not worth fighting it.
Remember, if my aim was to end vulnerability, I can’t secure my communications by myself. I either have to encrypt (which requires two party cooperation) or at least get my most important correspondents on a more secure mail service. And I can’t participate in these very useful Google Groups. And if you’ve got a determined, well-connected intruder, we now know computers have backdoors at the Bios level. How does a mere mortal like me contend with that when even the hard-core techies seem flummoxed?
So just as we’ve all become resigned to having banks take more than they deserve, most of us are similarly resigned to routine snooping (the capture of data by vendors, use of cookies, etc). Those of us who are more visible on the Web face a correspondingly greater level of exposure. It’s just not possible to be secure and be on the Web, and I may accidentally be a little less at risk than most people in my shoes, not by virtue of great planning or even adequate defenses, but simply by not having migrated as much of my life to the computer or even a stupid phone as have the overwhelming majority of Americans.
96 comments
Comments are closed.
Do you use separate passwords for each website? If someone can delete specific folders, it’s safe to say they put a keylogger in, and if they get one password that could be the end of it for any account you use it for. I really recommend wiping the drive and reinstalling your OS. Consider using a Linux image on a virtual machine for doing anything sensitive (like checking your web banking), given the nature of the work you do. Anyone you know who is the least bit computer-savvy can help you do this, the difficulty is 90% in the setup. (apologizes if I’m overexplaining/mansplaining here; as a programmer I’m used to the “giving more information saves time” approach)
Today is the day for journalists to step up to the computer security plate. It’s a shame the phrase “information war” is already a hackneyed buzzword but it’s getting more and more descriptive all the time.
We live in a rough world with people who will hurt you one way or the other if you step on their toes. This is why opposition movements need to be distributed and very broad-based and without leaders and that’s a rough organizational model to work.
One thing that may become necessary over time is that we may have to create private network-fortresses and hire our own network admins to run them particularly if you are as high profile as you are. One of the virtues of this site is that you are more dangerous than most other bloggers because you are attacking the foundation of the Deep State, have inside knowledge and are articulate.
Interesting that you should put it this way. Bruce Schnier has been arguing for a while that the internet’s gone medieval on us:
https://www.schneier.com/blog/archives/2012/12/feudal_sec.html
https://www.schneier.com/blog/archives/2013/10/the_battle_for_1.html
Hiring a local sysadmin (like hiring a knight errant, maybe) solves the problem of acquiring adequate expertise to address the problem, but doesn’t escape the problem of _his_ fealty, nor the general problem of who keeps an eye on the guardians.
Maybe’s Yves’s experience was a prelude to a sales call? Except now NC will be swamped with security service sales calls.
I would posit that if you don’t OWN the bit pipes then having your own sysadmin is not going to get you that much protection.
The other thought that crossed my mind as I read Yves posting was her comment that “…most of us are resigned to routine snooping…”, is that we are on a fairly slippery slope of accepting the encroaching police state……is the water boiling yet?
Precisement, comrade. Schneier’s ‘feudal’ is not only metaphoric, it is analytically descriptive. Our resignation is the despair of subjected. Welcome to the dark ages.
Years ago, after setting-up my first wireless router at home, my laptop was hacked.
The result was that when ever I clicked my mouse, whether right or left click, whether attempting to open an application or display a menu, a small message box appeared with a single word;
“Steven”
It was a gentle, but impressive hack, and it taught me a lesson we all need to understand.
After cleaning about a hundred registry keys referencing the name “Steven” I was back to normal and glad to have had the experience.
Which lesson did you learn?
Are you cowed now like a mouse living under the gaze of a cat. (Wee, sleekit, cow’rin, tim’rous beastie, O, what a panic’s in thy breastie!)
Or has it somehow liberated or emboldened you?
[serious question]
The lesson I learned was about basic internet security.
Did it change your behavior?
Not a hack. You most likely left your network open and they used a simple DOS command.
This is very old way to spook people.
http://technet.microsoft.com/en-us/library/bb490710.aspx
It’s still easy to get into a wireless router.
Any router with WPS , WEP, WPA enabled as security is defenseless.
Google does not always send a notification. It seems to be based on locations when and if they do. You ned to look at the logon activity log under accounts.google.com. I also doubt that someone hacked into your Mac although you could run a real maleware/AV to see if there is anything suspicious on it.
You need to use 2 step verification on Google accounts as they get hacked often. I see it in my line of work constantly. User names and password combinations are often stolen from one site like just recently at Kickstarter. Those stolen user names/password combos are then sold to anyone over the net and then hackers try the combinations on email sites.
To quote James Bond (Ian Fleming): “One is happenstance, twice is coincidence, three times it’s enemy action”… and I, personally, don’t believe in coincidence. The NSA has us all by the (insert anatomically correct / socially correct reference here) or URLs. Or Gmail doesn’t like you, ghost in the machine. When you coming out to Kuala Lumpur / Singapore?
