2 September 2012
Anonymous and New York Times E-mail Leak, Part Two #OpNYT
September 1, 2012
[redacted]: Hey [redacted]
11:21 AM [redacted]: This Israel thing — was there an op this weekend, or did the websites actually just crash coincidentally?
me: there was a planned attack which was carried out
I spoke to Israeli TV about it
can provide recording if you’d like
[redacted]: Would you mind just telling me the same thing you told them?
11:22 AM Sorry, just easier that way.
me: Some Anons DDOSed Mossad, IDF sites after having put out press release
[redacted]: How many Anons?
me: no idea
[redacted]: Did they bring down the sites?
11:27 AM me: yes, that’s why the Israelis called me
11:28 AM [redacted]: Indeed. My question is — we know the sites went down, but do you definitively know the DDOS was responsible?
Also, can I use this on the record?
me: you may use on the record
if you agree to listen to the exchange I’ve had on this issue with Israeli TV
11:29 AM [redacted]: Sure, send the link.
me: which is brief and will bring you up to speed on necessary side issues
11:30 AM sending now
11:35 AM me: No problem. I just need to make sure that any coverage of this takes into account a comprehensive background since this relates to Mossad, others whom we’d prefer to have a clear view of this
11:37 AM [redacted]: Great, watching now.
11:47 AM [redacted]: So, essentially, you’re saying that it’s absurd for the ISraelis to claim the two things aren’t linked?
11:48 AM me: yes
[redacted]: Is it fair for me to say this:
an informal spokesman for Anonymous, said Monday that members of the group had carried out “a planned attack” on the Web sites in question. He called Israeli government’s claim of a coincidental hardware failure “absurd,” but could not provide specific details of the operation.”
11:50 AM me: except for last phrase. I can note that it was a DDOS attack and was warned about in prior messages
11:52 AM [redacted]: OK, but what I am trying to say is that you didn’t see any IRC activity, or numbers of people involved, or watch the sites go down under DDOS attack.
me: that’s a better way to put it
11:53 AM [redacted]: I can’t put it that way, because I’d have to explain every term and it would take 300 words.
an informal spokesman for Anonymous, said Monday that members of the group had carried out “a planned attack” on the Web sites in question. He called Israeli government’s claim of a coincidental hardware failure “absurd,” but did not have any direct evidence that the attack had brought down the sites.”
11:54 AM me: yep
[redacted]: Great, thanks [redacted]
[Barrett Brown of ProjectPM, informal Anon propagandist in 2011, trying to get NYT to cover Romas/COIN instead of just personalities of people who took the e-mails Romas/COIN comes from]
At some point over the next few days I’ll be releasing details of a classified U.S. military surveillance program that until recently went by the name Romas/COIN and is which is to be replaced this year by a similar program known as Odyssey. This information has been accumulated via a great deal of research into the 71,000 HBGary e-mails as well as the overall probe of the intelligence contracting industry conducted by myself and a number of other parties with whom I’ve been working for the purpose of bringing scrutiny to this subject.
As my purpose is to ensure that this program receives the attention it merits, I’d like to provide The Times with the document in advance so that you may have a chance to verify that the above is indeed the case; you may, for instance, check the quotes I provide against the HBGary e-mails, which are still available online.
For at least two years, the U.S. has been conducting a secretive and immensely sophisticated campaign of mass surveillance and data mining against the Arab world, allowing the intelligence community to monitor the habits, conversations, and activity of millions of individuals at once. And with an upgrade scheduled for later this year, the top contender to win the federal contract and thus take over the program is a team of about a dozen companies which were brought together in large part by Aaron Barr – the same disgraced CEO who resigned from his own firm earlier this year after he was discovered to have planned a full-scale information war against political activists at the behest of corporate clients. The new revelation provides for a disturbing picture, particularly when viewed in a wider context. Unprecedented surveillance capabilities are being produced by an industry that works in secret on applications that are nonetheless funded by the American public – and which in some cases are used against that very same public. Their products are developed on demand for an intelligence community that is not subject to Congressional oversight and which has been repeatedly shown to have misused its existing powers in ways that violate U.S. law as well as American ideals. And with expanded intelligence capabilities by which to monitor Arab populations in ways that would have previously been impossible, those same intelligence agencies now have improved means by which to provide information on dissidents to those regional dictators viewed by the U.S. as strategic allies.
