Guest User

Jacob Applebaum and the Mining of Tor Nodes

a guest
Jun 15th, 2015
1,106
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. This memo exposes the sordid connections between Wikileaks, the Tor Project, and a hacker spy collective known as Project Vigilant. The common thread between these entities is a single hacker named Jacob Appelbaum. We examine Appelbaum's relationships with each organisation.
  2.  
  3. Adrian Lamo is a ``hacker,'' convicted felon, and the person who informed on Private Bradley Manning (a Wikileaks source) to the FBI and US Army CID. [1] When not informing to the FBI or abusing Xanax [2] Lamo is involved as a ``volunteer'' with a collective of hackers whose common purpose is to data mine the activities of Americans on the Internet and provide any information obtained to the US government. This group calls themselves ``Project Vigilant'' -- see Glenn Greenwald's expose on the subject for more information. [3] In sum, Lamo is not only a (proud) snitch, but a spy.
  4.  
  5. Appelbaum is a hacker employed by the University of Washington as a ``Research Scientist,'' [4] despite holding no degree (he dropped out of high school). Appelbaum is also employed by the Tor Project as a ``Developer,'' with a salary of $66,000, [5] despite being openly criticized by fellow hackers as ``someone who doesn't know how to program.'' [6] Another critic goes even further: [7]
  6.  
  7. ``According to Wikipedia, he's also a member of the Cult of The Dead Cow (cDc) (since 2008), a hacker organization that was famous for doing a lot of great work... in the 1990s. A pattern emerges.''
  8.  
  9. Back to Tor. In an interview with The Epoch Times, Lamo points out that Appelbaum was responsible for a constellation of Tor nodes under the domain of ``lostinthenoise.net.'' [8] Lamo goes so far as to imply that these nodes were being used by Appelbaum to mine the Tor network for documents which were then passed on to Wikileaks. How did Lamo know about this network of nodes? What made Lamo so convinced that this network of nodes was being used to harvest documents for Wikileaks? It turns out Lamo knew Appelbaum in and around 2002, and was involved with Appelbaum's ``lostinthenoise.net'' network. We know this, inter alia, because Lamo's PGP keys were cryptographically signed by Appelbaum in 2002: [9]
  10.  
  11. pub 2048R/B9E571B9 1996-05-13 2004-04-21 Fingerprint=D6 93 12 4F 19 B3 3F A6 A1 5D D4 42 1E 0D B1 8B
  12.  
  13. uid Adrian Lamo <adrian@adrian.org> sig sig B9E571B9 1996-05-13 __________ __________ [selfsig] sig sig E42F9CA0 2002-01-14 __________ __________ Kevin L. Poulsen <klp@well.com> sig sig 479D8BB8 2002-07-24 __________ __________ error (Call to confirm fingerprint) <error@lostinthenoise.net>
  14.  
  15. The handle ``error'' in the address ``error@lostinthenoise.net'' belonged to Appelbaum. Appelbaum, today known as ``ioerror,'' also once went by the handle ``error'': [10]
  16.  
  17. @iameltonjohn I've been io and ioerror and error for a lot longer! :-) 6:40 PM Jan 31st via web in reply to iameltonjohn
  18.  
  19. Note that key signing is typically done between trusted persons at ``key signing parties,'' [11] meaning Lamo and Appelbaum were close personal friends at the time. Lamo, in a retort to a piece by Greenwald titled ``Blinded by Contempt,'' [12] admits he once ``socialized'' with Appelbaum at around the same time we see Appelbaum was crytographically signing his PGP keys:
  20.  
  21. ``... I hadn't socialized with [Appelbaum] for the better part of a decade ...''
  22.  
  23. Thus, Appelbaum and Lamo, both talentless ``hackers,'' once worked together on a network of Tor nodes that Lamo now alleges was used at the time to mine the Tor network for documents --then passed on to Wikileaks. What evidence is Lamo keeping from the public?
  24.  
  25. Furthermore, Appelbaum's relationship with Wikileaks is certainly not a secret. Assange has admitted that Tor, and Appelbaum in particular, were instrumental in the operating of Wikileaks. [13] Leaked internal Wikileaks documents show, and Assange admits, that ``at least one'' document used to bootstrap Wikileaks' document database was obtained by mining (aka ``sniffing'') Tor and other peer-to-peer networks [14] -- exactly the allegation Lamo now levels against Appelbaum. What exactly is Appelbaum's relationship with Assange, who refer to each other by their first names?
  26.  
  27. At about the time when Bradley Manning was ``test leaking'' a single diplomatic cable from the US embassy in Iceland (the ``Reykjavik 13'' cable), Appelbaum was meeting with Assange in Iceland. The two are seen bathing together, in an Icelandic hot spring, in a photo accompanying Rolling Stone's surreal profile of Appelbaum as ``The Most Dangerous Man in Cyberspace'' (September 2, 2010). Endulging the typical hacker ego, Appelbaum tweeted a link to a complete scan of the magazine article (for which he provided the photos), hosted on a ``hidden'' Tor node: [15]
  28.  
  29. The full Rolling Stone article is now on a random Tor hidden service: http://gqc3mjjp5tdbbxui.onion/ http://gqc3mjjp5tdbbxui.tor2web.com/1:44 PM Aug 20th, 2010 via web
  30.  
  31. This photo is archived at the link which follows. < http://image.bayimg.com/jaefiaadg.jpg >
  32.  
  33. Appelbaum's position at the University of Washington (despite having no education whatsoever), his salaried position at the Tor Project (despite not knowing how to program), and his evidenced involvement in mining the Tor network for Wikileaks -- are all symptomatic of the revolving door mechanisms typically employed by intelligence services to move assets in and out of key circles of academia and non-profits.
  34.  
  35. For the sake of the Tor Project, Jacob Appelbaum must disclose the exact nature of his relationship with Adrian Lamo in 2002, and with Julian Assange today.
  36.  
  37. [1] < http://www.wired.com/threatlevel/2010/06/leak/ > [2] < https://lamodrugs.wordpress.com/2010...documentation/> [3] < http://www.salon.com/news/opinion/gl.../08/02/privacy > [4] < http://www.cs.washington.edu/homes/io/ > [5] < http://cryptome.org/0002/tor-2008.zip > [6] <https://twitter.com/moxie__/statuses/24450592605 > [7] < http://sneak.datavibe.net/20110113/wikileaks/ > [8] < http://www.theepochtimes.com/n2/content/view/47274/ > [9] < http://pgp.mit.edu:11371/pks/lookup?...fingerprint=on > [10] < https://twitter.com/ioerror/status/32267087355318272 > [11] < https://secure.wikimedia.org/wikiped..._signing_party> [12] < http://cryptome.org/0001/lamo-greenwald.htm > [13] < http://www.rollingstone.com/culture/...0101201?page=2 > [14] < http://www.wired.com/threatlevel/201...leaks-and-p2p/ > [15] <https://twitter.com/ioerror/status/21693514641 >
  38.  
  39. "
RAW Paste Data