Other GCHQ News from Snowden

There are two other Snowden stories this week about GCHQ: one about its hacking practices, and the other about its propaganda and psychology research. The second is particularly disturbing:

While some of the unit's activities are focused on the claimed areas, JTRIG also appears to be intimately involved in traditional law enforcement areas and U.K.-specific activity, as previously unpublished documents demonstrate. An August 2009 JTRIG memo entitled "Operational Highlights" boasts of "GCHQ's first serious crime effects operation" against a website that was identifying police informants and members of a witness protection program. Another operation investigated an Internet forum allegedly "used to facilitate and execute online fraud." The document also describes GCHQ advice provided :to assist the UK negotiating team on climate change."

Particularly revealing is a fascinating 42-page document from 2011 detailing JTRIG's activities. It provides the most comprehensive and sweeping insight to date into the scope of this unit's extreme methods. Entitled "Behavioral Science Support for JTRIG's Effects and Online HUMINT [Human Intelligence] Operations," it describes the types of targets on which the unit focuses, the psychological and behavioral research it commissions and exploits, and its future organizational aspirations. It is authored by a psychologist, Mandeep K. Dhami.

Among other things, the document lays out the tactics the agency uses to manipulate public opinion, its scientific and psychological research into how human thinking and behavior can be influenced, and the broad range of targets that are traditionally the province of law enforcement rather than intelligence agencies.

Posted on June 26, 2015 at 12:12 PM • 54 Comments

Comments

Ross SniderJune 26, 2015 1:49 PM

I found it really shocking to see that the prerecorded ISIS messages and phone calls en masse some time ago match up exactly with JTRIG capabilities released by the Snowden documents.

Separate note: The United States, too, has developed pyschological capabilities (they call them Strategic Communications). DARPA SMISC, for example, studies how to track (with metadata) the flow of ideas through the internet and how to shape and direct them.

This link with the Snowden giant metadata programs isn't an accident. The TIA program that became the databases/analysis centers leaked by Snowden docs included as one of their objectives the tracking of people and information via large scale metadata analysis. It's true though that it was during the Obama administration that the objective turned more sharply from identifying terrorist cells to controlling and tracking the flow of ideas.

GamerJune 26, 2015 1:49 PM

Among other things, the document lays out the tactics the agency uses to manipulate public opinion, its scientific and psychological research into how human thinking and behavior can be influenced,...

Now isn't that interesting. I wonder if this has already migrated out into industry...

Over the past few years we've been noticing an increasingly microsoft-positive sentiment on Slashdot. At times it almost seemed engineered artificially.

Right now there are a large number of MMORPG style games available to play. One of them, Arenanet's Guild Wars 2, has been ranking well in the charts. This despite a recent player revolt over what would be included in an upcoming expansion as well as a massive nerf, removing (some estimate) as much as 1/3 or more of all skills (traits).

It all makes more sense once you learn that supposedly neutral third-party forums, such as reddit, may not actually be so neutral. Control the media and you can script any pseudo-revolt you so desire. That may just have been an advertising campaign.

Meanwhile an awful lot of their playerbase is unhappy over the changes, yet hardly anyone seems to be complaining. Turns out anyone complaining receives multiple downvotes almost instantly, which prevents other reddit readers from seeing their posts. Meanwhile there is an enormous steady stream of fluff articles talking about how pretty this plant looks, or how cute these two cats chasing each other look. Either a huge percentage of the playerbase would rather spend their time writing and voting up fluff stories instead of playing the game, or somebody is being paid to do it. Which would also explain how downvoting can occur so frequently and rapidly.

In many ways it reminds me of a pump and dump stock scams, only now being used to sell products. I realize astroturfing is nothing new under the sun, but this is taking it to a whole new level.

Perhaps once again techniques governments develop for their own purposes rapidly migrate out to society at large where they can be abused.

meJune 26, 2015 1:58 PM

It all makes more sense once you learn that supposedly neutral third-party forums, such as reddit, may not actually be so neutral.