The nature and extent of the operation, which was known as Romas/COIN and which is scheduled for replacement sometime this year by a similar program known as Odyssey, may be determined in part by a close reading of hundreds of e-mails among the 70,000 that were stolen in February from the contracting firm HBGary Federal and its parent company HBGary. Other details may be gleaned by an examination of the various other firms and individuals that are discussed as being potential partners.
Of course, there are many in the U.S. that would prefer that such details not be revealed at all; such people tend to cite the amorphous and much-abused concept of “national security” as sufficient reason for the citizenry to stand idly by as an ever-expanding coalition of government agencies and semi-private corporations gain greater influence over U.S. foreign policy. That the last decade of foreign policy as practiced by such individuals has been an absolute disaster even by the admission of many of those who put it into place will not phase those who nonetheless believe that the citizenry should be prevented from knowing what is being done in its name and with its tax dollars.
To the extent that the actions of a government are divorced from the informed consent of those who pay for such actions, such a government is illegitimate. To the extent that power is concentrated in the hands of small groups of men who wield such power behind the scenes and without being accountable to the citizenry, there is no assurance that such power will be used in a manner that is compatible with the actual interests of that citizenry, or populations elsewhere. The known history of the U.S. intelligence community is comprised in large part of murder, assassinations, disinformation, the topping of democratic governments, the abuse of the rights of U.S. citizens, and a great number of other things that cannot even be defended on “national security” grounds insomuch as that many such actions have quite correctly turned entire populations against the U.S. government. This is not only my opinion, but also the opinion of countless individuals who once served in the intelligence community and have since come to criticize it and even unveil many of its secrets in an effort to alert the citizenry to what has been unleashed against the world in the name of “security.”
Likewise, I will here provide as much information as I can on Romas/COIN and its upcoming replacement.
Although the relatively well-known military contractor Northrop Grumman had long held the contract for Romas/COIN, such contracts are subject to regular recompetes by which other companies, or several working in tandem, can apply to take over. In early February, HBGary Federal CEO Aaron Barr wrote the following e-mail to Al Pisani, an executive at the much larger federal contractor TASC, a company which until recently had been owned by Northrop and which was now looking to compete with it for lucrative contracts:
“I met with [Mantech CEO] Bob Frisbie the other day to catch up. He is looking to expand a capability in IO related to the COIN re-compete but more for DoD. He told me he has a few acquisitions in the works that will increase his capability in this area. So just a thought that it might be worth a phone call to see if there is any synergy and strength between TASC and ManTech in this area. I think forming a team and response to compete against SAIC will be tough but doable.” IO in this context stands for “information operations,” while COIN itself, as noted in an NDA attached to one of the e-mails, stands for “counter intelligence. SAIC is a larger intelligence contractor that was expected to pursue the recompete as well.
Pisani agreed to the idea, and in conjunction with Barr and fellow TASC exec John Lovegrove, the growing party spent much of the next year working to create a partnership of firms capable of providing the “client” – a U.S. agency that is never specified in the hundreds of e-mails that follow – with capabilities that would outmatch those being provided by Northrop, SAIC, or other competitors.
Several e-mails in particular provide a great deal of material by which to determine the scope and intent of Romas/COIN. One that Barr wrote to his own e-mail account, likely for the purpose of adding to other documents later, is entitled “Notes on COIN.” It begins with a list of entries for various facets of the program, all of which are blank and were presumably filled out later: “ISP, Operations, Language/Culture, Media Development, Marketing and Advertising, Security, MOE.” Afterwards, another list consists of the following: “Capabilities, Mobile Development, Challenges, MOE, Infrastructure, Security.” Finally, a list of the following websites is composed, many of which represent various small companies that provide niche marketing services pursuant to mobile phones.
