Wednesday, February 24, 2010










We will host Cryptome on our multi-jurisdictional network-outside the US-if required.
FIND SPY PDF HERE;
or here
Network Solutions also appear to have also seized Cryptome.org's domain name over the Microsoft threats. via bit.ly

CONFIRMED: Cryptome, venerable anti-secrecy site, entirely gagged over Microsoft-spy-manual. Abuse of DMCA to coverup. via bit.ly
Background on outrageous Cryptome take down http://bit.ly/dicBtN via bit.ly

We will host Cryptome on our multi-jurisdictional network-outside the US-if required. via bit.ly

Privatized prior restraint? Cryptome disabled after recent threats by Microsoft over MS spy-guide. http://cryptome.org/ via bit.ly

Site Leaks Microsoft Online Surveillance Guide, MS Demands Takedown Under Copyright Law (UPDATE 4)
by Robert Quigley 9:31 am, February 24th, 2010

Cryptome, a whistleblower site that regularly leaks sensitive documents from governments and corporations, is in hot water again: this time, for publishing Microsoft’s “Global Criminal Compliance Handbook,” a comprehensive, 22-page guide running down the surveillance services Microsoft will perform for law enforcement agencies on its various online platforms, which includes detailed instructions for IP address extraction. You can find the guide here (warning: PDF). not anymore.

Microsoft has demanded that Cryptome take down the guide — on the grounds that it constitutes a “copyrighted [work] published by Microsoft.” Yesterday, at 5pm, Cryptome editor John Young received a notice from his site’s host, Network Solutions, bearing a stiff ultimatum: citing the Digital Millenium Copyright Act (DMCA), Network Solutions told him that unless he takes the “copyrighted material” down, they will “disable [his] website” on Thursday, February 25, 2010.
So far, Young refuses to budge.

Cryptome is no stranger to controversy: last year, when it leaked a detailed surveillance guide from Yahoo, which, embarrassingly enough, included a pricing sheet tallying up the costs of its various services, Yahoo demanded its takedown, also under DMCA. (The Microsoft guide doesn’t contain a pricing list.) Cryptome refused to back down, and the guide is still up.
Geekosystem swapped emails with Young about the situation, and he said that if Network Solutions follows through and takes Cryptome down on the 25th, “we will set up elsewhere, arrangements are always ready for that.”

He had this to say when we asked him what he found most repugnant about Microsoft’s guide:
Most repugnant in the MS guide was its improper use of copyright to conceal from its customer violations of trust toward its customers. Copyright law is not intended for confidentiality purposes, although firms try that to save legal fees. Copyright bluffs have become quite common, as the EFF initiative against such bluffs demonstrates.
Second most repugnant is the craven way the programs are described to ease law enforcement grab of data. This information would also be equally useful to customers to protect themselves when Microsoft cannot due to its legal obligations under CALEA.
There are other means to maintain confidentiality of legal obligations as lawyers well know. Claims of copyright violation is merely the cheapest and quickest way to coerce a service provider, no expensive lawyers needed. And it is a cheap and fast way to hide information from competitors as Yahoo intended with its false copyright claim.
There are many firms with similar obligations to law enforcement who do not use copyright to hide the compliance process — Cisco for one puts its compliance procedures online, as do others.
We think all lawful spying arrangements should be made public, not necessary the legally-protected information under CALEA. Microsoft should join the others who openly describe the procedures, and just may do so if there is a public demand for it.
We would like to aid that demand by publishing and refusing to take down the document which provides very important public benefits.
Microsoft’s lawful compliance guide is one of a dozen or so (below) we have published recently and only Microsoft and Yahoo have behaved like assholes — probably because they are more afraid of the authorities than they are of customer wrath, having been burned repeatedly for not being sufficiently official ass-kissing.
So, briefly:
1. Microsoft’s use of copyright rather than other mechanisms to try to take down the guide [note that Yahoo tried to do the same thing],
2. The asymmetry of information Microsoft provides to consumers and law enforcement agencies under CALEA, or the Communications Assistance for Law Enforcement Act, which Cryptome is meant to rectify, and, implicitly,
3. The strength and speed of Microsoft’s response: this past weekend, Cryptome also published electronic surveillance guides from Facebook, AOL, and Skype, among others (warning: all PDFs), but according to Young, none of those companies “behaved like assholes” by calling for a takedown, much less by using copyright law to do so.

Since the mid-’90s, Cryptome has been an unrelenting clearinghouse of information, and its all-text, minimalist look bespeaks the Wild West vibe of the early Internet days. In 2007, its ISP, Verio, booted it for some of its leaks. At the time, Young wrote, “Cryptome is now on a new ISP, Network Solutions, another US giant like Verio, closely linked to the authorities. We’ll see if it can take the heat or cave.”

Well, with the Microsoft surveillance guide leak, the heat is on. Whether Network Solutions backs down from its takedown threat or enforces it, it’s not likely that February 25th will be the end for Cryptome: it’s weathered bigger leaks and fallouts in the past.

