. . . You have blindly charged into the Anonymous hive, a hive from which you’ve tried to steal honey. Did you think the bees would not defend it? Well here we are. You’ve angered the hive, and now you are being stung. . . .
We are Anonymous.
We are legion.
We do not forgive.
We do not forget.
Expect us—always.
Just who pulled off the epic hack remains unclear. But one hacker named Sabu would later claim in a conversation on Anonymous’ elite IRC channel #HQ that he had “rooted their boxes, cracked their hashes, owned their e-mails, and social engineered their admins in hours.”
Whoever it was, they seemed to have learned something from the tactics of WikiLeaks. The Anonymous hackers set up their own website, calling it AnonLeaks. Then, partly to prove how little they thought of Barr’s work, they published the entire stolen contents of HBGary’s mail archive, including his database of Anonymous’ purported identities, adding a search feature for easy reading of the executives’ most personal messages, the tool that provided me with much of the material for this story.
At first, only the e-mails of executives from HBGary Federal were included. Penny Leavy, Greg Hoglund’s wife and president of HBGary, was sent into an Anonymous IRC channel to negotiate by instant message on behalf of HBGary and prevent the release of the rest of the e-mails.
Sabu addressed her immediately. “Penny. Before we get started—know that we have all e-mail communication between you and everyone in HBGary. So my first question would be why would you allow Aaron to sell such garbage under your company name? Did you also know that Aaron was peddling fake/wrong/false information leading to the potential arrest of innocent people?”
“We have no idea,” responded Penny. “We have not seen the list and we are kind of pissed at him right now.”
“If what you are saying is true then why is Aaron meeting with the FBI tomorrow morning at 11am?” retorted Sabu. “PLEASE KEEP IN MIND WE HAVE ALL YOUR EMAILS.”
Sabu demanded that HBGary fire Barr and donate its stake in HBGary Federal to the Bradley Manning Defense Fund. In the bizarre scrum that followed, Leavy debated the morality of Bradley Manning’s actions with dozens of angry hackers, and eventually Barr and Hoglund jumped into the Anonymous snake pit and tried to defend their companies’ actions. After four hours of arguments, Anonymous decided to publish Greg Hoglund’s e-mail too.
AnonLeaks exposed more dirt than the hackers had ever dreamed possible: Barr’s plan to unmask Anonymous provided them with humorous reading. Benjamin Spock de Vries, whom Barr had identified as CommanderX, turned out to be a permaculture expert whose anarchist activities only extended as far as home gardening.
But Barr’s e-mails also revealed HBGary Federal’s spec work online surveilling and tracking enemies of the Chamber of Commerce, the firm’s possession of malicious software capable of rooting deep into an unsuspecting user’s machine, even Barr’s arguments with his wife in which she threatened divorce.
And then there was Barr’s attack plan against WikiLeaks. The secret-spilling group immediately posted the slides to WikiLeaks’ home page as evidence of the corrupt and illegal conspiracies against it. And as the press and blogs began to pick up the story, HBGary Federal’s partners increasingly abandoned Barr to the wolves. While Hunton & Williams declined to comment to the media, Berico, Palantir, and the client that had started the entire chain of events, Bank of America, all released statements disclaiming responsibility for the attack plan and severing relations with HBGary Federal.
The security firm went into damage control mode. Barr canceled his talk at the BSides conference and stopped giving press interviews. Hoglund canceled a talk of his own at the simultaneous RSA conference in San Francisco. As the company went silent, Glenn Greenwald and others wrote excoriating essays on the military-industrial complex’s dirty tactics in the digital realm. The Colbert Report aired a segment mocking Barr. A few days later, he resigned from his position at HBGary Federal. (A year later, the small company would persist in name alone, without employees or customers. And in February 2012, its parent firm, HBGary, would be swallowed up by the larger defense contractor ManTech for an undisclosed price.)