More helpful is a later e-mail from Lovegrove to Barr and some of his colleagues at TASC in which he announces the following:
Our team consists of:- TASC (PMO, creative services)
– HB Gary (Strategy, planning, PMO)
– Akamai (infrastructure)
– Archimedes Global (Specialized linguistics, strategy, planning)
– Acclaim Technical Services (specialized linguistics)
– Mission Essential Personnel (linguistic services)
– Cipher (strategy, planning operations)
– PointAbout (rapid mobile application development, list of strategic partners)
– Google (strategy, mobile application and platform development – long list of strategic partners)
– Apple (mobile and desktop platform, application assistance -long list of strategic partners)
We are trying to schedule an interview with ATT plus some other small app developers.
From these and dozens of other clues and references, the following may be determined about the nature of Romas/COIN:
Mobile phone software and applications constitute a major component of the program.
There’s discussion of bringing in a “gaming developer,” apparently at the behest of Barr, who mentions that the team could make good use of “a social gaming company maybe like zynga, gameloft, etc.” Lovegrove elsewhere notes: “I know a couple of small gaming companies at MIT that might fit the bill.”
Apple and Google were active team partners, and AT&T may have been as well. The latter is known to have provided the NSA free reign over customer communications (and was in turn protected by a bill granting them retroactive immunity from lawsuits). Google itself is the only company to have received a “Hostile to Privacy” rating from Privacy International. Apple is currently being investigated by Congress after the iPhone was revealed to compile user location data in a way that differs from other mobile phones; the company has claimed this to have been a “bug.”
The program makes use of several providers of “linguistic services.” At one point, the team discusses hiring a military-trained Arabic linguist. Elsewhere, Barr writes: “I feel confident I can get you a ringer for Farsi if they are still interested in Farsi (we need to find that out). These linguists are not only going to be developing new content but also meeting with folks, so they have to have native or near native proficiency and have to have the cultural relevance as well.”
Alterion and SocialEyez are listed as “businesses to contact.” The former specializes in “social media monitoring tools.” The latter uses “sophisticated natural language processing methodology” in order to “process tens of millions of multi-lingual conversations daily” while also employing “researchers and media analysts on the ground;” its website also notes that “Millions of people around the globe are now networked as never before – exchanging information and ideas, forming opinions, and speaking their minds about everything from politics to products.”
At one point, TASC exec Chris Clair asks Aaron and others, “Can we name COIN Saif? Saif is the sword an Arab executioner uses when they decapitate criminals. I can think of a few cool brands for this.”
A diagram attached to one of Barr’s e-mails to the group (http://imageshack.us/photo/my-images/7/pmo.png/) depicts Magpii as interacting in some unspecified manner with “Foreign Mobile” and “Foreign Web.” Magpii is a project of Barr’s own creation which stands for “Magnify Personal Identifying Information,” involves social networking, and is designed for the purpose of storing personal information on users. Although details are difficult to determine from references in Barr’s e-mails, he discusses the project almost exclusively with members of military intelligence to which he was pitching the idea.
There are sporadic references such things as “semantic analysis,” “Latent Semantic Indexing,” “specialized linguistics,” and OPS, a programming language designed for solving problems using expert systems.
Barr asks the team’s partner at Apple, Andy Kemp (whose signature lists him as being from the company’s Homeland Defense/National Programs division), to provide him “a contact at Pixar/Disney.”
Altogether, then, a successful bid for the relevant contract was seen to require the combined capabilities of perhaps a dozen firms – capabilities whereby millions of conversations can be monitored and automatically analyzed, whereby a wide range of personal data can be obtained and stored in secret, and whereby some unknown degree of information can be released to a given population through a variety of means and without any hint that the actual source is U.S. military intelligence. All this is merely in addition to whichever additional capabilities are not evident from the limited description available, with the program as a whole presumably being operated in conjunction with other surveillance and propaganda assets controlled by the U.S. and its partners.
