Slashdot Mirror
25% of US Hackers Are FBI/CIA Informers
An anonymous reader writes "The Guardian reports that the FBI and CIA have 'persuaded' up to 25% of US hackers to 'work' for them. 'In some cases, popular illegal forums used by cyber criminals as marketplaces for stolen identities and credit card numbers have been run by hacker turncoats acting as FBI moles. In others, undercover FBI agents posing as "carders" – hackers specialising in ID theft – have themselves taken over the management of crime forums, using the intelligence gathered to put dozens of people behind bars. ... The best-known example of the phenomenon is Adrian Lamo, a convicted hacker who turned informant on Bradley Manning, who is suspected of passing secret documents to WikiLeaks.' What implications does this hold for privacy? Or is it just good work by the authorities?"
As you may have guessed, the estimate appears to be based only on the number of black hats, rather than all hackers.
It's effective work by the authorities. However, if people under FBI or CIA are actively encouraging or facilitating illegal activities that may not have happened otherwise, I may have some heavy objections as to whether it's "good" work.
He's getting rather old, but he's a good mouse.
In other news 47% of all news articles are speculative bullshit with no grounding in reality. See we can all make up numbers.
They say there are vast, anonymous networks of hackers, yet somehow they know they they've gotten 25% of them to work for the FBI? How do you calculate 25% of an unknown number? Or is there some Hacker registry at 2600 magazine that I'm not aware of (not being a hacker myself, I didn't get an invitation to join).
It's getting to the point these days where you just aren't sure which criminals you can trust.
http://alternatives.rzero.com/
You're telling me that indiscriminate thieves have a mercenary attitude which makes them prone to turn on their partners in crime?
Mind blown.
Well, they do something similar on the pedo circuit, where it's probably 75% cops trying to harvest the few real pedos. Both the "dirty old man" and the "innocent pubescent girl" of urban lore are likely to be law enforcement officers, and possibly even colleagues at neighboring desks.
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
This is a natural by-product of the of a national gestapo using "useful idiots" as proxies for doing their dirty work. Federal informants are often permitted to break the law and are paid very handsomely, often with provided housing and up to hundreds of thousand dollars a year, for their work.
Since these informants work for money(what "hacker" works for the fame of being a snitch?!) , they are more likely to embellish or even fabricate evidence to back up their claims. The FBI don't care about that, because if charges are bogus they will entrap of go fishing to find another charge to justify the time and cost.
The real question is, how much money is being spent on informants("cyber" or otherwise)? Could that money be better spend on schools or infrastructure? Why is it that scumbags with questionable pasts are being paid forty-thousand dollars(or more) a year while we and our families are eating ramen noodles for dinner and wondering how we're gonna pay next month's rent?
The answer is part of the government's broader plan to turn half the population against the other half. The ones who drink the kool-aid get to feed their families. The rest are radicals and terrorist pedophiles who deserve to be jailed and even used as near-slave labor. The big security complex is the only future in an America with large numbers of returning warriors and no economy other than the unsustainable one of making and busting criminals. Greed eats itself.
Yes, all of those things are true. No, I will not look them up for you, use your Google Fu - start with "lodi ice cream man terrorist, " level/tier 1 informant," "FBI infiltrate environmental groups," "prison labor builds patriot missiles," and go from there.
Why are people wasting time whining about exposing foreign informants? What concerns us is the network of domestic informants, aka Stasi 2.0. McGruff the crime dog says - "If you snitch, you get a bullet in your dome for being a coward."
-- Ethanol-fueled
It's not the tool, it's the people who use it.
crazy dynamite monkey
I call shenanigans.
There is simply no way this is anything CLOSE to accurate. This is pure FUD and self-promotion. First, they don't have accurate stats on how many ID theft operators there are (if they knew who was doing the stealing, they'd be able to close them down, right?), so this is just a "guestimate" to make people who deal with bulk operators worried that they might be dealing with a "dishonest crook", and to justify their budgets.
Pitifully transparent.
37% of FBI/CIA informers are double-agents.
what's good for the goose is good for the gander...
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Is why FBI/CIA needs so many gifted programmers
*Yeah i know its 2011 BUT IM STILL FIGHTING FOR THAT JARGON, DAMNIT!*
My -1 Troll is actually a +1 funny. And my -1 flame is actually a +1 insightfull.
does the FBI have adequate control over its hacker informants? For example, an FBI informer riding in the car that carried the killer of Viola Liuzzo. And who else is running hacker informants?
and I have to say, very effective FUD and self-promotion.
Agreed. This could just as easily be a false leak. It would be ridiculous to take these statements at face-value, given that misinformation is one of the CIA's strongest suits.
Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
My biggest problem with this sort of scheme is that they are facilitating the very thing that they are claiming to combat.
Are they luring people into committing crimes that they would not have committed otherwise? I'm guessing that the answer is yes, even if it is unintentional. After all, a lot of wrong-doings wouldn't be done if there wasn't a social framework (e.g. forums) to reinforce the behaviour.
I wonder how much of illicit credit card money finds its way back into FBI budgets. To fight crime, you know.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
It should say 25% of known hackers, which would be a more believable/accurate statement.
