'Project Vigilant' Recruits At Defcon To Track You

angry tapir writes "A secretive volunteer group that tries to track terrorists and criminals on the Internet went to the Defcon hacker conference in hopes of recruiting information security experts, but it will first have to overcome some skepticism. That's because most information security professionals have never heard of the group, called Project Vigilant."

Why not just call their company "NSAFront"?

[elrous0]

It would be no less obvious.

Re:Why not just call their company "NSAFront"?

[conspirator57]

As usual, Glenn Greenwald has several interesting things to say, even though he's not that technical and ascribes far too much credence to the technical prowess and savvy of high-level government officials with "cyber" or some variant in their name.

http://www.salon.com/news/opinion/glenn_greenwald/2010/08/02/privacy/index.html

Re:Why not just call their company "NSAFront"?

[FriendlyLurker]

Adrian Lamo worked as an Analyst for Project Vigilant - which specializes in collecting any and all data from major ISP's where the EULA permits third parties (i.e. pretty much all of them).

Lamo also just happened to turn in chat logs for military whistleblower Bradley Manning. There is already decent evidence to suggest that Lamo never talked to Manning, but was given the logs by this secretive private catch-all spy network "Project Vigilante" and told to turn them in.

Re:Why not just call their company "NSAFront"?

There is already decent evidence to suggest that Lamo never talked to Manning, but was given the logs by this secretive private catch-all spy network "Project Vigilante" and told to turn them in.

Decent evidence? As reported by Socky McSockpuppet?

More likely story: Glen Greenwald has a huge gay crush on Bradley Manning because he'd like to have his own turncoat soldier boy toy. Also "Project Vigilant" scares the poo poo out of Glen because they'd be able to reveal the extent of his sockpuppetry.

Re:Why not just call their company "NSAFront"?

[cHiphead]

So do we burn these guys out now?

Re:Why not just call their company "NSAFront"?

Adrian Lamo has such a severe case of Aspergers syndrome - the BBC tried to interview him in this video, but had to cut him off early he was acting so weird. I doubt anyone would trust that guy after talking to him for a minute, let alone Manning handing over sensitive information to the guy. No, even without direct evidence - he was the perfect mentally Ill candidate for Project Vigilante to exploit and take public the intercepted logs public.

Re:Why not just call their company "NSAFront"?

[mrogers]

Lamo was also the star of the "leaked" documentary Hackers Wanted , a thinly-disguised attempt to recruit hackers to the US military.

Re:Why not just call their company "NSAFront"?

[FriendlyLurker]

Obviously that crappy documentary propaganda piece it did not work well - they had to setup a recruitment stall at Defcon...

Re:Why not just call their company "NSAFront"?

So do we burn these guys out now?

No. I don't know what is really going on, but hackers have been saying the same thing for years: If the application was separate from the theory we could actually work with the U.S. government.

These guys are application. They need to cull the predatory members from the information handling community, and get them in a clinch so they can be demonstrably cracked in the nuts when they go off the rails.

CyberCommand is also application. I say it is about time and good fucking riddance to the Lamo types.

If you are reading this and you use your hacking knowledge for predation, find a group like this to join and let the rest of us get back to the work of building the future.

Re:Why not just call their company "NSAFront"?

[Reziac]

Um... there's plenty of evidence that "Adrian Lamo" is nothing more than a high-end con artist:

http://tpmmuckraker.talkingpointsmemo.com/2009/09/american_police_force_hardin_montana.php?ref=fpb
http://www.kulr8.com/home/related/62994352.html
http://www.infowars.com/exposed-american-police-force-is-a-blackwater-front-group/
http://helenair.com/news/local/state-and-regional/article_aac61630-ae5a-11de-a782-001cc4c002e0.html

Re:Why not just call their company "NSAFront"?

[TheJokeExplainer]

Say what you will about Adrian, but his razor-sharp wit is absolutely hilarious. Check out his Q&A at Formspring.me where you can ask him anything (do it now! :D). Unlike other whiny angry h4x0rs, the dude is an absolute geek comedian.

His candor is pretty refreshing and his comedy rebel streak is a bit reminiscent of Banksy.

Oh, and he's also to public face of 2600: The Hacker Quarterly on Facebook.

Re:Why not just call their company "NSAFront"?

[ushering05401]

His razor sharp wit? That's what we are supposed to be admiring? Are you nuts?