On the news site AnonNews, frequented by members of the movement, Anons reacted to the news of Barr’s resignation with little sympathy. “Anonymous should be as cold as ice and get on to the next operation,” wrote one.
“Poor Aaron Barr,” added another. “Wait, no, that guy was a dick. At least we destroyed him in anonymous style.”
In the months that followed Barr’s takedown, several of the pseudonymous hackers who made references to participating in the hack in chat rooms and media interviews were arrested. (An anonymity service called HideMyAss, which some Anons had used in lieu of Tor, admitted it turned over data to law enforcement in response to a court order.) The captured hackers included Tflow, a sixteen-year-old boy from South London, Topiary, aka Jake Davis, a nineteen-year-old who lived in the UK’s isolated Shetland Islands, and Kayla, a hacker who claimed to be a sixteen-year-old girl but was actually a twenty-four-year-old man in Doncaster. At the time of this writing, their prosecution is ongoing.
It would be more than a year before the FBI unsealed its indictment against the hacker Sabu, also known as Hector Xavier Monsegur, a twenty-eight-year-old New York man, outed by a single occasion when he had entered an Anonymous chat room without disguising his IP address. Monsegur had pleaded guilty to computer hacking and other crimes in August of 2011. Faced with 124 years and six months in prison, he instead became a government informant, aiding the FBI in its takedown of his friends. In the end, the hacker who humiliated Aaron Barr achieved what Aaron Barr couldn’t: He had infiltrated and identified Anonymous’ inner circle.
In August 2011, Peiter Zatko walked onto the main stage of the Black Hat hacker conference at Caesars Palace in Las Vegas, wearing a sleek tan sport jacket and jeans, with a room-shaking bass beat announcing his entrance to a crowd of thousands.
He began his keynote address with a kind of acknowledgment that he was no longer Mudge the hacker who headlined Black Hat in 1999, but now Mudge the high-ranking Department of Defense official. “Old Mudge would ask current Mudge, did you sell out? Or are you still doing what you believe in and trying to put a dent in the universe?” Mudge asked himself. Leaving the question unanswered, he launched into a talk on his work at DARPA, focusing on his plan to give small grants to L0pht-style hackerspaces.
In his hour-long talk before Black Hat’s assembly of hackers and security researchers, he mentioned CINDER only once, and described it as having “nothing to do with humans.”
When I followed up by e-mail with Mudge and his public affairs officer to ask what that meant, they would tell me an entirely different story from the one Mudge had described in his public request for proposals and in our meeting the previous year. “While the CINDER program did not initially preclude the consideration of human insiders, the primary goal of the program has always been to identify future autonomous software insider activities,” read an e-mail from DARPA public affairs officer Eric Mazzacone. “The program manager revised and refocused each of the phase I efforts to replace any semblances of human insiders in their missions with software agents while retaining the same mission goals.”
Never mind that Mudge had specifically spoken about rogue employees who steal data by burning it to a CD. Or that DARPA’s official description of the project posted to its website included an example “malicious mission” of a human printing files and walking out of a building, a description that was never changed, even many months and several revisions of the document later. Or that every contractor who spoke to me about the project—including one who had passed CINDER’s first round and remains involved today—described it as including human leakers.
Perhaps Mudge had decided that CINDER would be better
off focusing on problems with less controversy than rooting out potential whistleblowers—or perhaps DARPA hoped to make it appear that way. By the time Mudge’s public description of CINDER had changed, the project had entered a phase without public documentation, with participating contractors sworn to secrecy.
At the end of his talk at Black Hat, Mudge returned to his original question. “I hope that the old Mudge of 1999 is looking at the current Mudge of 2011,” he said. “And other than saying, ‘Why are you wearing a pocket square and don’t have any long hair,’ that, yeah, you’re still remaining true to the cause.” Then the applause and the bass beat swelled again, and he walked off the stage.