At the same time, my experience with computers is that sometimes stuff just happens, seemingly all by itself. Obviously there is an explanation involving keystrokes and bits and bytes, but in the end, there is not necessarily spooks on the other end of the line pulling your chain, it really is just a ghost in the machine, or maybe an inadvertent perfect storm of mouse mis-maneuvers.
As an electrical engineer friend once explained to me, in the realm of electronics, some things are only explainable as FM.
Freaking Magic.
An online service is far more constrained in its inputs and outputs than a desktop OS, and more likely to be paranoid about deviations from expected inputs. The chances of such a Google service just up and losing something so small and so particularly circumscribed without damaging anything else “nearby” are low, based on the above-average quality of their FOSS code. It is reportedly about as simple as assembling a bad X.509 certificate (OpenSSL and a hex editor) and acquiring a “privileged network position” (pwning your router/AP, or one along the way) to pull a QUANTUMINSERT-type race attack against OSX, though less exotic attacks like DNS cache poisoning and cross-site request forgery could also serve the objective of deleting two email folders.
Sure, you can sometimes chalk it up to bad record-keeping on software’s part, but just because you’re paranoid doesn’t mean they’re not out to get you. History shows that those who present credible competition to incumbent power do tend to get forced out of the game one way or another; those people are wise to develop a security regime that fits their particular threat model, not the average threat that most of the rest of us chickens see.
Dmitry Orlov once suggested that forging an alliance with someone who’s credibly menacing and just a *little* bit crazy is a sensible personal precaution in tough times that ain’t gettin’ better.
It just occurred to me that these spooks could be doing us a favor. They might be forcing us into a life of total transparency.
We may think of ourselves as a privacy-loving species, but from what i understand of eastern mysticism, perhaps privacy is the lair of the ego; transcendence lies in the other direction, freedom can be found in complete transparency.
This could be the first step towards the great mass awakening I have been hearing about. Surely we are already learning to surrender the illusion of control.
The good news is, privacy will be pushed back into the material world of personal intimacy. We will be forced to communicate out private thoughts through silent touch, shaded glances, the softest of whispers.. that doesn’t sound all bad.
Boy, it’s almost like we are being trained to use telepathy for communication… hey now…!
Surveillance isn’t about privacy; it’s about power. Unfortunately, instead of liberating everyone, the internet and computers increasingly look like they’ve put power into the hands of a small legion of connected, passive-aggressive computer geeks on power trips somewhere in the basements of Maryland and Cheltenham. This is working out, about as well as you would expect.
Meanwhile the security and stability of Western states is imploding in the face of mass criminal behavior in the finance sector. The most annoying thing is that these geeks could be doing something useful, but consciously choose not to. And the Devil makes work for idle hands as the saying goes.
Exactly. The small time pathological geeks and big time pathological rulers and driving us towards some sort of major social change in consciousness. Which direction we go is the mystery.
As for the penny ante geeks, I am sure the spooks have them all pumped up with self important flattery, patriotic rationalizations, perks in the break room, and excess pay. Those kids are puffed up fatter than a fourth grader with a brand new hall monitor vest.
If only they had the ethics and sense of social responsibility of a 4th grader.
It’s a bit, um, “faith-based” to assume the change they’re leading us to has anything to do with our interests apart from theirs, either individually or collectively. Remember what Seneca had to say about religion?
Odds are that They will always and forever have secrets because they’re special and unique snowflakes (according to themselves).
If you haven’t read Dave Eggers’ latest book, “The Circle,” you might want to check it out. How much transparency is too much is the main theme.
Transparency == Freedom.
There’s a reason why privacy is the 4th amendment. I hear a lot of “patriots” say well if you have nothing to hide, why would you care about privacy. If you only do what the government wants… especially out of fear… are you free?
If they _really_ want to break in, they’ll break in. No two ways about it. The best you can do is make it difficult for them breaking in alone to do all that much damage to you. Hence, backup often, backup well. (By the way, quite apart from “them”, is the simple risk of hardware/software failure, which backups also help mitigate).
Hard to say in this instance. A lot of recent revelations about the NSA reveal an organization which bears an uncanny resemblance to an online trolling group like “Lulsec”. Reading many of the revealed NSA documents puts me in mind of recent college graduates upgrading themselves from Animal House pranks. The general behavior of bankers and persons affiliated with them also does not speak of organizations possessed of tact. Quite honestly I sometimes think the behaviour seen in the 1998 film “Enemy of the State” has become the accepted standard for a lot of people in this field; such behavior should be contrasted with the PI sector and professional cryptographer.
Hardcopies.
Strictly speaking, Google should have a record and backups of most of your files. But personally, I would rate your chances of getting Google help as less than the deleter suddenly deciding to FedEx you files with a return address.
Before getting too worked up over this, remember that despite its technical sophistication, cyper-hacking essentially amounts to a very passive-aggressive type of attack. Men who think little of breaking into high security databases and personal file will give pause before doing so much as stealing from a letter box. Like all criminals, the primary deterrent is the risk of detection, and white collar criminals are highly risk adverse.