If we believe Lamo's cover story for the Manning affair he was swimming in the wrong end of the pool. That is the beginning and end of the story on the guy. There is no greater fail on my hack-o-meter.

I'm not bashing him for turning anyone over, even if I would have refrained (or told Manning to get his spook enabling ass off my channel). The guy is full of fail because he didn't know how to handle a hot potato while advertising his services as an expert on hot potatoes.

What if he had gone the other direction in his fear and looked for protection from an underground player instead of rolling over like an attention whoring opossum? Who would have had the proverbial drop on our country? Access to Manning in addition to all the documents that had already been transferred?

Lamo was handling national security level information and got scared? Even a half-assed high school hacker knows how to drop a dime without becoming known.

If the Manning thing was a cover, that's sad for Lamo's reputation. He has to bear the brunt of being the guy that didn't know how to handle a potentially deadly situation; he has to live as a known lightweight whatever his technical skills or future accomplishments.

End of story in my book, though I welcome opposing views.

Re:Why not just call their company "NSAFront"?

[RobM9999]

Aspergers my ass. He is either drunk, wasted, or on meds. IANAD but from what I have read non of what he was displaying are symptoms of Aspergers.

Recruit Anonymous

Just have to tell /b/ that the target is a scientologist. Or has hot nudes hidden on their facebook account.

Re:Recruit Anonymous

[elrous0]

You would probably get better results telling the Church of Scientology that this company is out to get Scientology. They would be swarmed with private detectives, character assassins, corrupt cops, and seedy lawsuits within days.

Spot the Fed

So I take it that "Spot the Fed" is a little more interesting this year?

Re:Spot the Fed

[AHuxley]

Looks like the feds are playing East Germany and hope to spot you via a flood of occasional informants... they should ask the former East Germans state security types they contracted how well that worked for them.

bogus

[bsDaemon]

So, I got curious and clicked the link to the article. Then I clicked the link to the project's website, which beyond a splash screen with an INGSOC-esque logo with a half-assed latin slogan, you find a cheap-ass Drupal site which requires an OpenID account to log into. The list of logged-in users includes such gems as a guy named "poopcracker."

If this is cointelpro, its either extremely terrible, or extremely brilliant for looking so shoddy. Chances are, its just misguided vigilantism by people who read "gray hat python" and now think they can 'hack the Gibson'. I'm not sure which would disturb me more.

Re:bogus

When you say "half-assed latin slogan," I hope you mean "pseudo-Latin slogan" - because that motto is the result of someone who doesn't know Latin trying to come up with something and getting it wrong. I think they were going for "We Watch Together," in which case they certainly shouldn't have used the first person *singular* of vigilo (not to mention misspelling "vigilo"). I think they meant Evigilamus Jugiter, to give the phrase the proper tone of menace (if they meant something less menacing, they should have gone with a variation on vigilamus pro te, which is the motto of the Canadian land forces and a translation of the chorus of O Canada).

Re:bogus

[FriendlyLurker]

Some of the names behind Project Vigilante:

...the list of its officials, which includes Mark Rasch, who headed the DOJ's Internet Crime Unit for 9 years; Kevin Manson, a retired Homeland Security official; George Johnson, who "develop[ed] secure tools for the exchange of sensitive information between federal agencies" for the Pentagon; Ira Winkler, a former NSA official; and Suzanne Gorman, former security chief of the New York Stock Exchange. These are people with extensive, sophisticated expertise in compiling highly invasive data about individuals' Internet activities, and more so -- given their background -- how to package it in a way that can be used by federal agencies.

From here and here.

So... perhaps it is a honeypot as well? In any case, the real operation is run backend to your ISP.

Re:bogus

[maxwell+demon]

Romanes eunt domus!

Re:bogus

its a bunch of do nothings that spent a lot of time in the ivory tower being completely ignorant of the times

Re:bogus

[RobM9999]

If you like that then check out the linked site for BPH Global. besides being a) the same color. b) the same cheap-ass Drupal. c) even crappier looking (if possible)., click on the Background link and read that. I have read better written spam emails which want to give me millions/make my p3n1s bigger/ sell me v1agra. For thos not wanting to waste your time traveling there, I give you the treasure that is their background:

-----
If you audience are in the field of Information Technology, the term "information theory" is almost always attributed to the word of Claude Shannon, but BBHC Global LLC looks into pre-computational information -- as well as the forms which use the measure of content as a relation to entropy. This section will discuss for our audience the various types of "Information Theory" as we best understand them, along with samples to illustrate. From this we look into applications of the various theories.
----

Re:bogus

Who cares about a proper website when your on the Government "Defense" contract gravy chain. Here, your Federal clients meet you in back rooms over brandy and cigars - not on the internet....