Bow before me, for I am root.
To put that in perspective, here's the current FBI Agent breakdown:
0% of known men
0% of known women
25% of known hackers
100% of known little girls.
https://www.eff.org/https-everywhere
...aren't at liberty to say which agencies of which governments we're working for.
Village idiot in some extremely smart villages.
What about ThinThread and other domestic surveillance programs? We know they're catching all US traffic at the ISP level. So if you're hacking computers in the US they can trace you back to the plug at the wall, from there they know you're either the person paying for the connection or someone leeching off his Wifi. A little detective work and they know if you live on the same block or if you're a roving wifi hacker who lives somewhere in downtown Portland.
Now how many non-US governments are doing the same thing and sharing this data with them? They already know who you are and what you're downloading, they simply don't have a reason to bust you right now.
So yeah, I bet they do have a pretty good estimate of the number of currently active hackers at least in the US. There's a profile on each one, and they know about zero-day attacks before anyone else does. It's just on the down-low since it's illegal. Do something big enough and they'll find a way to use it against you.
Cwm, fjord-bank glyphs vext quiz
I've had my run-in with this before. I'm just a generic every day sysadmin and have no real involvement with the security community, short of idling on IRC with a bunch of more active people. Here are my experiences:
In 1997 or '98 I was the sysadmin for a mom 'n pop local ISP. We got hit by a massive DOS attack - keep in mind this was in the pre-smurf/DDOS era, so it really did warrant the attention of the feds. The owner contacted them, and they talked to me about getting any logs we might have (which of course I was ready to provide). I asked them where they wanted me to send them, and... "No, why don't you meet us out somewhere? We'll buy you lunch.". Despite the offer of free food, the alarm bells were going off by this point. So, I met them at a local coffee shop, and out of the 30 or so minutes I was there, they spent maybe two minutes discussing the DDOS with me, and the rest of the time attempting to get me to inform on the local 2600 group. I declined repeatedly, and they continued to make more forceful and threatening requests. Every time I disagreed with them, they looked at each other - and this was the creepiest (and obviously rehearsed) behavior I've ever seen. They never did get those logs from me.
After that I didn't hear anything until around 2005 or so when one of my ex-coworkers from another company called to tell me two men came by looking for me, and that they had government plates on their car. They left a card, but since I'm not under any obligation to call them, I never did. As the years went by, I received more calls from different people with a similar story.
And my last run-in with them was only a year or two ago - someone called me from a cell phone claiming he was with the FBI, and he had my computer and I needed to come to the local field office to pick it up. I found that to be rather unlikely since I tend to hang onto them until they're dead, I certainly wasn't missing one, and then they (minus the drives - I still have those) go into the bin. After a week of ignoring his calls he stopped bothering me.
To this day I have no idea what they wanted, but the entire thing reeked of ill-spent tax dollars.
I really don't care anymore, so the hell with posting as AC...
Insert witty
You don't have to know the absolute number. You just have to have a rough estimate, which you get by counting girls hanging out with their best female friend on Saturday night. Then you just go to a 2600 or lug meeting and drop a giant butterfly net from the ceiling. Next you simply count your sample and check how many wear dark suits. They are either FBI or IBM.
ah, that's not what happened. Lamo was not being pressured by the FBI nor tortured by the CIA. He was not being solicited by anyone. He took it upon himself to decide that someone like Manning, who like himself exhibited signs of mental illness, should not have access to state secrets. He believes he's a repatriated hero.
The Admin and the Engineer
The thing that makes me actually partially believe them is the remarkable efficiency of department of homeland security's incredible ability to recruit "neighbourhood spies".
The numbers may be inflated, but make no mistake - authorities have noted just how efficient it is to essentially make a lot of small people into informants on minimal pay. Stalin would have had a major hard-on if he saw what they did in the States, he tried really hard to make the system in USSR to be similar, but it failed because of lack of ability to process large amounts of data at rapid pace.
We have that thanks to computerization and networking, and USA authorities can proudly state that they already have more spies then USSR spying on their own people. I really don't see why lessons from that can't flow into even more valuable hacker world, where informants are so important. Hell, case Manning makes for a great example - the #1 enemy of intelligence machine wasn't caught because of awesome hardware, awesome software or great investigation work. He was caught because someone Manning viewed as a friend and a "comrade in arms" so to speak was actually a snitch who fingered him.
And it's the importance of having snitches like that anywhere you can have them, and making sure that even if you don't have a snitch in a particular organisation, they THINK you do is the proven, effective control maintenance strategy for authorities. So yes, we can doubt the exact number, but the argument that a very large portion of US hackers are snitches is beyond reasonable doubt.
And if you ever doubt that snitches are the most important part of intelligence, look at case Bin Laden. Hunted with best equipment and millions of men for years, no luck. And in the end, the one who killed him wasn't a bunch of SEALs, or an advanced helicopter. It was some pakistani guy who was a snitch and fingered him. And funnily enough, to show just how well our media is penetrated by intelligence, in between massive dick waving about SEALs, helicopters and other thing that really didn't matter in the end, we didn't hear a word about the one thing that really did matter - THE SNITCH.
