Death of Speech ‘Truthy Project’

Posted on November 11, 2014November 11, 2014 by Denise Simon

Alright, it has been proven that the NSA is mining our data, that includes friends, purchases, internet activity and more. Now sadly the government is providing earmarked money for data mining on thoughts and categories of thought and opinion.

A friend that I have had as a guest on radio show, C. Steven Tucker who is a subject matter expert on healthcare and most especially Obamacare had his Twitter account deleted under the ‘Truthy Project”. There were several more accounts that met with the same thought demise. What happened to Freedom of Speech, whether it is true and proven in words with evidence or even partially true or perhaps even false due to misunderstandings or poor assumptions? Demerits and deletions abound in all cases.

What has happened to America and how did we get here?

House Committee Demands Answers on Truthy Project

Taxpayer-funded initiative collected 600,000 political tweets in its ‘database,’ bragged about having conservative Twitter accounts suspended

BY: Elizabeth Harrington

The House Science, Space, and Technology Committee sent a letter to the head of the National Science Foundation (NSF) on Monday, demanding answers about the origins of the nearly $1 million taxpayer-funded project to track “misinformation” on Twitter.

The Truthy project, being conducted by researchers at Indiana University, is under investigation for targeting political commentary on Twitter. The project monitors “suspicious memes,” “false and misleading ideas,” and “hate speech,” with a goal of one day being able to automatically detect false rumors on the social media platform.

The web service has been used to track tweets using hashtags such as #tcot (Top Conservatives on Twitter), and was successful in getting accounts associated with conservatives suspended, according to a 2012 book co-authored by the project’s lead researcher, Filippo Menczer, a professor of Informatics and Computer Science at Indiana University.

Menczer has also said that Truthy monitored tweets using #p2 (Progressive 2.0), but did not discuss any examples of getting liberal accounts suspended in his book.

“The Committee and taxpayers deserve to know how NSF decided to award a large grant for a project that proposed to develop standards for online political speech and to apply those standards through development of a website that targeted conservative political comments,” wrote Chairman Lamar Smith (R., Texas) in a letter to NSF Director France Cordova.

“While some have argued that Truthy could be used to better understand things like disaster communication or to assist law enforcement, instead it appears Truthy focused on examples of ‘false and misleading ideas, hate speech, and subversive propaganda’ communicated by conservative groups,” he said.

Smith is asking for the original application for the study, and “every internal and external e-mail, letter, memorandum, record, note, text message or other document” sent or received by the NSF about Truthy since the study began in 2011.

Smith’s letter references a publication co-written by Menczer which explains how the project was used to track tweets before the 2010-midterm elections.

In “Abuse of Social Media and Political Manipulation,” a chapter for the book The Death of the Internet, released in 2012, Menczer writes how his team successfully had Twitter accounts suspended.

“With the exploding popularity of online social networks and microblogging platforms, social media have become the turf on which battles of opinion are fought,” the chapter begins. “This section discusses a particularly insidious type of abuse of social media, aimed at manipulation of political discourse online.”

Truthy tracked up to 8 million tweets per day in the run up to the 2010 midterms, and stored 600,000 political tweets in their database, contrary to Menczer’s claim that Truthy does not “have a database.” This section of the Truthy website was recently deleted, following an editorial by FCC Commissioner Ajit Pai warning the project could be misused.

“The streams provided our system with up to 8 million tweets per day during the course of the study,” the paper said. “These were scanned in real time by our system. In total, our analysis considered over 305 million tweets collected from September 14 until October 27, 2010.”

“Of these, 1.2 million contained one or more of our political keywords; detection of interesting memes further reduced this set to 600,000 tweets actually entered in our database for analysis,” the paper added.

“We don’t have a database,” Menczer said when attacking the Washington Free Beacon’s initial story on Truthy.

The database was used to identify “several Truthy memes, resulting in many of the accounts involved being suspended by Twitter,” the chapter said.

Truthy was able to suspend the account of C. Steven Tucker, a health insurance broker, who often used the hashtag “American Patriots,” or #ampat, from his two Twitter accounts.

“This activity generated traffic around this hashtag and gave the impression that more people were tweeting about it,” the chapter said. “These two accounts had generated a total of over 41,000 tweets.”

Another account, @PeaceKaren_25, was suspended after tweeting in support of Speaker of the House John Boehner (R., Ohio) over 10,000 times in four months. “A separate colluding account @HopeMarie_25 retweeted all the tweets generated by @PeaceKaren_25 supporting the same candidates and boosting the same websites,” the paper said.

Smith said it is troubling that the project was able to delete and suspend Twitter accounts.

“Whether by amazing coincidence or on purpose, it appears that several social media accounts highlighted by Truthy were subsequently terminated by the owners of the social media platforms, effectively muzzling the political free speech of the targeted individuals and groups,” he said. “In presenting and publishing the findings of their work, the Truthy research team proudly described how the web service targeted conservative social media messages. Their presentations featured examples of what they found to be online political speech ‘abuses’ by supporters of these groups.”

A spokesman for Indiana University said that they are “aware of the letter but have no comment.”

Pathetic condition in America without so much as a whimper from informed patriots.

Iran’s 9 Points to Destroy Israel

Posted on November 10, 2014November 10, 2014 by Denise Simon

Iran general: ‘Our hands are on the trigger’ to destroy Israel

Revolutionary Guard air force chief quoted as saying his forces are ready to act as soon as they receive the order

The air force commander of Iran’s Revolutionary Guard Corps was quoted by Iran’s Fars news agency as saying Tuesday that Iran’s military has its finger on the trigger to destroy Israel as soon as it receives the order to do so. Iranian leaders regularly issue threats against Israel and the United States, but the wording ascribed to Salami on Tuesday was particularly aggressive.

—–
But is the White House and SecState listening? Of course they are and they are dismissive. John Kerry should be recalled as SecState and needs to be tried for high crimes and misdemeanors as Israel is the sole democratic ally in the Middle East. Israel and the United States have a historical deep partnered relationship as mentioned hundreds of time even by the Obama administration.

So Iran’s Ayatollah Khamenei repeats his threat and then just lays it out specifically. Ayatollah Khamenei says West Bank should be armed like Gaza, and Jewish population should return to countries it came from

Iranian Supreme Leader Ayatollah Ali Khamenei called over the weekend for the destruction of Israel, stating that the “barbaric” Jewish state “has no cure but to be annihilated.”

A plan titled “9 key questions about the elimination of Israel” was posted on his Twitter account Saturday night, using the hashtag #handsoffalaqsa, in reference to the recent tensions on the Temple Mount.

The sometimes grammatically awkward list explained the how and why of Khomeini’s vision for replacing Israel with a Palestinian state.

The first point stated that “the fake Zionist regime has tried to realize its goals by means of infanticide, homicide, violence & iron fist while boasts about it blatantly.”

Due to the above, Khomeini argued, “the only means of bringing Israeli crimes to an end is the elimination of this regime.”

Embedded image permalink

However, he noted that destroying Israel would not mean the “massacre of the Jewish people in this region” but rather “the Islamic Republic has proposed a practical & logical mechanism for this to the international communities.”

The “proper way of eliminating Israel,” he suggested, is through a “public and organized referendum” for all of the “original people of Palestine including Muslims, Christians, and Jews wherever they are…” However, “the Jewish immigrants who have been persuaded into emigration to Palestine do not have the right to take part.”

The resulting government would then decide if the “non-Palestinian emigrants” can remain in the country or should “return to their home countries.”

Khomeini charged the international community with overcoming the “usurper Zionist” objections to his “fair and logical plan.” Until the referendum, Israel should be confronted with “resolute and armed resistance.”

The Iranian leader also called for arming the people of the West Bank and Gaza to fight against Israel, and rejected “arbitration by UN or other international organizations” because “the fact that Yasser Arafat was poisoned and killed by Israel…proves that in the viewpoint of Israel ‘peace’ is simply a trick for more crimes and occupation.”

“This barbaric, wolflike & infanticidal regime of #Israel which spares no crime has no cure but to be annihilated,” Khamenei wrote in an earlier tweet on Friday.

“West Bank should be armed just like #Gaza. Friends of Palestine should do their best to arm People in West Bank,” he declared in another.

The Iranian supreme leader first called for the arming of Palestinians in the West Bank in July, during the summer’s 50-day conflict.

In late August, Iran said it was stepping up efforts to arm West Bank Palestinians for battle against Israel, with Basij militia chief Mohammad Reza Naqdi saying the move would lead to Israel’s annihilation, Iran’s Fars news agency reported.

“Arming the West Bank has started and weapons will be supplied to the people of this region,” Naqdi, who heads the nationwide paramilitary network, said.

“The Zionists should know that the next war won’t be confined to the present borders and the Mujahedeen will push them back,” he added. Naqdi claimed that much of Hamas’s arsenal, training and technical knowhow in the recent conflict with Israel was supplied by Iran.

Stuart Winer

Marissa Newman Marissa Newman is a breaking news editor at The Times of Israel.

AP, AFP contributed to this report.

No Place Safe from CyberTerror

Posted on November 10, 2014November 10, 2014 by Denise Simon

Cant shop at Target. Cant use your plastic at restaurants. Cant use hotspots for internet access. Cant buy medical coverage from Obamacare. Now if you are an employee at many companies your information is compromised. Now, the United States Post Office has been hacked and signs continue to point to China while Russia is just as aggressive.

Postal Service reveals cyber breach

By Colby Hochmuth
Nov 10, 2014

The Postal Service suffered a cybersecurity breach of its information systems and has launched an investigation into the attack that potentially compromised employee and customer personal information, including addresses, Social Security numbers and emails.

The Nov. 10 announcement of the attack, which was discovered in September, comes little more than a week after the White House reported it too had been the victim of hacking.

As in the White House breach, suspicion immediately fell on China, where President Barack Obama is now attending an economic summit and visiting with President Xi Jinping.

“This intrusion was similar to attacks being reported by many other federal government entities and U.S. corporations,” David Partenheimer, manager of media relations at USPS, said in a statement. “We are not aware of any evidence that any of the potentially compromised customer or employee information has been used to engage in any malicious activity.”

12 other key federal breaches

But a private sector analyst suggested employees should be on the lookout, nonetheless.

“Unfortunately, this breach is just the latest in a series of incidents that have targeted the U.S. government,” said Dan Waddell, director of government affairs at (ISC)2. “It seems this particular incident revealed information on individuals that could lead to targeted spear-phishing attacks towards USPS employees.”

“All of us need to be aware of potential phishing schemes,” Waddell added, “but in this particular case, USPS employees should be on the lookout for any suspicious email that would serve as a mechanism to extract additional information such as USPS intellectual property, credit card information and other types of sensitive data.”

Call center data submitted to the Postal Service Customer Care Center by customers via email or phone between Jan. 1 and Aug. 16, 2014, is thought to be compromised; that includes names, addresses, telephone numbers, email addresses and other information customers provided to the center. However, USPS officials said they do not believe customers who contacted the call center during that period need to take any action as a result of the incident.

USPS is working with the FBI, Justice Department and the U.S. Computer Emergency Readiness Team to investigate the breach.

USPS is also tapping the private sector and bringing in specialists in forensic investigations and data systems “to assist with the investigation and remediation to ensure that we are approaching this event in a comprehensive way, understanding the full implications of the cyber intrusion and putting in place safeguards designed to strengthen our systems,” according to an agency statement.

According to an April 2014 USPS Inspector General audit on the security of USPS’s wireless networks, “the Postal Service has effective security policies and controls that detect unauthorized access to its wireless network.”

The audit also found that USPS has continuous monitoring technology and procedures to ensure security of the wireless network in place, and that larger USPS facilities have dedicated access points configured for wireless intrusion detection.

As for the security of USPS’s stored data, the OIG found several weak spots in a March 2014 report.

“The Data Management Services group did not manage the storage environment in accordance with Postal Service security requirements because its managers did not provide adequate oversight of the storage teams,” the report said.

In the first half of 2014, more than 500 million commercial records have been compromised by hackers, and “this represents another example of the aggressive nature of nation-state adversaries looking for personally identifiable information for potential phishing attacks and other types of fraud — an area where information can be easily monetized,” said Edward Ferrara, principal analyst at Forrester. “This could also be an attempt to further probe aspects of the United States government’s cyber defenses in the unclassified areas of government operations.”

USPS has implemented additional security measures to improve the security of its information systems, which attracted attention this weekend, as some of USPS’s systems went offline. According to USPS, these additional security measures include equipment and system upgrades, as well as changes in employee procedures and policies to be rolled out in the coming days and weeks.

“It is an unfortunate fact of life these days that every organization connected to the Internet is a constant target for cyber intrusion activity,” Postmaster General Patrick Donahoe said in a statement. “The United States Postal Service is no different. Fortunately, we have seen no evidence of malicious use of the compromised data and we are taking steps to help our employees protect against any potential misuse of their data.”

About the Author:

Colby Hochmuth is a staff writer covering big data, cloud computing and the federal workforce. Connect with her on Twitter: @ColbyAnn.

Asia Pivot, Made in China

Posted on November 10, 2014November 10, 2014 by Denise Simon

The last visit Barack Obama made to China did not go well such that relations have soured on the diplomatic scale. The visit to China this week consumed huge resources to lay the groundwork in advance of the trip for the 2014 Asia Pacific Economic Cooperation. Susan Rice spent the last weeks challenging the fact that China was so slighted during the 2009 extended trip that China has refused since to extend visas and temporary housing permits of Americans in China on business and with media.

First out of the gate, Obama delivered a most generous gift to China and that was to open a new front on visas for Chinese, from one year renewals to 5-10 years effective immediately claiming it will add to American jobs as it is touted that China infuses $80 billion yearly into the U.S economy. $80 billion is hardly a great sum or epic deal when in fact the Chinese hacking world costs the U.S. corporate industry billions and is a top concern of James Comey, Director of the FBI.

It should also be noted that Russia has been quite effective at cultivating a sustained relationship with China while China’s own economy has almost zero growth and their debt ratio to revenue ratio is stagnant cancelling out each other.

China has presented many issues that must be addressed prior to all the enhanced trade talks and global policy cooperation. China has been most aggressive towards yet other U.S. allies in Asia causing outrage and conflict in the S. China sea with regard to island and territory disputes. There is also censorship within the internet industry and continued human rights issues, both of which the White House and the State Department overlook for the sake of placing a happy face on Obama’s foreign policy strategy.

China does have issues when it comes to its own infrastructure including transportation, medical advancements, factories, power and use of energy sources like oil and gas. Each of those conditions facing China are being addressed in partnership with Russia.

Obama will also use his time in China to push for more attention and resources when it comes to Climate Change, an exclusively assigned mission given to John Podesta and investment treaties.

A topic that will likely not receive any time and attention is the Chinese relationship with North Korea and the associated human rights violations on the heels to two Americans being released from a DPRK prison allegedly managed by ODNI Director James Clapper this past weekend.

In summary, what is really behind Obama’s policy platform in China? Well with the beating he took in the midterms, his policy team has decided to focus on the economy. Obama wants Chinese money and he offered a visa pass to get their money. Going visa free in exchange for money is the common ‘go-to’ agenda of the Obama Administration. Question is, exactly who DOES benefit from the $80 billion of Chinese investment where winners and losers are predetermined by the White House.

Rich Chinese overwhelm U.S. visa program

Any foreigner willing to commit at least $500,000 and create 10 jobs in America can apply for an investor immigrant visa — also known as an EB-5.

The demand from mainland Chinese eager to move abroad has already led the U.S. government to warn the program could hit a wall as early as this summer.

Chinese nationals account for more than 80% of visas issued, compared to just 13% a decade ago, according to government data compiled by CNNMoney. That translates to nearly 6,900 visas for Chinese nationals last year, a massive bump up from 2004, when only 16 visas were granted to Chinese.

“The program has literally taken off to the point [that] in China, the minute anybody hears I’m an immigration lawyer, the first thing they say is, ‘Can we get an EB-5 visa?’ ” said Bernard Wolfsdorf, founder of the Wolfsdorf Immigration Law Group.

“There is a panic being created in China about the demand [getting] so big that there is going to be a visa waiting line,” he said.

Dragonfly vs. America, Courtesy of Russia

Posted on November 8, 2014November 8, 2014 by Denise Simon

Can you live without electricity for a day or two? Yes of course if you in advance right? Can you live without power for a week or so? Yes of course with advanced notice right? Can you live without power for a month, 4 months or 18 months? NOPE. It is time to not only think about preparations, but to get prepared and then to practice procedures for short term and long term power outages and the reason is Russia.

There is a sad truth to what is below, the United States is not prepared and what is worse we are not declaring war to stop Russia either. Russia has hacked into U.S. government sites, hacked into corporate sites and hacked into the financial industry all without so much as a whimper as a U.S. reply. We have no countermeasures, we have no offensive measures and have not even written a strongly worded letter.

Russia has gone to the dragons against America, well actually to the Dragonflies and this is what you need to know and do. Remember the entire infrastructure is tied to SCADA, that includes water systems, transportation systems, water, hospitals, schools and retail.

Dragonfly: Western Energy Companies Under Sabotage Threat

Cyberespionage campaign stole information from targets and had the capability to launch sabotage operations.

An ongoing cyberespionage campaign against a range of targets, mainly in the energy sector, gave attackers the ability to mount sabotage operations against their victims. The attackers, known to Symantec as Dragonfly, managed to compromise a number of strategically important organizations for spying purposes and, if they had used the sabotage capabilities open to them, could have caused damage or disruption to energy supplies in affected countries.

Among the targets of Dragonfly were energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers. The majority of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.

The Dragonfly group is well resourced, with a range of malware tools at its disposal and is capable of launching attacks through a number of different vectors. Its most ambitious attack campaign saw it compromise a number of industrial control system (ICS) equipment providers, infecting their software with a remote access-type Trojan. This caused companies to install the malware when downloading software updates for computers running ICS equipment. These infections not only gave the attackers a beachhead in the targeted organizations’ networks, but also gave them the means to mount sabotage operations against infected ICS computers.

This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems. While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required.

In addition to compromising ICS software, Dragonfly has used spam email campaigns and watering hole attacks to infect targeted organizations. The group has used two main malware tools: Backdoor.Oldrea and Trojan.Karagany. The former appears to be a custom piece of malware, either written by or for the attackers.

Prior to publication, Symantec notified affected victims and relevant national authorities, such as Computer Emergency Response Centers (CERTs) that handle and respond to Internet security incidents.

Background
The Dragonfly group, which is also known by other vendors as Energetic Bear, appears to have been in operation since at least 2011 and may have been active even longer than that. Dragonfly initially targeted defense and aviation companies in the US and Canada before shifting its focus mainly to US and European energy firms in early 2013.

The campaign against the European and American energy sector quickly expanded in scope. The group initially began sending malware in phishing emails to personnel in target firms. Later, the group added watering hole attacks to its offensive, compromising websites likely to be visited by those working in energy in order to redirect them to websites hosting an exploit kit. The exploit kit in turn delivered malware to the victim’s computer. The third phase of the campaign was the Trojanizing of legitimate software bundles belonging to three different ICS equipment manufacturers.

Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability. The group is able to mount attacks through multiple vectors and compromise numerous third party websites in the process. Dragonfly has targeted multiple organizations in the energy sector over a long period of time. Its current main motive appears to be cyberespionage, with potential for sabotage a definite secondary capability.

Analysis of the compilation timestamps on the malware used by the attackers indicate that the group mostly worked between Monday and Friday, with activity mainly concentrated in a nine-hour period that corresponded to a 9am to 6pm working day in the UTC +4 time zone. Based on this information, it is likely the attackers are based in Eastern Europe.

Figure. Top 10 countries by active infections (where attackers stole information from infected computers)

Tools employed
Dragonfly uses two main pieces of malware in its attacks. Both are remote access tool (RAT) type malware which provide the attackers with access and control of compromised computers. Dragonfly’s favored malware tool is Backdoor.Oldrea, which is also known as Havex or the Energetic Bear RAT. Oldrea acts as a back door for the attackers on to the victim’s computer, allowing them to extract data and install further malware.

Oldrea appears to be custom malware, either written by the group itself or created for it. This provides some indication of the capabilities and resources behind the Dragonfly group.

Once installed on a victim’s computer, Oldrea gathers system information, along with lists of files, programs installed, and root of available drives. It will also extract data from the computer’s Outlook address book and VPN configuration files. This data is then written to a temporary file in an encrypted format before being sent to a remote command-and-control (C&C) server controlled by the attackers.

The majority of C&C servers appear to be hosted on compromised servers running content management systems, indicating that the attackers may have used the same exploit to gain control of each server. Oldrea has a basic control panel which allows an authenticated user to download a compressed version of the stolen data for each particular victim.

The second main tool used by Dragonfly is Trojan.Karagany. Unlike Oldrea, Karagany was available on the underground market. The source code for version 1 of Karagany was leaked in 2010. Symantec believes that Dragonfly may have taken this source code and modified it for its own use. This version is detected by Symantec as Trojan.Karagany!gen1.

Karagany is capable of uploading stolen data, downloading new files, and running executable files on an infected computer. It is also capable of running additional plugins, such as tools for collecting passwords, taking screenshots, and cataloging documents on infected computers.

Symantec found that the majority of computers compromised by the attackers were infected with Oldrea. Karagany was only used in around 5 percent of infections. The two pieces of malware are similar in functionality and what prompts the attackers to choose one tool over another remains unknown.

Multiple attack vectors
The Dragonfly group has used at least three infection tactics against targets in the energy sector. The earliest method was an email campaign, which saw selected executives and senior employees in target companies receive emails containing a malicious PDF attachment. Infected emails had one of two subject lines: “The account” or “Settlement of delivery problem”. All of the emails were from a single Gmail address.

The spam campaign began in February 2013 and continued into June 2013. Symantec identified seven different organizations targeted in this campaign. The number of emails sent to each organization ranged from one to 84.

The attackers then shifted their focus to watering hole attacks, comprising a number of energy-related websites and injecting an iframe into each which redirected visitors to another compromised legitimate website hosting the Lightsout exploit kit. Lightsout exploits either Java or Internet Explorer in order to drop Oldrea or Karagany on the victim’s computer. The fact that the attackers compromised multiple legitimate websites for each stage of the operation is further evidence that the group has strong technical capabilities.

In September 2013, Dragonfly began using a new version of this exploit kit, known as the Hello exploit kit. The landing page for this kit contains JavaScript which fingerprints the system, identifying installed browser plugins. The victim is then redirected to a URL which in turn determines the best exploit to use based on the information collected.

Trojanized software
The most ambitious attack vector used by Dragonfly was the compromise of a number of legitimate software packages. Three different ICS equipment providers were targeted and malware was inserted into the software bundles they had made available for download on their websites. All three companies made equipment that is used in a number of industrial sectors, including energy.

The first identified Trojanized software was a product used to provide VPN access to programmable logic controller (PLC) type devices. The vendor discovered the attack shortly after it was mounted, but there had already been 250 unique downloads of the compromised software.

The second company to be compromised was a European manufacturer of specialist PLC type devices. In this instance, a software package containing a driver for one of its devices was compromised. Symantec estimates that the Trojanized software was available for download for at least six weeks in June and July 2013.

The third firm attacked was a European company which develops systems to manage wind turbines, biogas plants, and other energy infrastructure. Symantec believes that compromised software may have been available for download for approximately ten days in April 2014.

The Dragonfly group is technically adept and able to think strategically. Given the size of some of its targets, the group found a “soft underbelly” by compromising their suppliers, which are invariably smaller, less protected companies.

Two additional links are below for more information and key use.

http://energy.gov/sites/prod/files/Large%20Power%20Transformer%20Study%20-%20June%202012_0.pdf

http://www.fgdc.gov/usng/