Re:bogus

Mindful of keystrokes as hackers are, members of the secretive organization refer to themselves with a clever contraction of their nearly Latin motto "Jugiter Viglio." Since apostrophes could inadvertently trip them up when coding their VB hacker interfaces, they write and pronounce the contraction as "Juggalo."

Re:bogus

I think they were going for "We Watch Together," in which case they certainly shouldn't have used the first person *singular* of vigilo (not to mention misspelling "vigilo"). I think they meant Evigilamus Jugiter, to give the phrase the proper tone of menace

To boot, iugiter is a ludicrously rare word and, though it does come ultimately from iugum "yoke", it doesn't actually mean "together": it means "continually" or "perpetually". "Evigilamus semper" would be better still.

This is one case

[Just_Say_Duhhh]

where it is definitely a good idea to take the blue pill!

EU already did it

[ZeroExistenZ]

EU already has a simular technology in place.

You can get the analysis at wikileaks: EU social network spy system brief, INDECT Work Package 4

"The aim of work package 4 (WP4) is the development of key technologies that facilitate the building of an intelligence gathering system by combining and extending the current state-of-the-art methods in Natural Language Processing (NLP). One of the goals of WP4 is to propose NLP and machine learning methods that learn relationships between people and organizations through websites and social networks. Key requirements for the development of such methods are: (1) the identification of entities, their relationships and the events in which they participate, and (2) the labelling of the entities, relationships and events in a corpus that will be used as a means both for developing the methods."

Re:EU already did it

This is a _public_ Deliverable of an EC Framework 7 Research Project.
EU funded research projects usually are just humble researchers looking for stories how the research
they are doing anyway (in this case computational linguistics) can be get funding from the EC. So they
are writing fancy proposals on how the research could be applied to _whatever the EC finds interesting_,
they get funded, write reports on how their stuff works great on their scientific datasets and why it
doesn't work on _whatever the EC finds interesting_. And that because of that they need even more funding to do more research.
It is just a way to fund universities and encourage collaboration between researchers from different EU
countries. Which is a good thing.
At the end they will write a fancy exploitation deliverable and the 5000 pages of reports will rot in some of the EC's drawers.
Why this is at Wikileaks is a miracle to me, it is a public deliverable, anyone can download it from the project's web site.

Re:EU already did it

that will be used as a means both for developing the methods."

And...? AND?
I'll bet they left off semicolon somewhere, too. Thing probably doesn't even compile.

Salon's Glenn Greenwald on Project Vigilant

[arnott]

He had a detailed post of 'Project Vigilant'.

Uber told Computer World that he decided to divulge his group's role in directing Lamo to turn into an informant because he thought that Lamo's patriotic act was being unfairly disparaged.

But vigilantes have such a great reputation

[Drakkenmensch]

Smart money says this is a sting operation to bag hackers who are a bit too keen to use their tech savvy to spy on their neighbours!

Re:But vigilantes have such a great reputation

[Jawnn]

So you're saying that the Feds have started eating their own, then?
Cool.

Project Vigilant

The former hacker who turned in the Army person for the Wikileaks papers was a member of Project Vigilant. A group of wannabe spooks and terrorist fights who don't want to leave the comfort of their living rooms.

Follow the cash and access

[AHuxley]

Two links with some more reading on Project Vigilant.
"that it monitors the traffic of 12 regional Internet service providers, hands much of that information to federal agencies, and encouraged one of its "volunteers," researcher Adrian Lamo, to inform the federal government about the alleged source of a controversial video of civilian deaths in Iraq leaked to whistle-blower site Wikileaks in April."..
but said that because the companies included a provision allowing them to share users' Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally gather data from those Internet carriers and use it to craft reports for federal agencies.
from:
Stealthy Government Contractor Monitors U.S. Internet Providers, Worked With Wikileaks Informant
http://blogs.forbes.com/firewall/2010/08/01/stealthy-government-contractor-monitors-u-s-internet-providers-says-it-employed-wikileaks-informant
"Elite US cyber team courts hackers to fight terror"
http://www.google.com/hostednews/afp/article/ALeqM5hKoXQdL-L1HFYObz0_UUHMactSWg

Top tip, stop chatting to strangers, try a sneaker net gap and again stop chatting :)

Re:Follow the cash and access

[brxndxn]

Don't cyber snitch.