Whatever the exact nature and scope of COIN, the firms that had been assembled for the purpose by Barr and TASC never got a chance to bid on the program’s recompete. In late September, Lovegrove noted to Barr and others that he’d spoken to the “CO [contracting officer] for COIN.” “The current procurement approach is cancelled [sic], she cited changed requirements,” he reported. “They will be coming out with some documents in a month or two, most likely an updated RFI [request for information]. There will be a procurement following soon after. We are on the list to receive all information.” On January 18th of next year, Lovegrove provided an update: “I just spoke to the group chief on the contracts side (Doug K). COIN has been replaced by a procurement called Odyssey. He says that it is in the formative stages and that something should be released this year. The contracting officer is Kim R. He believes that Jason is the COTR [contracting officer’s technical representative].” Another clue is provided in the ensuing discussion when a TASC executive asks, “Does Odyssey combine the Technology and Content pieces of the work?”
The unexpected change-up didn’t seem to phase the corporate partnership, which was still a top contender to compete for the upcoming Odyssey procurement. Later e-mails indicate a meeting between key members of the group and the contracting officer for Odyssey at a location noted as “HQ,” apparently for a briefing on requirements for the new program, on February 3rd of 2011. But two days after that meeting, the servers of HBGary and HBGary Federal were hacked by a small team of Anonymous operatives in retaliation for Barr’s boasts to Financial Times that he had identified the movement’s “leadership;” 70,000 e-mails were thereafter released onto the internet. Barr resigned a few weeks later.
Along with clues as to the nature of COIN and its scheduled replacement, a close study of the HBGary e-mails also provide reasons to be concerned with the fact that such things are being developed and deployed in the way that they are. In addition to being the driving force behind the COIN recompete, Barr was also at the center of a series of conspiracies by which his own company and two others hired out their collective capabilities for use by corporations that sought to destroy their political enemies by clandestine and dishonest means, some of which appear to be illegal. None of the companies involved have been investigated; a proposed Congressional inquiry was denied by the committee chair, noting that it was the Justice Department’s decision as to whether to investigate, even though it was the Justice Department itself that made the initial introductions. Those in the intelligence contracting industry who believe themselves above the law are entirely correct.
That such firms will continue to target the public with advanced information warfare capabilities on behalf of major corporations is by itself an extraordinary danger to mankind as a whole, particularly insomuch as that such capabilities are becoming more effective while remaining largely unknown outside of the intelligence industry. But a far greater danger is posed by the practice of arming small and unaccountable groups of state and military personnel with a set of tools by which to achieve better and better “situational awareness” on entire populations while also being able to manipulate the information flow in such a way as to deceive those same populations. The idea that such power can be wielded without being misused is contradicted by even a brief review of history.
History also demonstrates that the state will claim such powers as a necessity in fighting some considerable threat; the U.S. has defended its recent expansion of powers by claiming they will only be deployed to fight terrorism and will never be used against Ameerican civilians. This is cold comfort for those in the Arab world who are aware of the long history of U.S. material support for regimes they find convenient, including those of Saddam Hussein, Hosni Mubarak, and the House of Saud. Nor should Americans be comforted by such promises from a government that has no way of ensuring that they will be kept; it was just a few months ago that a U.S. general in Afghanistan ordered a military intelligence unit to use pysops on visiting senators in an effort to secure increased funding for the war; only a few days prior, CENTCOM spokesmen were confidently telling the public that such other psychological capabilities as persona management would never be used on Americans as that would be illegal. The fact is that such laws have been routinely broken by the military and intelligence community, who are now been joined in this practice by segments of the federal contracting industry.
It is inevitable, then, that such capabilities as form the backbone of Romas/COIN and its replacement Odyssey will be deployed against a growing segment of the world’s population. The powerful institutions that wield them will grow all the more powerful as they are provided better and better methods by which to monitor, deceive, and manipulate. The informed electorate upon which liberty depends will be increasingly misinformed. No tactical advantage conferred by the use of these programs can outweigh the damage that will be done to mankind in the process of creating them.
Hello [redacted], hope you’re well. This is potentially very interesting.
