MESO-Rx

Anabolic Steroids

US Military Bought Mass Monitoring Tool That Includes Internet Browsing, Email Data

M

MFAAS

Well-known Member
AnabolicLab.com Supporter
Damn.

Y'all be careful. OPSEC has never been more important.

Here's a few key rules:

ALWAYS use a VPN. At this point I'd recommend always using a VPN for even connecting to sites like Meso or any grey market vendor sites, etc. This is quadropoly true for vendors! Even this is not good enough though, apparently...keep reading... :(

ALWAYS MANUALLY PGP encrypt your address or any personal info. ALWAYS use a 4096 bit key (unfortunately 8192 bit keys are too large for our PCs to process, so you'd be able to encrypt messages or sign them, but nobody would be able to actually decrypt or verify them without a stupidly powerful computer.

Use a different browser for browsing to sites related to anything illegal or grey market-related. (DuckDuckGo for mobile, Brave or Epic for desktop, etc. Cookies

I personally believe we need to pressure sources to accept XMR instead of BTC!!!

The government has been monitoring BTC for a very long time. It's ridiculous to think that BTC offers ANY amount of anonymity or privacy at this point.

Colonial used to accept XMR, I asked a few other sources and they said no. It's really fucking stupid to think that BTC means you're safe at all.

Sources:

PLEASE START ACCEPTING XMR

PLEASE NEVER send tracking information in clear text, ever. I know it can be a pain to encrypt/decrypt things, especially at first, but honestly it is for the best for everyone and once you get the hang of it it's super easy.

Everyone: educate yourself on privacy and how to be more anonymous online, etc. I have written privacy guides on here and there's PLENTY of info on google. Feel free to ask questions if you don't find what you're looking for in either of those places. Also look up guides on how to lock down your browser of choice through the advanced settings. Use extensions like NoScript!, uMatrix, and HTTPS Everywhere! to improve security. (Note, NoScript is a pain in the ass at first, but it gets way better once you get used to it and get your preferences saved for the sites you visit.

Turn your fucking location and wifi off on your phone as well as wifi! Google has a complete map of all wifi networks in many countries so they can triangulate your data much more accurately based off of that lone on top of cell tower triangulation and of course GPS. Best bet is to just turn your entire phone off or AT LEAST put it in airplane mode anytime you're doing anything naughty.

There's more but that's all I can think of at the moment...not enough sleep last night...

Lastly, here is the article, one step closer to TOTAL removal of privacy.
The “Augury” platform includes highly sensitive network data that Team Cymru, a private company, is selling to the military. “It’s everything. There’s nothing else to capture except the smell of electricity,” one cybersecurity expert said.

Multiple branches of the U.S. military have bought access to a powerful internet monitoring tool that claims to cover over 90 percent of the world’s internet traffic, and which in some cases provides access to people’s email data, browsing history, and other information such as their sensitive internet cookies, according to contracting data and other documents reviewed by Motherboard.

Additionally, Sen. Ron Wyden says that a whistleblower has contacted his office concerning the alleged warrantless use and purchase of this data by NCIS, a civilian law enforcement agency that’s part of the Navy, after filing a complaint through the official reporting process with the Department of Defense, according to a copy of the letter shared by Wyden’s office with Motherboard.

The material reveals the sale and use of a previously little known monitoring capability that is powered by data purchases from the private sector. The tool, called Augury, is developed by cybersecurity firm Team Cymru and bundles a massive amount of data together and makes it available to government and corporate customers as a paid service. In the private industry, cybersecurity analysts use it for following hackers’ activity or attributing cyberattacks. In the government world, analysts can do the same, but agencies that deal with criminal investigations have also purchased the capability. The military agencies did not describe their use cases for the tool. However, the sale of the tool still highlights how Team Cymru obtains this controversial data and then sells it as a business, something that has alarmed multiple sources in the cybersecurity industry.