Re:Follow the cash and access

Sounds like outsourcing the infringement of our rights to me. Remember all those whiners who cry "its not censorship if the government doesn't do it", now that's coming home to roost, because the government isn't doing it, this "Project Vigilante" (staffed with the "former" head of the DoJ Internet crime unit, "former" NSA officials and so on) is doing it.

Just remember: if you live a boring, stupid life, you have nothing to fear from the fundie puritans who flock to schemes like this in order to ruin anyone who dares to have more fun than they do.

Re:Follow the cash and access

Those fundies are compiling lists of other fundies to recruit. That is higher value to our community than any of the damage they might inflict on a non-violent cultural faction via l.i.a.w. tactics.

The rules here are the same as before. Their internal secrecy will only last until a privileged actor becomes disillusioned. At that point we can allow them to unleash the petite one on each other to rectify the situation.

This is a hugely positive development. I hope all the little spooklets currently wearing hacker clothing get paid with random unmarked bills delivered in brown paper bags and get to run around with super secret encrypted communication devices and guns. It wouldn't be appropriate to leave out any of the candy mountain trappings that these sacrificial lambs deserve.

They may thrash, but we win this one. Let them flock. You take notes and most importantly: never accept violence as a component or potential consequence of any plan.

What has happened in the U.S. since 9-11 has veered between theatre and lunacy and finally we have vigilant - exactly the sort of thing that wakes the fearsome child that sets the record straight.

Chet Uber?

[Sporkinum]

He must have the world's most awesome popped collar!

Re:Chet Uber?

[elrous0]

I bet he can really ski the K-12.

Re:Chet Uber?

[medv4380]

The guy is one of the Cyber War nuts 2002 he was running with the business name of Security Posture trying to cater to the conspiracy theory nuts. Everyone already knows that Game Boys emit pilot killing rays.

Pot, meet kettle

[esocid]

According to Uber, Project Vigilant also played a role in Iran's Green Uprising last year, operating five Internet proxy servers that helped dissidents circumvent government spying and move information out of Iran and into the hands of dissident groups.

So when does the US get some of this help to circumvent government^H^H^H^H^H^H^H^H^H^H protective spying and allow the free transmission of information. Oh, wait. I see now.

On Sunday, Uber said he was the first person to call the federal government about the sensitive cache of documents allegedly leaked by U.S. Army Intelligence Analyst Bradley Manning, and which was ultimately published on Wikileaks. Manning leaked the documents to Adrian Lamo, who does "adversary characterization" for the group, Uber said.

Re:Pot, meet kettle

Project Vigilant also played a role in Iran's Green Uprising last year, operating five Internet proxy servers

That's why they failed to get rid of the mullahs. They should have been behind seven proxies.

Re:Pot, meet kettle

[BrokenHalo]

government^H^H^H^H^H^H^H^H^H^H protective spying...

Unless your Emacs is broken, you should be able to use ^W to achieve the same effect.

HTH.

Wannabe's

wannabe's trying to recruit talent that they obviously lack, in a convention that is arguably a good percentage of wannabe's too

this is the future of our computer security people, be afraid

Re:Wannabe's

[AHuxley]

Kept MS code going for many years :)

Really?

[denzacar]

This is one case where it is definitely a good idea to take the blue pill!

I don't see how will taking Viagra do any good here.

Re:Really?

[digitig]

Do you want to be the one doing the shafting, or the one getting shafted?

Re:Really?

[maxwell+demon]

Do you want to be the one doing the shafting, or the one getting shafted?

No.

Manning/wikileaks connection

[e2d2]

You know, as crazy as this may sound to some of you, working in the US intelligence field or the peripheral fields is not akin to being evil.

This really doesn't worry me too much to be honest. I'd rather have these people out there working then not. It's not as black and white as some would like to paint it. When the US Army Intel analyst Manning got busted leaking documents to wikileaks, he broke a Federal law and the authorities, working with an informant through this program, found out. This program was directly responsible for helping find the source of those leaks. Why is that a bad thing?