Two hours later I leave the casino’s conference center, descend its three-story escalator, and find my way through the lobby to a Chinese restaurant with massive goldfish tanks at its entrance. Waiting outside is a man with an athletic build, wearing a baseball hat, a Pearl Jam T-shirt, and a wary smile that seems to acknowledge that many of the people in the crowded lobby have read hundreds of his e-mails: Aaron Barr.
“It’s a bit surreal,” he tells me with a self-effacing smile after we sit down. “I hope this doesn’t sound overly inflated. But I think I have a small window of what celebrities must feel like, to have so much of your life on public display, even while you’re still going on in your own little bubble with all your personal relationships.”
Barr’s spat with Anonymous has only strengthened his antipathy toward the group. He wants to emphasize that he’s not against civil disobedience. He tells me emphatically about how he led a protest against Wal-Mart in 2004, fighting the store’s opening on behalf of the small businesses in the Colorado town where he lived.
What Barr opposes, he says, is the abuse of anonymity. “Anonymous believes what they’re doing is like holding a virtual sit-in. It sounds good, but it’s not equivalent,” he says. “If you want to protest unfair or broken laws, get a lot of people together, involve the press, and get arrested. Don’t throw rocks from the shadows of an alley. That just looks mean.”
And what about anonymity for whistleblowers? “Some amount of anonymity is good,” he responds quickly. “You look at countries like Iran and Syria, those folks need to have some ability to have anonymity to get information out.”
And what about in a functioning democracy, I ask, like the United States?
Barr pauses. And then he asks for a moment to think. To all appearances, it’s not a question he’s considered before.
We sit in silence for perhaps a full minute, as Barr looks at the menu. When the waitress comes by our table, Barr still seems preoccupied, and asks for only the same bowl of noodles and cup of coffee that I order.
“In a free and open democracy, it should be attributable,” he answers finally. “That’s one of my problems with anonymity. In most whistleblowing cases, there’s a lot of personal risk and sacrifice. Their name’s going to be attached to it. There are personal repercussions. There’s pressure to get the information right, to get the perspective right.
“With anonymity,” he adds, his uncertainty gone, “there’s none of that.”
Barr can philosophize about identity and anonymity with me. But for legal reasons, he warns me that he can’t talk about his actual work with HBGary Federal to unmask and defeat faceless actors online.
In fact, he doesn’t need to. Deep in the thousands of hacked e-mails released by Anonymous sits HBGary Federal’s very own proposal to Mudge’s CINDER program, Barr’s unique contribution to the state of the art for tracking down leakers.
He called it the “Paranoia Meter.”
In the document, HBGary Federal offered to build a piece of spyware to be installed on every user’s machine in an organization. It would be hidden deep within the operating system to avoid detection, and would communicate with a central server only by weaving its communications into the user’s Web traffic, impersonating the exchange of data packets to Web advertising servers.
From its perch inside the potential leaker’s machine, it would watch every move he or she made, constantly collecting screenshots of the user’s computer, mouse movements, and even using the computer’s front-facing camera to watch for suspicious twitches. “We believe that during particularly risky activities we will see more erratic mouse movements and keystrokes as well as physical observations such as surveying surroundings, shifting more frequently, etc.,” read the proposal Barr submitted to DARPA.
Like a lie detector detects biological and physical changes based on sensitivities to specific questions, we believe there are physical changes in the body that are represented in observable behavioral changes when committing actions someone knows is wrong. . . .
Using shoplifting as an example, there are peaks and valleys of adrenaline during the entire theft process. There is the moment the thief puts an item in their pocket (high), then as they walk around the store the adrenaline begins to valley a bit, then they attempt to walk out of the store (very high). It is at these points that we want to be able to take as many behavioral measurements as possible because it is at these points the insider’s activity will be as far from normal behavior.
HBGary didn’t intend to stop with monitoring only military machines either. It asked to retain the intellectual property of its Paranoia Meter to “transition to commercial products,” according to the proposal.
Mudge, it seems, was not impressed. Barr’s Paranoia Meter was rejected in CINDER’s first round with a form letter from Zatko himself. The note merely thanked the firm for applying and offered no explanation.