I would rank this behavior as passive-aggressive intimidation or gas lighting (you sure you didn’t press delete!). To be honest Yves, if I was someone who wanted/needed the buzzing gnat of the nakedcapitalism writers to be swatted, I would use the “Moscow method”, which as any Russian taxi driver can tell you proceeds as: Hire assassins A to eliminate the targets, assassin B to eliminated the evidence of A, then assassin C to clean up assassin B, etc. Anyone who hacks into your inbox only to crudely delete two obvious folders, clearly lacks the subtle nerves needed for anything so serious.
At some point, you’d think the first guy would be, like: “hey, I’m assassin A, aren’t I?!”
If I wanted to disrupt Yves, I’d go after the site functionality, her research and drafts, and comments section. I’d definitely hack the site admin and change the access, close the account etc.
Amateur stuff. Too obvious.
A really effective hack would leave passwords unchanged and the site still up, but would alter the contents of posts and documents in subtle ways, deleting or moving a small number of posts, files, etc. Carried on for long enough you could _really_ gaslight someone quite badly.
However, such a strategy would required actual commitment and work. Neither of which is on display in this particular boorish deletion.
By the way, I suspect that this migration of people’s entire “lives” entrusted to a single platform (Google) without a net so to speak, is going to end in tears for a lot of folks.
Perhaps this is part of the preparation for us to learn to cut the cord. (See my post above, tongue in cheek (sort of) about transcendence).
Linux user here and hardly a computer expert but you may find this interesting.
http://www.zdnet.com/apples-goto-fail-needs-a-massive-culture-change-to-fix-7000026783/
Hi Yves, it’s a shame that you have experienced this nuisance. I guess you can feel flattered by the annoying attention. This was news to me:
Wow! I was not aware that Matt Taibbi had moved on! But it says so on the Rolling Stone web site.
He’s at Firstlook.org with Greenwald, Poitras, Scahill, et al.
if you have a built in webcam and/or microphone make sure to do something to disable them. tape over the cam, and super glue in the mic, or remove the drivers for them. and if possible restore OS from clean media. Also that PC could be used as a launch pad to attack others in its proximity on internal home networks. It makes less and less sense these days to browse the web from our main PCs. Someone needs to create a small secure web browsing device that you remote desktop into. Maybe a chromebox like thing, or a VM hosted on a provider that refreshed every day and kept updated always.
Is there any sort of self-monitor that you can install? A keystroke logger that tells you everything that is communicating, and where, and every action that is taken on your computer? Seems easy enough to find out if your PC is up all night spamming someone else. Or if a connection comes in from the outside and sniffs around your files.
Of course, that log could be hacked too. And you’d waste a lot of time finding out how much your supposed vendors are snooping on you.
Little Snitch is the app for that.
http://www.obdev.at/products/littlesnitch/index.html
Look into OSSEC or AIDE
Yves, I trust you’ve read Glen Greenwald’s latest. Sounds like you may be in the crosshairs of online spooks. Beware of honey traps.
There’s something else going on here. If your system were compromised, why alert you by deleting two mail folders? This sounds like an IMAP client issue or a system glitch. If you do believe you are compromised, then I’d suggest you buy a new hard drive, install a backup on it, and send the old drive to a forensics expert (which would be prohibitively expensive). You can check your system logs for any unauthorized accesses via ssh and use netstat to check for any suspicious outbound connections. Yes, systems can be compromised at the BIOS level, but currently only nation states do such compromises. There is little to be gained by compromising your system other than stealing your credit card information. Your bank will alert you if your credit card is compromised.The NSA/FBI has easier methods to snoop on your communications through your ISP and hosting service, i.e. compromising the email server you use. Macs are still pretty safe because there’s not a lot of malware written for them. As far as I know, GCHQ hasn’t targeted you for a character assassination yet, so you are probably okay there. Still, if you want peace of mind, it may costs you. Good luck.
Mac’s are not very safe actually, since Apple fell for its own PR. There’s been some very serious security problems (which Apple is still pretty silent on)
With due respect, jbmoore61, you don’t understand that power is not in the compliance, but in the coercion.
I have been wondering about the status of digital “proof” anymore. Now that we know that “they” seem to have access to all our online and other digital files, deletion, insertion, alteration, history restructuring and so on all seem possible in a paranoid state. I am no IT expert, but this seems to set up a situation where none of our digital content can any longer be treated as 100% evidence of anything. If your files could be deleted, I assume somebody could as easily have added scurrilous files. I wonder when this will show up as a defence in court?
I dunno, despite ample evidence of faulty lab work on dna, doubts about fingerprints uniqueness, planted evidence by cops, false convictions and whatnot, I see no change in the religious reverence in infallible criminal proof.
That was fraudulent and false forensic DNA lab work which is a crime. DNA based evidence is rigorous and proven when done properly. It is one of the few forensic techniques that has been scientifically proven to work.
“when done properly.”