Also, this is the world of black hats. You think everything is as it appears? If you get duped then well that's on you huh.

Re:Manning/wikileaks connection

[thrillseeker]

You know, as crazy as this may sound to some of you, working in the US intelligence field or the peripheral fields is not akin to being evil.

You must be old here.

Re:Manning/wikileaks connection

[AHuxley]

"akin to being evil" really depends on the decade? the Church report, Iran contra, Operation Ajax, Room 641A, Sibel Edmond, COINTELPRO ...
Do you really want unaccountable, hidden, profit driven - mercs, private corporations, individuals and cyber vigilante types doing what the FBI should?

Re:Manning/wikileaks connection

[betterunixthanunix]

Was it specifically bad to turn in Manning? No, things are no black and white. From where I sit, though, Wikileaks is doing a good thing by exposing government lies -- we cannot trust the government to be honest about classified documents, which is why we need Wikileaks. If these guys are fighting against Wikileaks, that means they are pitted against those of us who want a more open government.

What worries me is that these guys are not required to abide by the constitution; they voluntarily collect information, and then turn it over to the government, which allows the government to obtain evidence that it would not otherwise be able to collect. These "fourth party" arrangements have been discussed in the past, and just because they are not hot news items anymore does not mean they are less worrysome.

Re:Manning/wikileaks connection

[Dishevel]

Do you really want unaccountable, hidden, profit driven - mercs, private corporations, individuals and cyber vigilante types doing what the FBI should?

No. You are right.

Open letter to the World

We quit. We do not like evil people looking at stuff and busting people. We can not trust them 100% so we are firing them all. Effective intimidate the US will fire all FBI, CIA, NSA, ICE, Treasury agents, and so forth. They are all going home today. We the people from San Fransisco understand that once we stop with our gestapo, imperialistic, "War for Oil", decadent consumerists ways the world will once again embrace us and take us into the loving fold of humanity. We know that no one will dare take advantage of us once we are defenseless.

Wait.

Yes. I do want them out there. I really do. I also think we need to watch them whether or not they want to be watched. It is a balancing act. But you sir are just another hippy, liberal fuck face who spouts out shit with no thought what so ever to the content and meaning of the words that spew forth from your willful run from any fact based decisions. Go fucking crawl in a hole and stay there.

Re:Manning/wikileaks connection

[GooberToo]

You mean the CIA and NSA. The FBI is for domestic intelligence gathering and enforcement only. This is, in fact, why the FBI and CIA/NSA were purposely intended to never have open channels with each other. What everyone called broken following 9/11 was actually by design and for very, very, very good reasons. The reason is simply, its ripe for domestic abuse and violation of the Constitution.

The FBI was basically considered to be federal police. The CIA/NSA is considered quasi-military, which is exactly why they are frequently ex-military and work extremely closely with the military. They are a major source of intelligence for the military. As such, its actually illegal for them to be used domestically. That all changed with the creation of the homeland security, who's sole job is to view everyone as a criminal, treat them accordingly, while violating the Constitution as much as possible, without getting the public in an uproar.

Basically the creation of homeland security was a spit in the eye of all our forefathers, violation of pre-existing laws which were in place specifically to prevent this cluster fuck.

Re:Manning/wikileaks connection

[evildarkdeathclicheo]

Most laws are generally a bad thing. Supporting something just because it is "a law" is sheeple behavior. Question everything.

Re:Manning/wikileaks connection

[BrokenHalo]

You must be old here.

That's right. He should have recognised that "US" and "intelligence" can't coexist in the same sentence.

*Ducks* ;-D

Re:Manning/wikileaks connection

[e2d2]

Will do. Can you send me more tin foil? My supplies are low.

Re:Manning/wikileaks connection

[e2d2]

Mods label anything they don't agree with as troll. It's pathetic.

Re:Manning/wikileaks connection

[schwaang]

No matter where you stand on Manning and Wikileaks, the intent of the Fourth Amendment (and the entire Revolution, really) is against the whole idea of the government snooping on its citizens without restraint.

It's one thing when the feds get a warrant to eavesdrop on a suspect like Manning, it's quite another when they wholesale eavesdrop on the entire population (or 250 million IPs in this case) and use the Manning affair to justify it after the fact.