Perhaps DARPA was disturbed by the company’s unapologetic invasion of users’ privacy. Or perhaps by the time of Barr’s submission, Mudge had already shifted CINDER’s focus to automated software instead of humans, as he would later claim.
Regardless, since the first round of submissions ended in March 2011, DARPA no longer publicizes any of the contractors that have received funding. If a Paranoia Meter has found its way into DARPA’s budget, reconceived in a form that better suits the agency’s standards, Mudge isn’t telling.
For now, the results of his work, like the information it’s meant to protect, have become another sealed file in the Pentagon’s vault of secrets.
The individuals tasked with rooting out leaks—from Adrian Lamo to Aaron Barr—tend to compare their targets to Robert Hanssen and Aldrich Ames, spies who sold uncountable secrets to foreign empires for millions of dollars. In fact, the archetypal leaker is often more like one NSA analyst named Thomas Drake: a conscientious whistleblower repaid only with crushing legal retribution.
Drake, a thin and severe-looking man with a wisp of brown hair, has the hard stare of someone who has dealt in serious affairs and seen them go very badly. Drake’s troubles began on his first full day of work at the National Security Agency: September 11, 2001.
To the NSA, the horrors of that day represented its gaping inadequacies in the new millennium. The agency had intercepted but ignored phrases in the hijackers’ communications including “Tomorrow is zero hour,” and “The match begins tomorrow.” The digital world’s vast and messy flood of information had diluted those key warnings into insignificance. The NSA was drowning in data.
Drake’s first position at the agency, after a career in air force signals intelligence, was on a project code-named Jackpot. Jackpot aimed to analyze the agency’s software to sniff out bugs and inefficiencies. One piece of code came to Drake’s attention: a data-sifting algorithm known as Thinthread. The program had been built by the agency’s brilliant mathematician Bill Binney to address the Internet’s deluge of digital information, and Drake assessed it as a highly effective, scalable, and elegant tool, one that might have caught the needles in the digital haystack that represented 9/11 if it had only been implemented in time.
Before September 11, Thinthread had been dismissed as too invasive of Americans’ privacy. Binne
y had responded by altering the program to encrypt all its results so that they would only be made available with a court order. But after 2001, the landscape had changed: In the bureaucratic handwringing that followed America’s worst-ever terrorist attack, the NSA’s leadership was looking for a solution to match the size of its problems, not a single, simple program. It launched a new project called Trailblazer with nine-figure resources aimed at funding private contractors to build new data-combing tools.
Drake would come to see the decision to pursue Trailblazer instead of Thinthread as a corrupt, negligent, and wasteful move. “Trailblazer became a corporate solution,” he said when we met in the Washington, D.C., office of the Government Accountability Project, a whistleblower advocacy group. “We disregarded the traditional strength of the NSA, solving problems with the best minds of the private sector and the government, and instead turned the entire project over to industry. You always have to look at alternative options. They chose not to.”
Over the next years, Trailblazer doled out massive contracts: Hundreds of millions went to the contractor SAIC, which had hired a former NSA director and formerly employed the NSA deputy director at the time, what Drake describes as “a revolving door refined to an art form.” But even as it overran its budget, Trailblazer ran into endless delays and dead ends. By the time the project was canceled in 2006, it had become a $1.2 billion boondoggle.
Drake says he could see the monumental waste in Trailblazer from the start. “It didn’t matter if Thinthread was better. They just wanted to spend a lot of money over many years. Corruption had become normalized,” he says. “It still chaps my lips today to think about it: the amount of money wasted that never contributed to national security, and no one has ever been held accountable.”
In the early days of the program, Drake and three other NSA officials approached one of the agency’s budget overseers on the House Intelligence Committee to alert her to the project’s overblown costs and ineffectiveness. She passed on the criticisms to others on the committee and even Supreme Court Justice William Rehnquist, but no one acted to rein in the program.
This Machine Kills Secrets Page 25