Update, 1:47pm EST: Young has received another notice from Network Solutions asking that he provide a counter-notification in compliance with the DMCA. His response can be found on Cryptome.
Update 2, 2:20pm EST: Well, it looks like Network Solutions didn’t even wait for their February 25th deadline; Cryptome is down.They took the site down as soon as they received the counter-notification.

Young says there is a “NetSol ‘Legal Lock’ on the domain name to prevent it being transferred to another ISP until the “dispute” is settled; All Cryptome pages other than the home page now generate a 404 message.”
Currently, Cryptome’s files are being transferred to a new domain, http://cryptomeorg.siteprotect.net/; Young says they will be transferred back when the lock is removed.
(Minor) Update 3, 4:30pm EST: As one Hacker News reader points out, Network Solutions is 4chan.org’s ISP. How about that.

Update 4: Wikileaks has offered to host Cryptome for the time being, via Twitter. “We will host Cryptome on our multi-jurisdictional network-outside the US-if required.” They’re currently hosting a copy of the surveillance guide. (warning: PDF.)

Microsoft Online’s Global Criminal Compliance Guide does not do this. The Microsoft guide is a description of the ways in which the Microsoft Corporation retains your data, providing law enforcement easy access to some of your most intimate information, including private messages. The publication of such material is clearly protected under the First Amendment to the U.S. Constitution, regardless of any copyright claims.

* As a side note, the recent glut of new spying documents on Cryptome as well as the Microsoft Online’s Global Criminal Compliance Guide were taken from the same server on which Public Intelligence found the Network Intrusion Responder Program (NITRO) Course. The files were a part of a 292 MB file containing all slides, documents, and information from the 2009 Crimes Against Children Conference. While we do not begrudge Mr. Young for publishing these documents prior to us, which we had intended to do, we are concerned with the fact that access to the files had already been disabled at the time that we notified Cryptome regarding the U.S. Secret Service’s notices to us about the NITRO course. This is clearly stated in the Secret Service messages and was subsequently verified by us. In fact, there are only four ways that Mr. Young could have obtained the documents:
Via the owner of intelizone.com (not likely)
Via the Secret Service (not likely)
Via a visitor to both Cryptome and this site who had the foresight to download the 292 MB zip file, search through its contents, and systematically provide the documents to Mr. Young (less likely)
Via us (not true)
This perplexes us. We have the entire 292 MB file and will likely make the information available in the coming days.
Related posts:
German government warns against using MS Explorer
U.S. Secret Service Requests Removal of Documents from Public Intelligence
NSA helped with Windows 7 development
Fed Would Be Shut Down If It Were Audited, Expert Says
Microsoft Online Services Global Criminal Compliance Handbook

Anyone with money and an army of lawyers can control the dissemination of information. Even when there is a compelling reason for the public to have access to that information, such as the policies concerning retention of their own information, companies may simply invoke a set of laws and statues designed to protect the legitimate contributions of artists, intellectuals, and creators.

A SPECIAL THANK YOU TO PUBLIC INTELLIGENCE FOR THIS STORY.http://publicintelligence.net/

Radar has just published an extensive profile feature on John Young, the New York-based architect who is better known as one of the net's most ardent foes of government secrecy:
Cryptome is, in the words of washingtonpost.com columnist and NBC News military analyst William Arkin, "the Google of national security." It is a meticulously maintained online compendium of information—some previously available to the public, some not—devoted to plumbing and exposing the secrets of the intelligence world. With a clean, crisp design, it presents, in no discernible order, simple red links to documents and text files against a white background. Much of the material Young collects is stultifyingly dull—"RFC Keyed-Hash Message Authentication Code" will take the reader to an announcement in the Federal Register concerning a "mechanism for message authentication using cryptographic hash functions and shared secret keys" from the National Institute of Standards and Technology, for 
instance—but some of it is dangerous and even breathtaking.
During the past few years, Young has published detailed overhead satellite imagery of Site R, a military installation in Pennsylvania that he claims is Vice President Dick Cheney's undisclosed location. Hours after the FBI announced charges in June against four men for plotting to blow up jet-fuel tanks at John F. Kennedy International Airport in New York, Cryptome ran photos of the airport tank farms, pointing out the exact route of a jet-fuel pipeline buried beneath nearby residential neighborhoods. He regularly publishes satellite photos of the homes of intelligence officials, including CIA Director Michael Hayden's Washington, D.C., residence. He has exposed the names of what he claims are 276 British agents covertly working for MI6, the names of 400 secret Japanese intelligence agents, and the names and home addresses of what he claims are 2,619 CIA sources.
(...) The closest Young comes to explaining to me why he created Cryptome is this: "I'm a pretty fucking angry guy."Link to "Secrets and Lies," by John Cook. (Thanks, David Cho)
Previously on Boingboing:
Cryptome.org, repository of sensitive docs, gets shutdown notice
ABC News story on Cryptome.org

INTERESTING READ-HERE; http://www.wired.com/vanish/

0 Comments:

Post a Comment