Yeah, independent rating of securities also works when done properly. In the case of crime labs, as with much these days, the incentives are perverse, and the mechanisms for oversight problematic.
This is why a foreclosure based on MERS should NEVER happen.
I need to boost my internet and laptop security.
Not really sure what that means or how it is achieved and it’ll likely have to wait until after tax season! If none of that important data is kept on your laptop, where should it be kept? Travel drive that doesn’t offer internet access? I should be changing all my passwords to something more original. That I can do today.
“Banks are more concerned about what runs in the New York Times or the Washington Post or USA Today (or until recently, Rolling Stone).”
Don’t sell yourself short, Yves, by underestimating your influence. The Gray Ladies still have a lot of influence, but if you really want to know what’s happening in economic or diplomatic circles you don’t read Pravda or Izvestia–at best they’re for reading between the lines and parsing the doublespeak of officialdom from the few nuggets of truthiness. No, to find out what’s really happening you read specialist blogs, which exert their own influence among a large group of tastemakers. With few exceptions,* the US government doesn’t reach out and touch people like someone did with you. Instead, it appears to bear the hallmarks of a hacker working on behalf of a security chief of someone who is sickantired of reading the things you write, and being incensed that their employees and competitors could have free access to it. They’re accustomed to control and if they don’t own your mortgage or have some angle on to you, they do creepy and self-incriminating things like the digital equivalent of snapping a bra strap. They don’t have the same procedures as, say, FBI or NSA to prevent them from indulging their peculiar adolescent social vulgarities. Alternatively, it could be a political ideologue, probably of the propertarian stripe, with hacking skills.
*There for a while it looked like the keyboard brigade connected to the Pentagon was engaging in all sorts of trolling, sock puppetry, nasty online subversion techniques.
Probably just Mavericks. There have been plenty of issues with gmail and Apple mail interaction ever since Mavericks was introduced. Things like disappearing and reappearing messages, IMAP sync issues. Do a search on the apple support forums and you will probably find your issue.
No, I’m on OSX 10.6.8, hence no Mavericks, so that can’t be the cause.
Interesting info from you, Yves. I’m running 10.8.x, a/k/a Mountain Lion (on the computer I use most often), and had heard/read so many negative reports on 10.9.x a/k/a Mavericks, I’ve held off upgrading for quite awhile. Glad to hear this since it eliminates a small subset of the possible ways in which you were hacked.
–Bob
Yes I’ve seen no good reason to upgrade, and I’m staying on OSX 10.6.8 until I am forced to upgrade by getting new hardware.
Just a Mavericks bug.
https://discussions.apple.com/message/23571630#23571630
Nope, wrong guess.
I don’t (can’t!!!) use Mavericks because I am on OSX 10.6.8. To run Mavericks, you need 10.9.
http://tidbits.com/article/14219
Yves, Sorry for the multiple posts about Mavericks. My comments from the iPhone didn’t seem to show up so I reposted (then they showed up later).
I would still suspect Apple Mail >> Gmail funkiness over any kind of hacking. There have been many issues back before even 10.6.8 of disappearing reappearing folders etc. I imagine Apple mail is getting confused with the labelling of those extra folders you were using to sort that one thread.
This article outlines a similar syncing issue.
http://jeromeperakis.blogspot.com/2012/05/solving-gmail-imap-empty-inbox-in-apple.html?spref=tw
Might be something else depending on your individual setup, but my guess is definitely gmail/Apple mail flakiness over anything nefarious.
Or it could be something stupid like this solution I found. I’ve done this kind of thing before :-)
“I had a similar problem [missing folders] which was resolved when it was pointed out to me that there is a HIDE/SHOW toggle connected with the GMAIL heading and the ON MY MAC heading. Inadvertently I must have clicked HIDE on either one of these. So when i rolled over them again and toggled HIDE back to SHOW and clicked on it, all folders were restored.”
Yves , might not be a hack. Could be a sync issue if you use multiple devices to access the folder.
Google’s IMAP folder handling is a little flakey .
FYI there are backdoors at the microprocessor level. After the Pentium recall Intel implemented a way to place microcode directly to the processor in case the same thing happened again.
“How does a mere mortal like me contend with that when even the hard-core techies seem flummoxed?”
Based on what you posted your security practice is better than most.
The only thing you can do is always assume you are always using a public computer.
And always remember security is inversely proportional to ease of use.
NSA’s own whitepaper on security states the only secure computer is one that is unplugged, encrypted,password protected and inside a locked room.
…and crushed to a paste like consistency.
Well, you can actually control what you send from your computer out. Say you can run prescreened/customized minimal linux on say Amiga A1200, which is quite old kit and wasn’t planned to be connected to internet so it’s unlikely to have NSA hardware/bios backdoors.
What is close to impossible is to make sure that what you sent is what gets to where you want it, and that only people you want to see it see it. It could be out even as close as your home router..
Which makes the first point (controlling what you send) a bit pointless exercise.