This sounds familiar.. sort of

[tacktick]

When I was a MIRT Handler at Castlecops I heard of a secretive invite only organization that coordinated and worked on tracking online criminal activity. I was not told the name of this group. The deal was: if they wanted you then you would hear from them.
I wonder if this is the same group.

If so, then I assume their shadowy invite-only policy isn't working so well for recruiting.

Re:This sounds familiar.. sort of

[zerro]

.. or, perhaps it was another organization that you are thinking of. Could it be like the Russian "spy ring" that was recently "broken up" - this was probably just the decoy operation? It reminds me of the rough premise of Spies Like Us.

Re:This sounds familiar.. sort of

[tacktick]

I'm pretty sure the group I heard about was the real deal. Respected and well known Information Security researchers work with them or for them. Mostly volunteer staffed and they communicate with the government on emerging threats.
Sounds very similar..

Or it could just be a private forum where a bunch of white hat hackers and researchers talk about stuff.

Re:This sounds familiar.. sort of

[ushering05401]

Sure, it could be any of the things you mention. Unless it is operating under review it is also a cherry picking war hawk's dream organization. Who is going to contest the misappropriation of the analyses to support aggressive action?

The one thing that would have made this country safer after the 2001 attacks was an honest PUBLIC dialogue about the fucked nature of modern strategic options. We have been living with arsenals of WMDs for too long and they are smaller and more synonymous with power than ever.

The PUBLIC dialogue is going to need center stage to prevent the forsaking of all liberties in the name of survival. The courage to face death as a free human is strong in the U.S.A., we just aren't strapping bombs to ourselves to prove the point.

Iraq, the apparent culture around fed/local law enforcement, and the lack of courage by our leaders to invite public review are pretty much killing the hope of getting enlistment from many types of Americans that are otherwise willing to prove their courage in a formal capacity.

Groups like this are a cherry on the pile of shit.

Just posting a piece of new on /.

[VincenzoRomano]

Won't help those people to reach the goal, though.

This is news?

"Seedy company hires hackers to commit felonies" -- Yawn.

"A person or entity providing an electronic communication service to the public shall not intentionally divulge the contents of any communication while in transmission on that service to any person or entity other than an addressee or intended recipient of such communication or an agent of such addressee or intended recipient."

Terrorists?

[alfredos]

Given the abuse and buzz power that that word has seen in the last couple of years, I tend to treat anything that comes with 'terroris.+' in the subject with a grain of salt. Well, actually more than a grain: I start giving credit starting at the absolute bottom of the scale when that regex matches, and it usually doesn't get very far. There is just too many people out there trying to make a living, if not easy money, out of scaring people and leveraging the politicians with that fear. Take a look at "The power of nightmares", a BBC documentary readily available on YouTube, about the latter.

Given their observation of Iran's election

[WolfTheWerewolf]

Why aren't they focusing the same attention on elections in the USA?

Monitors 12 regional Internet service providers?

[lowrydr310]

Monitors the traffic of 12 regional Internet service providers? Is there a list posted anywhere? My ISP has a EULA, and there's are a few references to third party providers, but it doesn't seems to mention monitoring or sharing of activity or usage details.

BBHC Global L.L.C.

Here's their business license registration. It's only a year old.

Florida Limited Liability Company
BBHC GLOBAL L.L.C.
Registered Agents: Steven Ruhe & Susan Van Der Gaast Document Number: L09000077415
FEI/EIN Number : 270717413
Date Filed: 08/12/2009

The address provided for contact is someone's HOME ADDRESS in a middle income suburban gated community.
This is run out of someone's f***ing house...

This company fails the Slashdot test and their website is an utter joke. They're just a bunch of noobs playing around with their Dell Inspirons from home.

Re:BBHC Global L.L.C.

Figures... Project Vigilante is more like it. The only threat to cybersecurity here is giving these people a license to internetz.

Re:BBHC Global L.L.C.

[JWSmythe]

From the whois info for projectvigilant.us:

Steven Ruhe
BBHC Global LLC
4828 North Kings Highway #126
Fort Pierce, Florida 34951
Phone: +1.7723326988
Fax: +1.8667288650
Email: steven.ruhe@bbhc-global.com
Registered: Mon Sep 21 23:36:10 GMT 2009

    From the whois info on bbhc-global.com

Ruhe, Steven chet.uber@mac.com
BBHC Global LLC
5817 Sunberry Circle
Fort Pierce, Florida 34951
United States
+1.7729401858 Fax -- +1.8667288650

The address "4828 North Kings Highway" is "Indrio Crossing Pack N Ship", a mail drop.