“The network data includes data from over 550 collection points worldwide, to include collection points in Europe, the Middle East, North/South America, Africa and Asia, and is updated with at least 100 billion new records each day,” a description of the Augury platform in a U.S. government procurement record reviewed by Motherboard reads. It adds that Augury provides access to “petabytes” of current and historical data.

Motherboard has found that the U.S. Navy, Army, Cyber Command, and the Defense Counterintelligence and Security Agency have collectively paid at least $3.5 million to access Augury. This allows the military to track internet usage using an incredible amount of sensitive information. Motherboard has extensively covered how U.S. agencies gain access to data that in some cases would require a warrant or other legal mechanism by simply purchasing data that is available commercially from private companies. Most often, the sales center around location data harvested from smartphones. The Augury purchases show that this approach of buying access to data also extends to information more directly related to internet usage.

Team Cymru says on its website that its solution provides “access to a super majority of all activity on the internet.”

Do you work at a company that handles netflow data? Do you work at an ISP distributing that data? Or do you know anything else about the trade or use of netflow data? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email joseph.cox@vice.com.

“Augury is the visibility into 93% of internet traffic,” another website describing the tool reads. Some clients have access to the platform under the different brand name Pure Signal RECON, according to Team Cymru’s website.

The Augury platform makes a wide array of different types of internet data available to its users, according to online procurement records. These types of data include packet capture data (PCAP) related to email, remote desktop, and file sharing protocols. PCAP generally refers to a full capture of data, and encompasses very detailed information about network activity. PCAP data includes the request sent from one server to another, and the response from that server too.

PCAP data is “everything,” Zach Edwards, a cybersecurity researcher who has closely followed the data trade, told Motherboard in an online chat. “It’s everything. There’s nothing else to capture except the smell of electricity.” (Team Cymru told Motherboard it does limit what data is returned to users but did not specify what data actually is provided to a user of the platform).

A source in the cybersecurity industry said “that’s insane” when shown that sensitive information like PCAP data was available in Augury. Some private industry users appear to have less access to certain data types in Augury than those listed in the government procurement records. Motherboard granted multiple sources in this piece anonymity because they weren’t authorized by their employers to speak on this issue.

Augury’s data can also include web browser activity, like URLs visited and cookie usage, according to the procurement records. Cookies are sensitive files that websites plant onto computers when people visit them. Given their uniqueness, cookies can be effective for tracking. Facebook and Google, for example, use cookies to follow a particular user from website to website and track their activity. The NSA has then piggybacked off of these cookies to identify targets for hacking. Screenshots of an apparent Augury panel obtained by Motherboard show results containing cookies, URLs visited, and email data. Motherboard showed a section of one of the screenshots to multiple sources familiar with the tool who said it does appear to be the Augury panel.

Augury also contains so-called netflow data, which creates a picture of traffic flow and volume across a network. That can include which server communicated with another, which is information that may ordinarily only be available to the server owner themselves or to the internet service provider that is carrying the traffic. That netflow data can be used for following traffic through virtual private networks, and show the server they are ultimately connecting from. Multiple sources in the cybersecurity industry told Motherboard that netflow data can be useful for identifying infrastructure that hackers are using.

Team Cymru obtains this netflow data from ISPs; in return, Team Cymru provides the ISPs with threat intelligence. That transfer of data is likely happening without the informed consent of the ISPs’ users. A source familiar with the netflow data previously told Motherboard that “the users almost certainly don’t [know]” their data is being provided to Team Cymru, who then sells access to it.

It is not clear where exactly Team Cymru obtains the PCAP and other more sensitive information, whether that's from ISPs or another method.
Click to expand...
 
My gawd...it's even worse than I realized:

BEYOND HIS DAY JOB AS CEO OF TEAM CYMRU, RABBI ROB THOMAS ALSO SITS ON THE BOARD OF THE TOR PROJECT, A PRIVACY FOCUSED NON-PROFIT THAT MAINTAINS THE TOR SOFTWARE.
Click to expand...
The CEO of the company that is selling this SURVEILLANCE software to every military branch in America is ALSO part of the Tor Project...dafuq?!