Inconsistencies in the way Google and Apple deal with IMAP have been a source of constant trouble for users during the past year or so. Basically, IMAP options are interpreted differently by gmail and MacOS, resulting in incoherent overall behaviour somewhat reminiscent of what you experienced.
See:
https://discussions.apple.com/thread/5530714
http://arstechnica.com/civis/viewtopic.php?f=19&t=1222267&start=40
Hence not necessarily a NSA hack.
Thanks but I’ve never had any such trouble before and it was limited to two email boxes. And I made no OS upgrades or had any interventions on my end. I turned in, they were there, I got back up and they were gone when I went looking.
Plus given that these were folders, which is not something Gmail recognizes (as in these folders did not exist in Gmail) it seems more likely that this was a hack into my machine, not a hack into Gmail.
I’ve found my other mail host to be flakier than GMail, as in losing entire blocks of messages in certain date ranges.
If your website would consist of nothing but positive articles about our dear leader President Obama that show how fabulous President Obama is and how all of his policies will lead all humankind directly to absolute global nirvana maybe you wouldn’t have these kinds of problems.
Didn’t Gandhi say, “First they ignore you, then they laugh at you, then they fight you, then you win”? Well, it appears we have entered the fighting phase of things. Gird yourselves, friends, we may be in for a tussle!
I just bought a new mid-level computer. I now have 3 computers. This new computer has absolutely no internet connectivity-as far as I know. And I don’t intend to ever connect it to the internet. I have a plug-in harddrive if I want to move something, anti-virus scanned, from any of the other internet computers to my new computer. Hopefully this new computer will remain clean and private for a long time.
That would be the only thing I could think of, as a total non-techie, that might do the job.
Maybe the spooks just wanted you to waste time writing about how you have been hacked…?
I thought this appropriate since the topic is surveillance, intimidation, etc. https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/.
What would bother me in your shoes is that this is a feint for something else. I agree that the possibility of this being chance is very small. I assume you have access to knowledgeable tech people regarding security and I would consult them for what you might do to be as sure as possible that your machine(s) is/are clean. If you own other computers, don’t assume that your laptop was the only target. Also note that there is about the same amount of malware for Macs now as for PC’s – it’s simply better kept from the public.
Also, don’t assume that this is some big entity and/or even if it is that ordinary (not too time intensive) precautionary measures are useless.
BTW, whatever you get out of Google, and I don’t argue it may be worth it, you pay dearly for nevertheless.
“don’t assume that your laptop was the only target… ”
This covers a broader point. Just yesterday we had that ridiculous chart from the NSA/GCHQ that Snowden leaked, full of psycho-babble, but it stressed the power of DISTRACTION to mislead.
So by getting you to concentrate on the mildly annoying and relatively trivial deletion of a couple of files, they might have used that as a way to get you to ignore more subtle approaches for the more important stuff…
Perhaps this is just paranoia, but I’m surely not the only one these days who’s seeing the sorts of things happening in real life which we’d previously thought belonged in political fantasy.
The political tide seems to be turning your way. I doubt you were hacked by those who are winning the new argument, which is all to do with how we go forward economically. Naked Capitalism is the voice of reason compared to 99% of the stuff out there. And the banksters, who are merely pawns in the big game, just do what they are told. Hacking would be pointless for them. If you were hacked it was by someone with a very narrow purpose, maybe watching your 2 correspondents more than you. I guess its possible that the NSA is just checking to be sure you don’t have a hidden agenda. But they are so ubiquitous they should have found that out some time ago. Everything is changing fast. Two days ago there was a blurb on CNBC about an economics conference (maybe the latest IMF) that was attended by stars like Larry Summers and Marshall Auerbach. They put MA on a clip against Steve Liesman. Liesman tried to pitch the banksters position that we need a 4% interest rate to push the economy forward and MA said no no no, only 2%, otherwise we’ll wind up with “financialism” again. This on CNBC?? Liesman looked like he had been hacked.
OSX update came down yesterday. I upgraded a computer that was running a popular video communication service that said it was on for many weeks on end. It couldn’t be trashed because it was running. No one has used it, so I must wonder of it turned itself on, and the mic and camera.
To some degree I spent some time doing covert surveillance. The limits on the tech side involved some crude bugging and a GPO (the former UK telecoms outfit) box that traced landline phone calls from a suspect giving you the network. In those way back times, there was a great joke. The KGB had laid an intricate network into the UK that interfered with all our communications. It was called the GPO. Jokes age too.
You quickly learn (as a cop) that information comes in gold, silver and excrement forms. These days the national intelligence model has seven levels. I never discovered how to distinguish quality in information that I could model. We were heavily reliant on CHIS (covert human intelligence source), which was pronounced Chizz and uttered in a contempt tone. It was a seedy game, eventually relying on a dirty hands or noble cause form of personal morality. Do you take drugs, sleep with people or even kill when undercover? The answer is ‘yes’ against burden of power considerations. Yet what if you have been put undercover in an animal rights movement and you are sleeping with a woman who thinks you are a comrade? In fact, it’s all dirtier even than this, even at the level of local criminal investigation.