The address "5817 Sunberry Circle" is a 2,800 sq/ft 5br/3ba residence, purchased in 2004 for $205,000.

There are two businesses registered at this address:

Bbhc Global L.L.C. Registered by Steven E Ruhe in 2009
M J Jones, Inc. Registered by Jimita Johnson-Jones in 2004, with the fictitious name of "Today's Window Fashions"

There is a drivers license record for Chet Lee Uber (47yo male, other ethnicity) at the Sunberry Circle address. He is a registered voter, affiliated to the Democratic party.

There is a Barbara Uber (66yo white female) with a listed phone number at the same address.

hahahahahaha! Either this guy is living up the cougar lifestyle, or he's living with his mom. :)

I couldn't find a drivers license record for Mr. Steven E Ruhe. There is a Steven R Ruhe (58yo white male) in Merrit Island, FL, but probably isn't him.

Jimita Johnson-Jones (32yo black female) has a drivers license record in Orlando, FL.

Let the jokes about living in his mothers basement commence! ... and all information gathered for this post was available through public resources. No electronic trespass was committed in the gathering of this data.

Re:BBHC Global L.L.C.

[RobM9999]

From Steven Rhue's Plaxo profile, he graduated from Wahoo High school in Bumf**K..er Wahoo, NE in 2002, so he is only about 26. His Plaxo profile also has links to both Chet Uber's and Susan Van der Gaast's Plaxo profiles.
His Linkedin profile shows him living in Lincoln, NE, which fits with other things I read. It also shows him owning/related to T.G.B.S Construction, which I haven't found anything on.

Re:BBHC Global L.L.C.

[JWSmythe]

Follow the trail.

    projectvigilant.us is registered to Steven Ruhe steven.ruhe@bbhc-global.com of BBHC Global LLC in Fort Pierce, Florida

    bbhc-global.com is registered to Ruhe, Steven chet.uber@mac.com in Fort Pierce, Florida. Specifically 5817 Sunberry Circle Fort Pierce, Florida 34951

    The article specifically cites Chet Uber in Fort Pierce, FL.

That's because most information security professionals have never heard of the group, called Project Vigilant. The group's director, Chet Uber, ...

    The Florida DMV database shows no Steven Rhue in the area. It does show a Chet Lee Uber at the address the domain is registered to.

    It doesn't take a lot of brain power to put that together. Everything matches the information provided. The "Steven Ruhe" is an alias. Well, a decoy if you will. If people are looking around for a Steven Ruhe, they are less likely to identify him as Chet Uber, even though there is significant crossover between the two identities.

    It's possible you could find more people named "Steven Ruhe" or "Chet Uber" around the country, which may be what you found. I know if I search for either my real name or alias, I find lots of people all around the world with my name, some matching my general physical description.

    I'd give the DMV database priority over anything from sources like Linkedin or Plaxo. Those places don't require any proof of who you are, where the DMV is a bit pissy about proving who you are. I just renewed my Florida drivers license, and needed my old drivers license, birth certificate, social security card, and two other proofs of your home address. I guess more importantly, he has two Chet Uber's listed as connections on Plaxo, each in different areas. Either he has two friends with the same name, or there's clearly no real validation of a persons identity.

Re:BBHC Global L.L.C.

[esocid]

His name was Steven Ruhe. His name was Steven Ruhe.

Re:BBHC Global L.L.C.

[JWSmythe]

    There was no mention of a Steven Ruhe in the story. He gave the alias of Steven Ruhe and the email address of chet.uber@mac.com on one of his domain registrations.

    There is no Steven Ruhe living anywhere near where the person mentioned in the story lives. There *IS* a Chet Uber that not only lives in the same area, but at the same address as listed on one of his domains, which is just down the street from the listed address for the "Secretive Group" Project Vigilant (http://projectvigilant.us/)

    But whatever. If you guys want to think that it couldn't possibly be the guy who lives at the address the domain is registered at, in the city that he said he lives in, and you want to believe it's another guy with the same name in another state, fine. It's good you don't try to play PI or anything.

