'Project Vigilant' Recruits At Defcon To Track You

angry tapir writes "A secretive volunteer group that tries to track terrorists and criminals on the Internet went to the Defcon hacker conference in hopes of recruiting information security experts, but it will first have to overcome some skepticism. That's because most information security professionals have never heard of the group, called Project Vigilant."

Why not just call their company "NSAFront"?

[elrous0]

It would be no less obvious.

Re:Why not just call their company "NSAFront"?

[conspirator57]

As usual, Glenn Greenwald has several interesting things to say, even though he's not that technical and ascribes far too much credence to the technical prowess and savvy of high-level government officials with "cyber" or some variant in their name.

http://www.salon.com/news/opinion/glenn_greenwald/2010/08/02/privacy/index.html

Re:Why not just call their company "NSAFront"?

[FriendlyLurker]

Adrian Lamo worked as an Analyst for Project Vigilant - which specializes in collecting any and all data from major ISP's where the EULA permits third parties (i.e. pretty much all of them).

Lamo also just happened to turn in chat logs for military whistleblower Bradley Manning. There is already decent evidence to suggest that Lamo never talked to Manning, but was given the logs by this secretive private catch-all spy network "Project Vigilante" and told to turn them in.

bogus

[bsDaemon]

So, I got curious and clicked the link to the article. Then I clicked the link to the project's website, which beyond a splash screen with an INGSOC-esque logo with a half-assed latin slogan, you find a cheap-ass Drupal site which requires an OpenID account to log into. The list of logged-in users includes such gems as a guy named "poopcracker."

If this is cointelpro, its either extremely terrible, or extremely brilliant for looking so shoddy. Chances are, its just misguided vigilantism by people who read "gray hat python" and now think they can 'hack the Gibson'. I'm not sure which would disturb me more.

Re:bogus

When you say "half-assed latin slogan," I hope you mean "pseudo-Latin slogan" - because that motto is the result of someone who doesn't know Latin trying to come up with something and getting it wrong. I think they were going for "We Watch Together," in which case they certainly shouldn't have used the first person *singular* of vigilo (not to mention misspelling "vigilo"). I think they meant Evigilamus Jugiter, to give the phrase the proper tone of menace (if they meant something less menacing, they should have gone with a variation on vigilamus pro te, which is the motto of the Canadian land forces and a translation of the chorus of O Canada).

Re:bogus

[FriendlyLurker]

Some of the names behind Project Vigilante:

...the list of its officials, which includes Mark Rasch, who headed the DOJ's Internet Crime Unit for 9 years; Kevin Manson, a retired Homeland Security official; George Johnson, who "develop[ed] secure tools for the exchange of sensitive information between federal agencies" for the Pentagon; Ira Winkler, a former NSA official; and Suzanne Gorman, former security chief of the New York Stock Exchange. These are people with extensive, sophisticated expertise in compiling highly invasive data about individuals' Internet activities, and more so -- given their background -- how to package it in a way that can be used by federal agencies.

From here and here.

So... perhaps it is a honeypot as well? In any case, the real operation is run backend to your ISP.

Re:bogus

[maxwell+demon]

Romanes eunt domus!

EU already did it

[ZeroExistenZ]

EU already has a simular technology in place.

You can get the analysis at wikileaks: EU social network spy system brief, INDECT Work Package 4

"The aim of work package 4 (WP4) is the development of key technologies that facilitate the building of an intelligence gathering system by combining and extending the current state-of-the-art methods in Natural Language Processing (NLP). One of the goals of WP4 is to propose NLP and machine learning methods that learn relationships between people and organizations through websites and social networks. Key requirements for the development of such methods are: (1) the identification of entities, their relationships and the events in which they participate, and (2) the labelling of the entities, relationships and events in a corpus that will be used as a means both for developing the methods."