Time to learn how to use I2P...maybe through Firefox on your privacy machine? Idk. Shit is crazy at this point.

This is why WHISTLEBLOWERS are so fucking important! They risk their lives, livelihoods, and freedom to TELL US ALL THE TRUTH about government abuses of power and intrusions into our privacy and lives. Every single one of them is a hero.
 
MFAAS said:
Damn.

Y'all be careful. OPSEC has never been more important.

Here's a few key rules:

ALWAYS use a VPN. At this point I'd recommend always using a VPN for even connecting to sites like Meso or any grey market vendor sites, etc. This is quadropoly true for vendors! Even this is not good enough though, apparently...keep reading... :(

ALWAYS MANUALLY PGP encrypt your address or any personal info. ALWAYS use a 4096 bit key (unfortunately 8192 bit keys are too large for our PCs to process, so you'd be able to encrypt messages or sign them, but nobody would be able to actually decrypt or verify them without a stupidly powerful computer.

Use a different browser for browsing to sites related to anything illegal or grey market-related. (DuckDuckGo for mobile, Brave or Epic for desktop, etc. Cookies

I personally believe we need to pressure sources to accept XMR instead of BTC!!!

The government has been monitoring BTC for a very long time. It's ridiculous to think that BTC offers ANY amount of anonymity or privacy at this point.

Colonial used to accept XMR, I asked a few other sources and they said no. It's really fucking stupid to think that BTC means you're safe at all.

Sources:

PLEASE START ACCEPTING XMR

PLEASE NEVER send tracking information in clear text, ever. I know it can be a pain to encrypt/decrypt things, especially at first, but honestly it is for the best for everyone and once you get the hang of it it's super easy.

Everyone: educate yourself on privacy and how to be more anonymous online, etc. I have written privacy guides on here and there's PLENTY of info on google. Feel free to ask questions if you don't find what you're looking for in either of those places. Also look up guides on how to lock down your browser of choice through the advanced settings. Use extensions like NoScript!, uMatrix, and HTTPS Everywhere! to improve security. (Note, NoScript is a pain in the ass at first, but it gets way better once you get used to it and get your preferences saved for the sites you visit.

Turn your fucking location and wifi off on your phone as well as wifi! Google has a complete map of all wifi networks in many countries so they can triangulate your data much more accurately based off of that lone on top of cell tower triangulation and of course GPS. Best bet is to just turn your entire phone off or AT LEAST put it in airplane mode anytime you're doing anything naughty.

There's more but that's all I can think of at the moment...not enough sleep last night...

Lastly, here is the article, one step closer to TOTAL removal of privacy.
Click to expand...
None of that shit matters, bro.

lol. VPNs, Bitcoin (biggest security joke since PGP), none of it.

If you're on the internet, everything you do is easily tracked and stored. And IS tracked and stored, and added to your profile.

These sources that insist on Bitcoin are morons.
 
may2021 said:
None of that shit matters, bro.

lol. VPNs, Bitcoin (biggest security joke since PGP), none of it.

If you're on the internet, everything you do is easily tracked and stored. And IS tracked and stored, and added to your profile.

These sources that insist on Bitcoin are morons.
Click to expand...
Finall someone says it

Vpn and bitcoin is just a joke , do people REALLY think they can be anonymous online? Like bro NSA can literally track down your exact location even on TOR (deep web) and you still think a shit vpn will save your ass? Lmao I don’t even watch my porn at incognito anymore since it came out that google still records your shit even on icognito
 
may2021 said:
None of that shit matters, bro.

lol. VPNs, Bitcoin (biggest security joke since PGP), none of it.

If you're on the internet, everything you do is easily tracked and stored. And IS tracked and stored, and added to your profile.

These sources that insist on Bitcoin are morons.
Click to expand...
Not sure if you're right. But there is some truth, of course, but not everything is as sad as you describe.
 