Not every hack is something which is clearly wrong.
And not every hacker got into it to be cool.
In fact I'd say the majority get into it just because they are curious and it's so easy. It's like leaving a jar of cookies and telling a young kid not to touch it while you go to sleep. You cannot be surprised if the jar is opened,and at least one cookie is missing.
I think the problem is that not every "hacker" has to get caught to get turned. A hacker could get turned after being set up. They might not necessarily have to even have broken any law on their own. There might not have had to be any victims of their hacks.
I don't claim to know whats going on but it looks like the FBI is just out to use them for their skills. Rather than put ads in the news paper and hire them to help with investigations, instead they want to do this kind of stuff. Most teenage hackers grow out of it when they become an adult. The problem is how many of these informants get turned as teenagers and forced to keep hacking into adulthood? And given the option how many of them would want to have a real job at the FBI or CIA or whereever rather than to be an informant? I don't know anybody and never met anyone who dreams of being an informant if they know how informants get treated. Chances are they saw James Bond or some movie and they think thats what being an informant is.
In reality an informant is a criminal, who ultimately gets treated as a criminal no matter how much good they try and do. At the end of the day the snobby elite treat them as criminals, and the criminal underworld treats them as a snitch, and they have nothing and no one to trust. They do typically get a lot of money, and praise from the government, but who is looking out for informants? When the informants receive death threats who looks out for them? What family do they have? Who can they trust?
The rest of their life they get to look forward to... what?
Being an informat doesn't mean "working for". A Mafia informant still goes about their daily business, doing their Mafia business. It's not the Government's business. However, then they may use information they glean in their dealings to "inform" authorities of certain happenings they're interested in. Thats what informing is. You seem to have a misunderstanding of the term.
And btw, the actual report doesn't relate to a quarter of "all hackers". Its a quarter of those tried and prosecuted or plea bargained. This represents a very small proportion of hackers 'out there'. So, in reality, they're talking about a quarter of less than 1%. Are informants. And of those, a very small handful FRONT criminal enterprise websites. That doesn't mean they're committing the criminal enterprise, but giving criminals a place to commit their enterprise so they can then be ensnared.
When the Dutch authorities recently embedded themselves in the Boylover forums in order to gather information on its members for prosecution, the Dutch authorities weren't actually raping little boys. Being present, as these hackers are, in a community doesn't infer any criminal involvement thereof.
So, to recap:
- Informing doesn't mean working for the government.
- Even those who are working for the government, aren't necessarily committing any crimes.
- The Chinese government is still hacking foreign networks.
- There's no denial of the report. You've misinterpreted the report, and what every subsequent detail of it actually means. There is no equivalency between the US Government having hacker informants, and a government which actually employees hackers to commit crimes.
- I'm not American. I'm not even Western. Try again.
"The true measure of a person is how they act when they know they won't get caught." - DSRilk
Lamo is a drama queen. If he sufferred rendition, that's all he'd be talking about. If you saw the PBS special last week, you would have seen him interviewed inexplicably wearing a trench coat indoors... like he was Deep Throat or something, which is some fantastic internal irony for him, because he dropped the dime on today's Deep Throat (Manning).
The Admin and the Engineer
You left out the possibility that Lamo decided his choices where 1) keep listening to manning and his classified leak plans and not tell anybody and hope his name
never gets discovered by the Feds or 2) alert the Feds and greatly lower you chances of going to prison for being an accessory for someone else's activity.
What if Manning had been the informant? If that turns out to be the case, 2 would be the better choice.
"We can't solve problems by using the same kind of thinking we used when we created them." -- Albert Einstein
This is the old one, I've seen it and it doesn't conflict with my original statement. Let me help you translate intelligence speak into english:
August 2010: American intelligence locates the brothers’ residence.
Translation: Informant sold out the residence's location. Informant not very reliable, but reliable enough to start collecting additional informant statements on site.
September 2010: The Central Intelligence Agency begins to work with President Obama on assessments that lead them to believe that Bin Laden may be located at the compound.
Translation: We assessed that information from the snitch(es) was reliable enough to assume that he may actually be there, and they weren't just taking the money and lying their asses off as they usually do on information about him.
There is probably at least two dosen of such sites at any given time or more. President is usually informed as a one-line statement in the large security briefing.
Mid-February 2011: United States government authorities determine that there was a sound intelligence basis to pursue this direction aggressively and develop courses of action.
Translation: After a long round of questioning snitches and flying spy drones and satellites over the site, we have multiple informant statements that match, statistically significant chance of target actually being on site (depending on case and finances, from a few percent to several tens of percent). Deploy our own trustworthy men to check the intel.
March 14: Mr. Obama begins a series of National Security Council meetings to develop options for capturing or killing Bin Laden.
Our men checked out the information, and confirmed snitches' statements. We have a good chance that intel is good and we can work off it.
In the end, it's still the snitch that's the hero. Everyone else is just working off his back.
Are quislings who'd sell their grandparents for an extra day's ration.
"Flyin' in just a sweet place,
Never been known to fail..."