Advertisement
lurker69

impossible is possible

Nov 25th, 2016
10,490
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.18 KB | None | 0 0
  1. FWIW, I am inside of NATO and my internet did not cut off upon receiving the message. However, I have not been really doing anything on the blockchain like you folks apparently have, so it is probably the case that I am not being targeted. I'm just sort of lurking here thinking this is all pretty crazy stuff.
  2.  
  3. ------------------------------------------------------
  4. I am outside of NATO. As soon as I received this message, my internet cut off. Bitmessage peers went to zero.
  5.  
  6. They are able to disable internet on linux. I recoment firewalling all incoming traffic with Gufw.
  7.  
  8. I also recommend having SSH disabled on the machine.
  9.  
  10. I also recommend using a wifi dongle instead of the onboard laptop wifi that has DMA. Expecially dongles with open source drivers and good Linux support.
  11.  
  12. If I connect through a VPN with TUN/TAP adapter, they are unable to cut off internet. If I connect using the onboard wifi and no VPN, I have seen buffer overflow and kernel panic in AES crypto module. However, I believe this was from PDF download they intercepted and inserted buffer overflow into.
  13.  
  14. We need PDF and browser software in languages that do not have buffer overflow attacks.
  15.  
  16. Some people in the US and EU have had their DNS traffic shutoff at the cable modem. When this failed, they have had whole internet shutoff at cable modem level. This is cable modem backdoor (see document "full disclosure" on wikispooks for more information about the DHS cable modem backdoor. These attacks are coming from GSHQ and DHS, not NSA. As far as I am able to determine.
  17.  
  18. They have method of intercepting a PDF download and inserting buffer overflow into the PDF. Once computer has been targeted. This is the only time they were able to crash my computer.
  19.  
  20. Their attack capacities against linux are limited and are generally ineffective. Expecially if you have all incoming traffic firewalled and using a VPN and external USB adapter for networking. They have been able to disable wifi or cause dbus errors, but toggling wifi from on/off fixes it.
  21.  
  22. I would also disable flash on the web browser.
  23.  
  24. They have also been ineffective at completely disrupting or controlling message proprogation across Bitmessage for users outside of NATO. Even if the users cannot receive incoming connections, messages are still getting through. Even with the EC2 sybil attacks.
  25.  
  26. By using a VPN and cycling VPN connections to countries outside of NATO, I have been able to hit a node and download +200 messages that were blocked or not received from the other 7 nodes I was connected to.
  27. - We need to increase the connection pool size for Bitmessage (we are missing setting)
  28. - We need to be able to set specific nodes to connect to in settings
  29. - We need to ensure that we are able to connect to nodes who allow incoming connections
  30. - We need to ensure connection to bitmessage nodes outside of NATO
  31.  
  32. We have less information on OSX. Windows 10 is just a botnet and no recomended. I would start migration from Windows to Linux Mint.
  33.  
  34. ------------------------------------------------------
  35. Hi everyone.
  36.  
  37. I realize that this message might not go through but just in case -- this will be my final message sent to BM. Anyone claiming to be updating my situation is lying.
  38.  
  39. I've been working with another person on this since the original thread in October 17. This is our third attempt at spreading the information. I don't think it will be possible for anyone to upload the keys and the files. It really seems like the only way is for everyone to get them from the blockchain separately. Some of you might think this is not the case but you'll be able to see it first hand when you try soon. It should be fairly straight forward for everyone to extract the keys and files with the information on this BM.
  40.  
  41. On our end, we can confirm that the script can be used to extract the following files:
  42. 2016 Disk Image, Spreadsheet, BIN, multiple videos, mp3s, emails, pdf documents
  43. 2015 Disk Image, Spreadsheet, multiple videos, mp3s
  44. 2014 Disk Image, Spreadsheet, multiple videos
  45. 2013 several backups in zipfiles
  46. Hash and time stamp text for what seems like all uploads to Wikileaks.org
  47.  
  48. The following files can be unlocked so far:
  49. 2016-06-03_insurance.aes256.torrent
  50. wlinsurance-20130815-A.aes256
  51. wlinsurance-20130815-B.aes256
  52. wlinsurance-20130815-C.aes256
  53.  
  54. We have not been able to unlock:
  55. 2016-11-07_WL-Insurance_US.aes256
  56. 2016-11-07_WL-Insurance_UK.aes256
  57. 2016-11-07_WL-Insurance_UK.aes256
  58. wikileaks-insurance-20120222.tar.bz2.aes
  59.  
  60. Allegedly unlocked by others:
  61. 2016-06-03_insurance.aes256
  62. wikileaks-insurance-20120222.tar.bz2.aes
  63.  
  64. There is clearly a lot more information that we haven't gotten to yet.
  65.  
  66. The file pieces have to be combined so a bit more code is needed. The Cablegate Backup should be used as an example to do it. Some groups are now going through the same issues we've seen. Our experience was that we lose internet connection, we are unable to copy paste or keep anything on our clipboards, all attempts at encoding transactions into BTC get delayed and do not happen, files on computers connected to the Internet are deleted or moved, etc. That is why I think the best way to spread this is to teach others how to do it and possibly to encode what you feel comfortable making permanent in some crypto currency other than BTC.
  67.  
  68. I expect that in the next few days the media will be forced to cover this. The spin will be that these files cannot be verified, do not come from Wikileaks and that no one can recreate the steps to get them. They will probably push false steps that do not work. From what we have seen, most people will not bother to check and believe it. Because the blockchain is permanent and many have copies, I do not think that it will be possible to spin this in this way forever. Anyone can do it in their own homes. However, they have been preparing for this for months. Damage control will be very easy for them because there are really no sites that can be used to discuss this anymore. I'm a still a bit concerned because the steps on how to get the information were available since mid October and very few people tried to do it. It was practically impossible for us to try to discuss this with others on any site. Everyone seems to react violently to the suggestion but I am not sure if these were even real responses.
  69.  
  70. The easiest way to collect the information is on a computer that is not connected to the internet and has no wifi cards. Making a database with relational information of the transactions helps a lot as well. It might be necessary for someone to create a very easy to follow tutorial with code that allows anyone to do this. To this day many people refuse try on their own and simply chose to believe that it is not real. If you care about this, you should spend some time showing people the evidence and guiding them through of process of getting the files themselves.
  71.  
  72. My personal opinion is that the most crucial thing that should happen when this is finally out in the open is that the people pretending to be Wikileaks should be exposed. It should be clear to everyone that people are paying attention. The people that sold out and did as they were told should also be exposed. I still don't understand why it was so easy to get most people to play along and allow their sites to be controlled. It is alarming that talking about this is practically forbidden everywhere. During the past few months we have witnessed a possible end of a free internet. People in power have the resources to fool the entire world into agreeing with them through censorship, paid posts, bots, etc. There is not even a way to verify the history of a page anymore since they now control the only site that allowed it. I think this is the perfect opportunity to guarantee that this is stopped and does not happen again. However, everyone should see the information and decide by themselves what they want to do.
  73.  
  74. Thanks to all of you that helped.
  75.  
  76.  
  77. ------------------------------------------------------
  78. Confirming script for working. Can anyone else confirm they are getting the files? I'm currently combining them following the advice on the last post and it works. All the keys are in there. Anyone else getting the same results?
  79.  
  80. ------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement