What is Grayfish? Ever hear of Treasure Map?

Equation = NSA? Researchers Uncloak Huge ‘American Cyber Arsenal’

The Real Anonymous

Security researchers have uncovered a trove of highly-sophisticated hacking tools used over the last 15 to 20 years to break into thousands of targets’ computers. There’s little doubt the malware and exploits used belonged to the National Security Agency, according to security experts. There are some clear signs the so-called Equation hackers, as dubbed by Russian security firm Kaspersky, of NSA and US government involvement, according to security expert Claudio Guarnieri, who has been one of the chief technical experts involved in analysing NSA malware following the Edward Snowden leaks. He believes that all of the malware detailed by Kaspersky today have been covered in previous research, though not in the same depth. Guarnieri, who told Forbes the Equation attacks were “100 per cent” the work of the US intelligence agency, noted that the “GROK” tool in Kaspersky’s findings was the keylogging component of UNITEDRAKE, which has also been linked to Regin, another sophisticated malware thought to be the work of western intelligence bodies. One of the more startling components, according to the Russian anti-virus provider, was able to alter the hard drive firmware of more than dozen different hard drive brands, including Seagate, Western Digital WDC +0.00%, Toshiba , Maxtor and IBM IBM +0.71%. This would have given the attackers persistence on victims’ PCs and allowed them to set up secret data stores on the machines, only accessible to the hackers. The GRAYFISH tool, which works with almost all versions of Windows, including 8, was another of the more impressive malware types. It sat in the Microsoft MSFT +0.00% Windows registry, which stores information on most activities and settings on a PC. GRAYFISH used a bootkit, a malware that resides at a low level of the operation system so it can execute every time a computer starts up. That was the most complex bootkit Kaspersky had ever seen. GRAYFISH also stole files and stored them in its own encrypted Virtual File System (VFS).

Note, this goes along with the goal of NSA’s TREASURE CHEST which has at its goal, in real time, to identify literally every device connected to web in real time, from a 14 yr old Chinese girl’s phone, to a Mac iPad in your hand, to your Brother’s laptop. Imagine the power it takes, storage it takes to constantly update such a project.


When it comes to choosing code names for their secret operations, American and British agents demonstrate a flare for creativity. Sometimes they borrow from Mother Nature, with monikers such as “Evil Olive” and “Egoistic Giraffe.” Other times, they would seem to take their guidance from Hollywood. A program called Treasure Map even has its own logo, a skull superimposed onto a compass, the eye holes glowing in demonic red, reminiscent of a movie poster for the popular “Pirates of the Caribbean” series, starring Johnny Depp.

Treasure Map is anything but harmless entertainment. Rather, it is the mandate for a massive raid on the digital world. It aims to map the Internet, and not just the large traffic channels, such as telecommunications cables. It also seeks to identify the devices across which our data flows, so-called routers.

Furthermore, every single end device that is connected to the Internet somewhere in the world — every smartphone, tablet and computer — is to be made visible. Such a map doesn’t just reveal one treasure. There are millions of them.

The breathtaking mission is described in a Treasure Map presentation from the documents of the former intelligence service employee Edward Snowden which SPIEGEL has seen. It instructs analysts to “map the entire Internet — Any device, anywhere, all the time.”

Treasure Map allows for the creation of an “interactive map of the global Internet” in “near real-time,” the document notes. Employees of the so-called “FiveEyes” intelligence agencies from Great Britain, Canada, Australia and New Zealand, which cooperate closely with the American agency NSA, can install and use the program on their own computers. One can imagine it as a kind of Google Earth for global data traffic, a bird’s eye view of the planet’s digital arteries.

Battlefield Map

In addition to monitoring one’s own networks as well as those belonging to “adversaries,” Treasure Map can also help with “Computer Attack/Exploit Planning.” As such, the program offers a kind of battlefield map for cyber warfare.

The New York Times reported on the existence of Treasure Map last November. What it means for Germany can be seen in additional material in the Snowden archive that SPIEGEL has examined.

Treasure Map graphics don’t just provide detailed views of German cable and satellite networks. Red markings also reveal to agents which carriers and internal company networks FiveEyes agencies claim to have already accessed. Of particular interest from the German perspective are two “Autonomous Systems” (AS) — networks — marked in red. They are labeled Deutsche Telekom AG and Netcologne, a Cologne-based provider.

The legend for the graphics in question explains the meaning behind the red markings: “Red Core Nodes: SIGINT Collection access points within AS.” SIGINT refers to signals intelligence. In other words, networks marked with a red dot are under observation.

Regional provider Netcologne operates its own fiber-optic network and provides telephone and Internet services to over 400,000 customers. The formerly state-owned company Telekom, of which the German government still owns a 31.7 percent stake, is one of the dozen or so international telecommunications companies that operate global networks, so-called Tier 1 providers. In Germany alone, Telekom provides mobile phone services, Internet and land lines to 60 million customers.

According to the logic of the undated Treasure Map documents, that would mean that the NSA and its partner agencies are perhaps not only able to monitor the networks of these companies and the data that travels through them, but also the end devices of their customers. Where exactly the NSA gained access to the companies’ networks is not made clear in the graphics. The red-marked AS of Deutsche Telekom by itself includes several thousand routers worldwide.

‘Completely Unacceptable’

The German company is also active in the US and Great Britain. Furthermore, it is part of the TAT14 telecommunications cable consortium; the cable runs via Great Britain to the east coast of the US. “The accessing of our network by foreign intelligence agencies,” says a Telekom spokesperson, “would be completely unacceptable.”

Because Netcologne is a regional provider, it would seem highly likely that the NSA or one of its Treasure Map partners accessed the network from within Germany. That would be a clear violation of German law and potentially another NSA-related case for German public prosecutors. Thus far, the only NSA-related casecurrently being investigated is the monitoring of Chancellor Angela Merkel’s mobile phone.

Several weeks ago, SPIEGEL shared a GCHQ document with both companies in order to give them an opportunity to look into the alleged security breaches themselves. The security departments of both firms say they launched intensive investigations but failed to find suspicious mechanisms or data streams leaving the network.

Telekom and Netcologne are not the first German companies to have been successfully hacked by Anglo-American intelligence agencies, according to their own documents. In March, SPIEGEL reported on the large-scale attack by the British agency GCHQ on German satellite teleport operators Stellar, Cetel and IABG. Such providers offer satellite Internet connections to remote regions of the world. All three companies are marked red on the Treasuremap graphic, meaning that the NSA and its partner agencies have, according to their documents, internal “Collection Access Points.”

SPIEGEL also contacted 11 non-German providers marked in the documents to request comment. Four answered, all saying they examined their systems and were unable to find any irregularities. “We would be extremely concerned if a foreign government were to seek unauthorized access to our global networks and infrastructure,” said a spokesperson for the Australian telecommunications company Telstra.

‘Key Staff’

Just how far GCHG and NSA go to improve their secret map of the Internet and its users can be seen in the example of Stellar.

The document describing the attack on the business, part of the so-called Mittelstand of small- to medium-sized companies that form the backbone of the German economy, originates from the Network Analysis Center of Britain’s GCHQ, which is based in Bude along the Atlantic coast in Cornwall. The document lists “key staff” at the company. The document states they should be identified and “tasked.” “Tasking” somebody in signals intelligence jargon means that they are to be targeted for surveillance. In addition to CEO Christian Steffen, nine other employees are named in the document.

The attack on Stellar has notable similarities with the GCHQ surveillance operation targeting the half-state-owned Belgian provider Belgacom, which SPIEGEL reported on in the summer of 2013. There too, the GCHQ Network Analysis department penetrated deeply into the Belgacom network and that of its subsidiary BICS by way of hacked employee computers. They then prepared routers for cyber-attacks.

SPIEGEL reporters visited Stellar at its offices in Hürth, near Cologne, and presented passages of the documents in question to the CEO as well as three other employees cited by the British. A video of the visit can be seen here.

Video abspielen...Video
Katy Scoggin / Laura Poitras

Among other things, Steffen and his colleagues were able to recognize in the GCHQ document a listing for their central server including the company’s mail server, which the attackers appear to have hacked.

The document also includes details about the concrete findings of the spying efforts, including an internal table that shows which Stellar customers are being served by which specific satellite transponders. “Those are company secrets and sensitive information,” said Stellar’s visibly shocked IT chief, Ali Fares, who is himself cited as an employee to be “tasked.”


Any remaining sanguinity is lost at the point the Stellar officials see the password for the central server of an important customer in the intelligence agency documents. The significance of the theft is immense, Fares says. The information, he continues, could allow the agencies to cut off Internet access to customers in, for example, Africa. It could also allow them to manipulate links and emails.

CEO Steffen commented on the document with a terse “Fuck!” He considers it to be final proof that his company’s systems were illegally breached. “The hacked server stood behind our company’s own firewall,” he said. “The only way of accessing it is if you first successfully break into our network.” The company in question is no longer a customer with Stellar.

When asked if there are any possible reasons that would prompt Britain, an EU partner country, to take such an aggressive approach to his company, Steffen just shrugged his shoulders, perplexed. “Our customer traffic doesn’t run across conventional fiber optic lines,” he said. “In the eyes of intelligence services, we are apparently seen as difficult to access.” Still, he argues, “that doesn’t give anyone the right to break in.”

The founder and CEO of Stellar says he has no intention of letting this pass. “A cyber-attack of this nature is a clear criminal offense under German law,” he said. “I want to know why we were a target and exactly how the attack against us was conducted — if for no other reason than to be able to protect myself and my customers from this happening again.” Six weeks ago, Steffen wrote a letter to the British government asking for an explanation, but he has not received an answer. Both GCHQ and NSA have likewise declined comment on the matter.

Meanwhile, Deutsche Telekom’s security division has conducted a forensic review of important routers in Germany, but has yet to detect anything. Volker Tschersich, who heads the security division, says it’s possible the red markings in Treasure Map can be explained as access to the Tat14 cable, in which Telekom occupies a frequency band in Britain and the US. At the end of last week, the company informed Germany’s Federal Office for Information Security of SPIEGEL’s findings.

The classified documents also indicate that other data from Germany contributes to keeping the global treasure map current. Of the 13 servers the NSA operates around the world in order to track current data flows on the open Internet, one is located somewhere in Germany.

Like the other servers, this one, which feeds data into the secret NSA network is “covered” in a data center.


How to file REPORTS on FB pages


To report an abusive Page:

Go to the Page you want to report
Click on the Page’s cover photo
Select Report Page and follow the on-screen instructions

To report a post:

Click in the top right of the post you want to report and select I don’t want to see this
Click Why don’t you want to see this?
Choose the option that best describes the issue and follow the on-screen instructions

Reports from people on Facebook help make it a safe and welcoming environment.

To report a photo or video:

Click on the photo or video to expand it
Click Options in the bottom right
Click Report Photo for photos or Report Video for videos

Why Yahoo News Hires Idiots to Write for Them

Some idiot named “Tom McKay” (sounds like a line from South Park…drugs are bad…MKay?) wrote this drivel http://news.yahoo.com/anonymous-just-declared-war-turkey-145407499.html Anonymous Just Declared War on Turkey Over a Stupid Conspiracy Theory.

Apparently Tommy Boy hasn’t figured out how to google things…

If you look at the sources of these articles, you see these are big names in news, not small conspiracy minded websites. But, guess Tommy boy either can’t Google, or was afraid to show the consensus of news organizations and people in the new have already drawn a link between ISIS oil and its buddy Turkey.

Next Tommy boy will say GRAVITY IS A CONSPIRACY THEORY PHYSICISTS HAVE JUMPED ON…fucking idiot that he is.


Secret Norwegian Government Report Confirms Turkey Helping ISIS Sell Its Oil

Inside Isis Inc: The journey of a barrel of oil

Isis sells smuggled oil to Turkey and Iraqi Kurds, says US Treasury

Most smuggled ISIS oil goes to Turkey, sold at low prices – Norwegian report

Senior Western official: Links between Turkey and ISIS are now ‘undeniable’

Meet The Man Who Funds ISIS: Bilal Erdogan, The Son Of Turkey’s President

Yes, Turkey IS Buying Oil from ISIS

http://www.al-monitor.com/pulse/tr/business/2014/06/turkey-syria-isis-selling-smuggled-oil.html Opposition MP says ISIS is selling oil
in Turkey

Turkey Refines and Sells Stolen Syrian and Iraqi Oil for ISIS

ISIS Sells Oil To Syria’s Assad Regime, Some To Turkey, US Official Says

Turkey, Russia, Iraq And Syria: The Black Market Oil Trade That’s Fueling ISIS And Dividing The Terrorist Group’s Opponents

Is Turkey Buying Oil From ISIS? After Downed Plane, Putin Slams Islamic State’s Black Market Fuel Sales

Wesley Clark: ISIS “Serving Interests Of Turkey And Saudi Arabia,” “Someone’s Buying The Oil ISIS Is Selling”


Islamic State oil is going to Assad, some to Turkey, U.S. official says

Russia accuses Turkey of aiding ISIS oil trade

View story at Medium.com
Britain’s secret ties to governments, firms behind ISIS oil sales

ISIS Earned $500 Million From Selling Oil: Treasury Official

I could go on, but why. It’s clear this dumbass doesn’t understand that to him, an international consensus is “conspiracy” and only he knows the real facts…sounds like he’s the conspiratorial nut.

Thanks for reading.

What if Online Gaming is Haxed or DD0Sed on Christmas

For the second Christmas, we are seeing groups threaten to attack gaming networks. Last Christmas, it was the Lizard Squad, this time, the Phantom Squad. Although I’m not into gaming, I would hope that this crew does not attack the networks so that kids who get new systems, will be able to play with the Christmas presents.

That said, if it happens, it happens. And, if it does happen, the networks will get back up,so, its not like a permanent problem.

I do agree with our Brothers at @YourAnonNews that the companies who benefit from selling these systems must use professional methods of preventing their network from being taken down by some stressors,
but, again, if it happens, it happens.

So, I want to suggest a radical solution to what if the gaming networks are Tango Down on Christmas.

I know that boys and girls, men and women of all ages, enjoy gaming, so I’m not talking down to anyone into gaming.

Christmas is one of the few times in many households, that families get together, sometimes with relatives traveling hundreds or thousands of miles, to see family members they don’t see them but once a year, or longer than that.

If your online gaming is frustrated this Christmas, why not take a day or two from it, even, shudder, from the internet, to hang out with your loved ones. The internet will always be there…games and gaming will always be there…but take it from someone who knows, you have no guarantee that your brother, sister, uncle, Dad or Mom, will be there tomorrow. Life , the fates, whatever you call it, can be cruel, taking children from parents, parents from children, splitting siblings asunder through accident, disease, criminal acts, etc..

So, if you have loved ones there, share a meal with them, talk with them, go bike riding, hike, or just do something together that gives you the chance to interact with them, to know them better. Some of our older relatives are the only ones who can give you the history of your family (Ancestry dot com aside).

I hope everyone has many, many Christmases after this….but little did I know that the last Christmas I had with my Mom, would be our last… that she would not be here December 25, 2105. If I had opted to spend Christmas playing an online game, instead of taking presents to her, spending time with her, even with the Alzheimers, I would never, ever forgive myself.

So, like I said, I hope you HAVE the option of doing your online gaming or not, and that the networks do not go offline, but that said, whether the networks go down or not, I hope you consider spending time with your loved ones…just hanging out, watching TV, or whatever.

The older you get, the more you understand, the real value of this thing we call life, is about family, about friends, and being able to enjoy their company , and getting to know them.

Peace, and Happy Holidays.

What are the duties and contraints of cops

The SCOTUS has made rulings that would make you question what the duties of cops are.

PoliceOne Analysis: 12 Supreme Court cases affecting cops

https://www.policeone.com/legal/articles/50804006-How-SCOTUS-impacted-policing-in-2015/ How SCOTUS impacted policing in 2015

“Warren v. District of Columbia[1] (444 A.2d. 1, D.C. Ct. of Ap. 1981) is an oft-quoted[2] District of Columbia Court of Appeals case that held that the police did not owe a specific duty to provide police services to the plaintiffs based on the public duty doctrine.”

SCOTUS found cops can violate your Fourth Amendment “if they are ignorant of the law”.

“In a blow to the constitutional rights of citizens, the U.S. Supreme Court ruled 8-1 in Heien v. State of North Carolina that police officers are permitted to violate American citizens’ Fourth Amendment rights if the violation results from a “reasonable” mistake about the law on the part of police. ”
And Supreme Court Rules Police DO NOT Need A Warrant To Search Your Home http://www.mintpressnews.com/supreme-court-rules-police-do-not-need-a-warrant-to-search-your-home/206199/

How the Supreme Court Made It Legal for Cops to Pull You Over for Just About Anything (for even hanging an air freshener)