I don’t know what surveillance NC attracts or the dirty tricks Yves or any of us might suffer. They can use the paranoid card against us even for suspecting. Yet back in times when it was rare to find a cop who could type, let alone use a computer, I know we had databases no one here would consider legitimate. After serious injury, I left policing to do a postgrad course. I found people I ‘knew’ in innocent group of my new milieu. One in particular, a truly decent family man, had a large file simply because of ‘union activity’. There was nothing to know about this guy other than his thorough decency. His file had been littered with phrases like ‘conspires with’, ‘trouble-maker’ and so on. It was of the same form as files on known crooks we should have files on, only more resources had been expended on its production. If I was still doing the same work (please don’t get the idea I am the kind who would have taken a job ‘infiltrating’ decent people) now, one can imagine me, say, sitting next to anyone in here at a conference dinner with a thick file flashing through my mind.
All this starts in modus operandi and collation systems on crooks and “real threats” it is hard to think we can do without, I’ve worked on databases that crunch masses of information in search of child abuse and other activity we have no problem in regarding as criminal, which have led cops into better ways of recognising the crimes, how to investigate and prosecute. Yet, as is standard with technology and record-keeping, there is positive and negative use. I don’t think we can get to an abstract justification in such grim, dirty hands situations.
I understand the reasoning (and plight) of a pilot faced with, say, shooting down an airliner before it crashes into the WTC and would push the button myself. One hopes I would take the same decision to shoot down a drone heading for a Pakistani family – these issues are anything but simple. What we have done is conflated simple versions of crook and terrorist dirty hands situations to justification of Gestapo-Stasi methods that stretch back to the Byzantine Empire. We end up, not with evidence, but Bliar and his ilk telling us the impenetrable like he has made his peace with god (having converted to a religion that allows absolution).
I’d like to be able to say that any file on Yves and any action against her or NC is just hackers (question – where would any criminal complaint be entertained and investigated?) -or some kind of routine surveillance to ‘protect us all’, quickly dismissed and always inadmissible. I can’t remotely say this. Yves is “more dangerous” than the guy I mention above (Banger, incidentally, sounds a lot like him). Rather than seeing information on us all in the hands of a majority of decent operatives in the police and security system (let alone commercial interests – one might think ‘copmercial’), we should view the situation as a severe legitimation crisis. If we think Yves’ complaints are ‘small’, then how small is it to tweet a joke to a girlfriend containing an obviously non-threatening joke about burning down an airport and finding yourself convicted of a serious offence (dismissed only on second appeal after public outcry)? In pen and paper days an outfit called The Economic League kept records on trouble-makers that could be searched by potential employers. Now one can be excluded by credit search. In the era of the instant database, imagine me as first on scene at the disappearance of a couple of young kids at Soham (murder case – googles). I could find more information on Yves than relevant information that should have been kept and collated on the killer Huntley and was not (and might save such children).
We need some very different public arguments on information than those that reach main media. Most of us no doubt believe Yves raises something important here. In another mind set, the questions she raises would be presented of evidence of her paranoia, a character always suspecting what isn’t there, playing to an audience of malcontents like us. As a cop I could set myself on your trail as a murderer, rapist, drug-dealer, be set to take photographs of fifth-columnists (like union organisers, political agitators), yet barely have the resources to deal with local thuggery and life-blighting and have to get Treasury permission to investigate the financial class. The very idea that we have fair ways to collect and use information is a non-starter. Attacks on NC unlikely other than by some geeks? Well who on earth would ‘attack’ union leaders, or someone complaining about police, or any whistle-blower? It just doesn’t happen does it, surely!
This is the [art that infuriates me the most. Police time and powers are wasted on frivolous surveillance, while very serious violent and damaging crimes go investigated. I’d be interested in hearing the dynamics behind how police and other investigative officers find themselves assigned to beatniks and wobblies instead of drug dealers and mortgage fraudsters. Who and what is behind this mis-allocation of resources?
Because surveillance is about disruption, control, and spreading terror. And from the perspective of the state, a bunch of orange haired kids are far more dangerous to the system, and an entire industry of financial pirates. The bankers are just thieves, but the anarchists, they have ideas.
I can’t give the full reasons here OMF – McMike gets a bit of the way. I spent most of the last 20 years as a university teacher and most people struggle with the massive waste of resources in academe. With 5 colleagues (including admin) I could provide a much better business studies degree (all of it) with more personal attention and social provision at a tenth of the cost of UK/US fees. Based on us teaching 210 students in each year, the savings are more than £5 million.
You are right on the cops and every other agency I worked with. If you are a disabled person (or anyone else) victimised by anti-social crooks to the extent of taking your life and that of your child (Fiona Pilkington) the truth is you get squat. Worse, whoever this victim is now still gets squat after the scandal. No lessons get learned, other than it being a good idea for management to claim they are being learned.