Follow the cash and access

[AHuxley]

Two links with some more reading on Project Vigilant.
"that it monitors the traffic of 12 regional Internet service providers, hands much of that information to federal agencies, and encouraged one of its "volunteers," researcher Adrian Lamo, to inform the federal government about the alleged source of a controversial video of civilian deaths in Iraq leaked to whistle-blower site Wikileaks in April."..
but said that because the companies included a provision allowing them to share users' Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally gather data from those Internet carriers and use it to craft reports for federal agencies.
from:
Stealthy Government Contractor Monitors U.S. Internet Providers, Worked With Wikileaks Informant
http://blogs.forbes.com/firewall/2010/08/01/stealthy-government-contractor-monitors-u-s-internet-providers-says-it-employed-wikileaks-informant
"Elite US cyber team courts hackers to fight terror"
http://www.google.com/hostednews/afp/article/ALeqM5hKoXQdL-L1HFYObz0_UUHMactSWg

Top tip, stop chatting to strangers, try a sneaker net gap and again stop chatting :)

Chet Uber?

[Sporkinum]

He must have the world's most awesome popped collar!

Pot, meet kettle

[esocid]

According to Uber, Project Vigilant also played a role in Iran's Green Uprising last year, operating five Internet proxy servers that helped dissidents circumvent government spying and move information out of Iran and into the hands of dissident groups.

So when does the US get some of this help to circumvent government^H^H^H^H^H^H^H^H^H^H protective spying and allow the free transmission of information. Oh, wait. I see now.

On Sunday, Uber said he was the first person to call the federal government about the sensitive cache of documents allegedly leaked by U.S. Army Intelligence Analyst Bradley Manning, and which was ultimately published on Wikileaks. Manning leaked the documents to Adrian Lamo, who does "adversary characterization" for the group, Uber said.

Re:Manning/wikileaks connection

[AHuxley]

"akin to being evil" really depends on the decade? the Church report, Iran contra, Operation Ajax, Room 641A, Sibel Edmond, COINTELPRO ...
Do you really want unaccountable, hidden, profit driven - mercs, private corporations, individuals and cyber vigilante types doing what the FBI should?

Re:Manning/wikileaks connection

[betterunixthanunix]

Was it specifically bad to turn in Manning? No, things are no black and white. From where I sit, though, Wikileaks is doing a good thing by exposing government lies -- we cannot trust the government to be honest about classified documents, which is why we need Wikileaks. If these guys are fighting against Wikileaks, that means they are pitted against those of us who want a more open government.

What worries me is that these guys are not required to abide by the constitution; they voluntarily collect information, and then turn it over to the government, which allows the government to obtain evidence that it would not otherwise be able to collect. These "fourth party" arrangements have been discussed in the past, and just because they are not hot news items anymore does not mean they are less worrysome.

Re:BBHC Global L.L.C.

[JWSmythe]

From the whois info for projectvigilant.us:

Steven Ruhe
BBHC Global LLC
4828 North Kings Highway #126
Fort Pierce, Florida 34951
Phone: +1.7723326988
Fax: +1.8667288650
Email: steven.ruhe@bbhc-global.com
Registered: Mon Sep 21 23:36:10 GMT 2009

    From the whois info on bbhc-global.com

Ruhe, Steven chet.uber@mac.com
BBHC Global LLC
5817 Sunberry Circle
Fort Pierce, Florida 34951
United States
+1.7729401858 Fax -- +1.8667288650

The address "4828 North Kings Highway" is "Indrio Crossing Pack N Ship", a mail drop.

The address "5817 Sunberry Circle" is a 2,800 sq/ft 5br/3ba residence, purchased in 2004 for $205,000.

There are two businesses registered at this address:

Bbhc Global L.L.C. Registered by Steven E Ruhe in 2009
M J Jones, Inc. Registered by Jimita Johnson-Jones in 2004, with the fictitious name of "Today's Window Fashions"

There is a drivers license record for Chet Lee Uber (47yo male, other ethnicity) at the Sunberry Circle address. He is a registered voter, affiliated to the Democratic party.

There is a Barbara Uber (66yo white female) with a listed phone number at the same address.

hahahahahaha! Either this guy is living up the cougar lifestyle, or he's living with his mom. :)

I couldn't find a drivers license record for Mr. Steven E Ruhe. There is a Steven R Ruhe (58yo white male) in Merrit Island, FL, but probably isn't him.

Jimita Johnson-Jones (32yo black female) has a drivers license record in Orlando, FL.

Let the jokes about living in his mothers basement commence! ... and all information gathered for this post was available through public resources. No electronic trespass was committed in the gathering of this data.