Do you have any official documentation — like government tenders, contracts, emails from DoD, State or intel agencies — you can send across? Likewise anything from Apple or Google.
No, I have no government documents of any sort, but there are additional details within the HBGary e-mails that may be relevant. I do have two recorded conversations with TASC execs John Lovegrove and Chris Clair in which they refuse to discuss the program, though.
Also, The Guardian will be running my announcement tomorrow on their website, and I’ll be linking to a copy of what I gave you, which will appear on my group’s wiki, here: http://wiki.echelon2.org/wiki/Main_Page
What’s the announcement? If it’s different from what you sent me earlier, can you send that too?
The announcement is merely an explanation of why this is significant; it will not contain any additional information about the subject.
Also, note that the NYT may verify and expand upon the info I’ll be providing by searching the HBGary e-mails by keyword: http://hbgary.anonleaks.ch/
Here’s that announcement:
Hey [redacted] — I was about to email you, actually. Can you send me your number? I’d like to call for a quick chat.
First off, here are a sampling of the e-mails upon which I’ve drawn. You can log onto our Gmail account where the entirety of Barr’s e-mails are located and search by keyword to verify and to see others. Just go to Gmail and use the following login info:
Note that phone numbers for John Lovegrove and other people involved may be found in some of the e-mails I’ve pasted below.
I have also attached phone conversations I made to Chris Clair, one of the TASC execs involved in the discussions, as well as John Lovegrove, another TASC executive.
from Aaron Barr email@example.com
to “Lovegrove, John (TASC)” <John.Lovegrove@tasc.com>
cc “Chris (TASC) Clair” <CHRISTOPHER.CLAIR@tasc.com>
date Wed, Mar 17, 2010 at 10:56 AM
subject Re: Antacid
hide details 3/17/10
I feel confident I can get you a ringer for Farsi if they are still interested in Farsi (we need to find that out).
I don’t know anything about Centra. Thing is with these organizations they like who they know. I never heard of Centra. What type of linguists do they have? Another tac might be to have a few stars on your side and don’t claim a deep bench of linguists (most of which are probably DoD trained and not at all native). You can ghost this talking about most linguists available are not native or digitally knowledgeable, but we have some stars and we are teaming with (someone like Gartner or Lincoln or Leoni) to bring some of the on the ground cultural relevance. These linguists are not only going to be developing new content but also meeting with folks, so they have to have native or near native proficiency and have to have the cultural relevance as well.
If Centra has this then I say grab them, if its just to fit a qual I think we could tell a different story and ghost the approach most will take to check the box. Gartner has an amazing presence overseas, they can help out with on the ground MOEs as well. Lincoln and Leoni have been working in those regions for quite some time linguistically and culturally.
Clair, Chris (TASC) CHRISTOPHER.CLAIR@tasc.com
to “Lovegrove, John (TASC)” <John.Lovegrove@tasc.com>,
“Garcia, Kathy (TASC)” <KATHERINE.GARCIA@tasc.com>,
Aaron Barr <firstname.lastname@example.org>,
“Brunst Jr, Gerald R (TASC)” <GERALD.BRUNSTJR@tasc.com>,
“Newbern, David W (TASC)” <DAVID.NEWBERN@tasc.com>,
date Fri, Jul 2, 2010 at 12:58 PM
subject Google Meeting
hide details 7/2/10
Title: Google Meeting
When: Wed Jul 14 1pm – 2pm (CDT)
Where: WF3 3D
Who: email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org…
Sign up for calendar »
Your Agenda for Wed Jul 14, 2010
No earlier events
1pm Google Meeting
No later events
view my calendar »
When: Wednesday, July 14, 2010 2:00 PM-3:00 PM (GMT-05:00) Eastern Time (US & Canada).
Where: WF3 3D
Note: The GMT offset above does not reflect daylight saving time adjustments.
Meeting with Mike Geldner from Google.
Our address is
4801 Stonecroft Blvd. , Chantilly, VA 20151
My contact number is 703-449-3964.
We will talk about Google Enterprise Partners and other things Google that are important to the COIN proposal.