David44 said:
Finall someone says it

Vpn and bitcoin is just a joke , do people REALLY think they can be anonymous online? Like bro NSA can literally track down your exact location even on TOR (deep web) and you still think a shit vpn will save your ass? Lmao I don’t even watch my porn at incognito anymore since it came out that google still records your shit even on icognito
Click to expand...
What you write, do you believe or know? Yes, of course, the special services know and are capable of a lot. But he frankly says that this and that does not work at the root is not true.
 
MR_Midas said:
What you write, do you believe or know? Yes, of course, the special services know and are capable of a lot. But he frankly says that this and that does not work at the root is not true.
Click to expand...
Your intel chip tracks and sends everything you do BEFORE you reach the security (attempt at humor) of a VPN or Bitcoin.
It's in there with you... like your best buddy.
 
MR_Midas said:
Not sure if it's just a conspiracy theory.
Click to expand...
Actually, it's true. It's called "Intel Management Engine". AMD has a similar thing on its processors called "Platform Security Processor".

Some AMD chips were not backdoored......but they are old. You can find them if you want.

The answer has been to use older laptops with old pre-backdoor Intel processors and use Coreboot or Libreboot.

Read the Wikipedia article. It's very good. There are some newer alternatives now that disable IME.

Thay said, even if they have the capability to see what you're doing, it doesn't mean they can easily do it.

en.m.wikipedia.org

Intel Management Engine - Wikipedia

en.m.wikipedia.org en.m.wikipedia.org



intel_compromises_anon_leak.png
 
Last edited:
Interesting, and pretty scary shit, but it is what it is.

Our government doesn't care about our rights unless their hands are forced. They pull shit like this and when confronted with their dishonestly, will say it is for the safety of our country from terrorist acts, etc.

It has to be pretty scary to learn this shit if you have been doing things that you aren't supposed to do, like sourcing etc. If they want you, they pretty much have you.

Reading shit like this article and info in this thread really makes me yearn for the good old days before I was old and the internet was used as a surveillance tool.

Stay safe, gentlemen.
 
Inspired said:
Actually, it's true. It's called "Intel Management Engine". AMD has a similar thing on its processors called "Platform Security Processor".

Some AMD chips were not backdoored......but they are old. You can find them if you want.

The answer has been to use older laptops with old pre-backdoor Intel processors and use Coreboot or Libreboot.

Read the Wikipedia article. It's very good. There are some newer alternatives now that disable IME.

Thay said, even if they have the capability to see what you're doing, it doesn't mean they can easily do it.

en.m.wikipedia.org

Intel Management Engine - Wikipedia

en.m.wikipedia.org en.m.wikipedia.org



View attachment 174889
Click to expand...
Thank you for reading the article and your post
 
MadBret said:
Interesting, and pretty scary shit, but it is what it is.

Our government doesn't care about our rights unless their hands are forced. They pull shit like this and when confronted with their dishonestly, will say it is for the safety of our country from terrorist acts, etc.

It has to be pretty scary to learn this shit if you have been doing things that you aren't supposed to do, like sourcing etc. If they want you, they pretty much have you.

Reading shit like this article and info in this thread really makes me yearn for the good old days before I was old and the internet was used as a surveillance tool.

Stay safe, gentlemen.
Click to expand...
Yes, there were great times. And now everything is under scrutiny.
 
You must log in or register to reply here.

Similar threads

FUYAO
FUYAO Peptides: Best quality and prices
3 4 5
Replies
94
Views
6K
mdrnico
M
guyfawkes1010
An updated guide to internet privacy and anonymity
2 3
Replies
54
Views
3K
Realwood
Realwood
Millard
Feds trace $4.5 billion cryptocurrency from 2016 hack of Bitfinex
Replies
17
Views
1K
TrenBolognaSandwich
TrenBolognaSandwich
MadBret
FBI’s Encrypted Phone Company Spied on Criminals Worldwide
Replies
6
Views
1K
ShredSeason
ShredSeason
M
  • Sticky
Digital Privacy and Anonymity: Why it's important and how to achieve it! How to maintain your privacy online.
2 3
Replies
54
Views
8K
BuffGold2024
B

Sponsors

Latest posts

Back
Top