It seems impossible to think a police force can put resources (and undercover costs are vast) into spying on union people and your average ‘swampie’ protesting fracking. One might look back to surveillance and treatment of the suffragettes here. And yet not deal properly with problem families, or even think of a murder charge on the likes of those who drove Fiona Pilkington to her death. I can’t even begin to tell what we did in Northern Ireland over what was really a valid civil rights process, but suspect the same misallocation of resource problem you raise is a key factor.
Some of it needs the label “nutterdom”. 40 of us once spent a whole day and night being driven round in vans, the highly important and dangerous operation we were on a secret until be dived into a local Labour Club to break up an illegal bingo session. I kid not, and this was only the first in a series of such “important” raids. In the bingo example, the offence was selling 10 goes for the price of 9 (this was an offence under our then gaming act), but we didn’t even prove that. There were only 5 people in the club and none playing bingo. We raided toilets to arrest homosexuals (mine all escaped, including a detective sergeant from Wilmslow) and in a famous 60 man operation, arrested 3 blokes for after-hours drinking, all of whom sued as they were residents in a private hotel. At the same time, most cops went alone into dangerous situations and rape complainants faced a total ‘you shouldn’t be bothering us with this’ cold shoulder.
The question of how we get senior cops making these stupid decisions (the chief constable in the time above called himself a prophet of god not unlike financiers claiming to do god’s work) or ‘academics’ incapable of modern course delivery is key in the information debate, including how we can trust anything they say on not abusing intrusions in our privacy. How can we trust people, who aren’t getting obvious financial crooks to jail, not to railroad us on establishment whim? And if they are so good at getting the right information, why are there no financial prosecutions worth spit?
I’m afraid the answer is we have almost no public scrutiny and this may be down to our bewitchment on what privacy is. Would you want to trust the idiot behind the bingo raids with any information?
I remember back a couple-few decades when the local cops and university cops ran a months long multi-man sting operation for drugs on campus. With a great of fanfare they arrested a half dozen undergrads at 4 am for the crime of “visiting a common nuisance” which means being present at a party and smoking or watching pot being smoked while an undercover narc was in attendance. That’s all they could come up with.
We had a a cop from the drug squad infiltrating the smokers common room in my sixth form college in the late eighties. We used to smoke a bit of ganga (as you do) occasionally.
This guy in his mid-twenties turned up halfway through term and started be-friending us, then left a month or two later when he discovered we were just a bunch of dis-organised stoners.
We sort of suspected something was amiss at the time, but got confirmation a few years later from a local cop.
Probably just worth mentioning in our spree against late night drinking one of the pubs had a dozen cops in it, three actually on duty.
No problem, all we need is a new Supreme
Jokecourt, a new Senate, a new House, a new President, new party system, new military industrial complex, and a different financial system than monopoly capitalism,…, for starters.I wonder if the intrusion had anything to do with that post about global warming?
It really could be a bug on Google/Apple’s end, a malware infection, or it could also be a blackhat using the latest exploit that’s been discovered. I don’t think Apple has patched that exploit for Macs yet. Unless you have logs of any IP address / port activity before and after the deletion there is no accurate way to tell whether it was a bug, blackhat, and/or a spook.
I wouldn’t worry too much about it. Just as long as you didn’t have any sensitive records on the computer that got hacked. If the intelligence community wants access to your data they can get it in a variety of different ways. It doesn’t matter whether you use TOR or any other encryption schemes. The only thing encryption does is prevent them from having mass surveillance capabilities on every user at once. They’ll break any single individual’s encryption manually.
The other reason why is that’s their standard operating procedure. Spread fear and/or paranoia. It’s one of the reasons I am not overly fond of conspiracy theorists. If I was working for the intelligence community I’d have a lot of fun f—ing with those people.
TOR (The Onion Router) is not so much an encryption scheme as a routing scheme for anonymity that uses encryption at many different levels (skins of the onion) of data transit to strip out and hide any any identifying information. Basically it scrambles who sends what to whom and who gets what back thereby providing anonymity more than but along with data protection from decryption of a given hop in the data transit.
http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29
There are ways for the NSA, say, to make educated guesses, but up to recently, even Snowden claims this has been one of the few if not the only effective strategy in thwarting surveillance. Of course it requires that you have a clean computer or device and it requires that the TOR servers also not be compromised. The requirements to make this work effectively makes each degree of confidence in avoiding surveillance progressively expensive in experience and cost to set up and to maintain. It also makes you subject to curiosity on the part of the surveillance agencies though this has been mitigated somewhat by the increasing volume of TOR users.
Gmail shows you the last account activity here
https://support.google.com/mail/answer/45938?hl=en
Not a techie by any stretch so I’m going with…
A not-so-subtle prodding from the Military-Financial-Complex. Assuming I live a few more years I fully expect to see the day when NC is removed from the web by the NSA, or at least blocked from access here in the U.S.
A couple comments here. First, the timing is interesting (TPP & NSA incursions).