Re:BBHC Global L.L.C.

"Let the jokes about living in his mothers basement commence! " One thing seems clear, Adrian Lamo can't function in the presence of breasts.

Re:BBHC Global L.L.C.

[esocid]

It was a Fight Club reference. I believe you by the way.

Re:BBHC Global L.L.C.

[JWSmythe]

    Oh, sorry. :) It's been a while since I saw Fight Club. I'll have to go add it to my Netflix queue.

Alright! That's it!

This thread has gotten just too silly. Please move along to the next thread, a fairy story about the police.

Re:Monitors 12 regional Internet service providers

[AHuxley]

A EULA for consumers, a EULA for costumers and a EULA from the gov to be an isp/bell/telco?

It's just an American copy-cat of the n3td3v group

Looks like an American copy-cat of the n3td3v group which has been around since the late 1990s. http://sites.google.com/site/n3td3v/ n3td3v group has over 10,000 volunteers, whereas these guys only have 600. n3td3v group has proper connections with the authorities, whereas these guys haven't. n3td3v group has over 10 years experience, whereas these guys haven't.

Astroturf...

[jythie]

Given that they are being shilled by Wired and associated with Adrian Lamo, I think a lot of people are assuming they are just as fake.... esp people familiar with the cozy relationtionship Lamo had with Wired and the personality/mythos they manufactured around him...

Trying to get their name out there via association with a fake hacker and his sob story via the same publication that was used to bring attention to his 'exploits'.. really does not give them good PR.....

Pseudonymous cowards?

[avm]

Lamo? Uber? Seriously now, don't they have more creative writers than that? This sounds like life is starting to emulate art (if you can call the assorted CSI:* series such).

Re:Pseudonymous cowards?

Real name is RUHE, STEVEN E

Why not just fix security instead?

[ka9dgx]

Capability based security has been patiently waiting for people to get fed up with the broken mess that is user based security.... it's time to end this mess by properly securing everyone's computers.

Reminds me of the Simpsons

[ThatsNotPudding]

"Two Guys from Quantico Pizza"
More on-topic: I certainly do hope hackers take up the offer. The more Wikileaks, the better for Democracy and Freedom.

In Soviet Russia

[jmizrahi]

In Soviet Russia, YOU track Project Vigilant!

Wait, what???

[schwaang]

According to Uber, one of Project Vigilant's manifold methods for gathering intelligence includes collecting information from a dozen regional U.S. Internet service providers (ISPs). Uber declined to name those ISPs, but said that because the companies included a provision allowing them to share users' Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally gather data from those Internet carriers and use it to craft reports for federal agencies.

Wait, so a dozen large ISPs are handing private user data to Project Vigilant which in turn hands it to parts of the US gov't, and this is "legal" because the ISPs have EULAs which allow sharing with unspecified third parties???

Way to bury the lede, slashdot. Some mainstream journo needs to find out which ISPs are participating.

not so lamo as they seem to be

http://www.examiner.com/x-27653-SF-Technology-Examiner~y2010m6d22-Big-names-help-run-Project-Vigilant

Is anyone actually this gullible?

[synthesizerpatel]

Chet Uber for Project Vigilance? ..

Sounds a lot like Christian Valor (se7en) if anyone remembers him..

My money is on him being bullshit artist looking for some speaking gigs before he gets found out to be a fraud.

Positioned for Espionage?

My guess is the Uber's are incompetent spies. Both are listed as "accountants" on LinkedIn. Lisa speaks 3 languages fluently and Chet is trying to recruit domestic hackers. If our Intel services aren't parked outside their house and tapping their phones then I have little faith in what our guys constitute suspicious activity. There is something very wrong with this whole situation. The Uber's are trying to gain trust within the Intel community while at the same time hiring blackhats. Seriously, there had better be some alarm bells going off somewhere.

How Uber came to be

I just figured out where Uber came from!
He went to http://www.hackforums.net/ and paid his $30.00 to become an Ub3r member

The World Calls Bullshit

In addition to the commentary posted here, Cryptome and another blog have both come to the conclusion that this is little more than a publicity stunt.

There's exactly one article on examiner.com that seems to form the foundation of whatever credibility this group may have. That article breathlessly enumerates some of the "big names" on their roster, but doesn't seem to either vet their credentials or even confirm their membership.

Snow job.