Second, my experience tells me that acts like these are first piloted, analyzed, and then gamed to plan for future responses. As we see some of our most articulate and dependable minds congregating in similar spaces (Scahill, Greenwald & Taibbi), (Democracy Now, Bill Moyers, The Real News) and (Heterdox alliances amongst a few special and popular blogs), we might expect a patterned response in the future.
Third, solutions reside and will be nurtured in the public and private conversations that result from articles. Thank you for alerting us (as if you have not being doing this for years) to this information.
Lastly, for me, finding ways to name to names in public is an important part of creating change. The fact that many of these operations hide in secret or that people participating in the act of spying, stealing, or harassing citizens are protected by anonymity is the single biggest factor allowing it to continue. This is all of our work.
Re: your “Second” option
That’s what occurred to me, too–a test. Watch Yves’ response (does she notice? does she blog about it? how much does it bother her?) and others’ responses and suggestions.
I think that makes sense. It also accounts for what would otherwise be the stupidity of deleting the directories instead of simply sucking up the data; it sends a message.
Using my gmail account to post this ;)
Don’t know if you saw this article by Luke Harding
http://www.theguardian.com/books/2014/feb/20/edward-snowden-files-nsa-gchq-luke-harding
Self deleting seems to be a paranoic meme these days…
hehe,
D.
Maybe it was a nice bot.
Maybe it took from you what it thought might harm you.
Ya know–remember on the tv show “Mission Impossible” from the early 1970’s? “This tape will self-destruct in 5 seconds, Jim.”
Maybe?
Maybe it left some Love Potion Number 9 :-)
In spite of having my telephone on the Do Not Call registry since 2003 I am now getting 4-6 calls a week from what CenturyLink says are untraceable numbers….including some from non-existent area codes. I got local police to issue a case number so that CenturyLink could put a trace on the line for two weeks and all they were able to say at the end was, yep, we just don’t know where those calls are coming from. It has encouraged me to filter my calls and I am keeping a log of the harassment for grins.
Are others in the NC community having similar experiences?
Sorry to hear about the hassle factor for Yves but am not surprised and expect it to get worse for any who push some buttons of TPTB.
I was involved in terminating a dis-honest employee recently.
After he left, another employee, started receiving a constant stream of calls that put a virtual end to his ability to do his job.
It turned out the recently fired employee blamed this guy for his problems and had programmed a computer to place calls to his number continuously, and to send out randomly generated caller ID code.
It was a sort of phone based Denial of Service attack, which until I witnessed it, I had never even heard of.
Likely the numbers are spoofed. There are any number of services that will provide spoofed numbers. The service providers can tell you who their customer is, but won’t do it without a subpoena. Their customer service people are very well versed in the art of fending off irate spoofees.
I’ve gotten more calls progressively over the last couple of years, but it still hasn’t reached the point where I’ll try what you did (and I suspect I would get about the same result anyway).
Breaks my heart to hear variants of “you have no privacy, get over it.” It’s defeatism, that’s what it is. The Stasi thought they were on top of things and look how that turned out.
Take me. Online profile barely there. In online activity, a very hard target for NSA’s peeping Toms. No, really, that’s not bragging, a very, very, hard target. NSA are sneaks, remember. They are the criminals, not you – they won’t admit it but they know it. They keep their best tricks for the most threatening targets. Raise the price of entry and the risk of exposure, and they back off. Inject enough uncertainty and they will chicken out.
And I’m a fairly threatening target. Not that I show up on those puerile trading cards on death-squad Tuesdays, but my activities are quite inimical to this regime. In fact, I’m sitting on evidence of official crime that could poke a real hole in this government’s legitimacy – not from any chilling effect, but to time it to do the most damage.
Several times I have observed probes, both online and administrative. I welcome these because you learn from them. Your friends and allies learn from them. The whole world is learning where to stick the crowbar in.
We’re going to get these scumbags. We’re going to ransack their buildings and ruin their lives.
They say files and folders are rarely truly deleted. There are a lot of file retrieval programs out there… I believe I’d put a bit of effort into getting them back, just in case it might give clues as to what happened.
Hey there, Yves — just a note: you must be cautious of doing any work on an unsecured wireless connection, or in your hotel room associating to what you think is your trusted SSID, as these are readily spoof-able. See Wi-Fi Pineapple and Firesheep. Best to use a wired connection if conduction very sensitive business.
I don’t use wireless at home, which is where this took place. I use a wired connection whereever possible.
Wasn’t me, Yves!
Have to agree with others that you sell yourself and your site short – the old bastions of media power have utterly failed to serve the public interest in general, but also abandoned the not marginal segment of society interested in examining the world as it really is or isn’t. People who think are dangerous, thinking people have opted for the Internet, ergo NSA et al and a budget bigger than the vast majority of nations on earth with which to play.
That said, you’d like to think those guys would already know that anyone both with a brain and evil intent has long since stopped using any e-communications. Hope you solve your puzzle.