Hacker News (HN) is particularly awful in this regard. I wish Bruce would stop linking to them.

marty johnsonJune 26, 2015 2:10 PM

Do you suppose these tactics include smearing and discrediting of advanced technical solutions to security and privacy??? Is it possible that innovative HW and/or SW designs could be nipped in the bud by disinformation spewed when media pigs get poked?

marty johnsonJune 26, 2015 2:24 PM

See 60 minutes spotlight on DARPA's MEMEX search engine and listen to the "experts" tell about the monstrous Dark Web hidden from most.
http://www.cbsnews.com/news/new-search-engine-exposes-the-dark-web/

Now read Wired's recent article which practically says this is all bullshit.
http://www.wired.com/2015/06/dark-web-know-myth/

Every YouTube video of "experts" at conferences and symposiums is full of bold statements of supposed insight, and for every one that says this, another says that.

One says the perimeter is dead, the only hope is increased visibility. The next says visibility is bogus, we should have been focusing on defense all along. One vendor gives a dramatic presentation how the only solution is a ginormous Eagle Eye type of defense that watches every last molecule and oops, never mind the billion false positives per second. And here's another roundtable from ivory tower types saying the only solution is more encryption... except, here's a bloke spelling out exactly why more encryption only works until it doesn't.

We are submerged in disinformation and it will get worse.

tyrJune 26, 2015 2:42 PM


For me the correct response is to find places with a clear
bias and agenda. Then since you know up front what is being
pushed you can sift through what you see looking for some
kernels that make sense.

The Net can drown you in irrelevant crap which discourages
anyone from being curious. That curiosity is a valuable way
of life without it we will be back in the caves being food
for wolves in no time. When the government is actively at
work undermining civilization in the misguided assumption
it will make things better things need a serious turn for
the better.

If you want to be wrong about something the Net is your
friend. Look at Roof, here's a dumbass who shot a bunch of
elderly women in a bible study class because they were
"raping our women". Then his family insisted the Net made
him do it. The tragedy is that you can get through school
in USA without learning how to think on even a rudimentary
level because it would make it hard to sell you crap you
don't want or need.

Chuck NorrisJune 26, 2015 3:01 PM

The document also describes GCHQ advice provided :to assist the UK negotiating team on climate change."

You recently said that the NSA spying on the French government wasn't a big deal since that's part of what it's supposed to do - what we all want it to do.

Isn't this the same? GCHQ is gathering intelligence to give the UK government an edge in international negotiations.

Sure, we oculd talk about whether it's ethical. Perhaps it's not, but then I submit neither is spying on the governments of states we're friends with.

I don't want to say either is wrong or right: just that they fall into the same category.

Vincent ArcherJune 26, 2015 3:32 PM

Right now there are a large number of MMORPG style games available to play. One of them, Arenanet's Guild Wars 2, has been ranking well in the charts. This despite a recent player revolt over what would be included in an upcoming expansion as well as a massive nerf, removing (some estimate) as much as 1/3 or more of all skills (traits).

The player population that frequents online forums devoted to a MMO is a very tiny percentage of the overall players.

If you are reading an online forum on GW2, you're probably in the less than 10% that do so. If you are posting on such, you're probably in the 1-2%.

While community managers are using all forums as a way to gauge stuff, the "player revolts" are almost never really what changes (or doesn't) policy. In-game metrics (if you have them, and your game should have them) are more significant.

BoppingAroundJune 26, 2015 4:41 PM

Gamer,
I have yet to read the document but I tend to think that *it* migrated not to industry but FROM industry. Government agencies are obviously piggybacking on research from advertising and marketing-related areas. And as you stated in your post, astroturfing is nothing new.

Ross SniderJune 26, 2015 4:51 PM

@BoppingAround

There is a synthesis. For example in the US civilian agencies such as the NSF support public research grants in areas that have both commercial and defense applications (in the case of the Psychological, social media graph and sentiment analysis algorithms, etc)

PS can you see my first comment?

Gaslighters Aren't UsJune 26, 2015 5:41 PM

Turning their capacities onto democratic populations is reprehensible, and clearly so. I do not think they should be dabbling in this behavior. But, usually how this works out is they will never get the good stuff, and no one would ever give it to them. This limits the damage they can cause, substantially.

The good stuff is profoundly dangerous and has evolved since the second world war. It is used for sophisticated manipulation, typically targeted against small cells and individuals. Individuals who are highly trained and experienced intelligence officers. It has evolved being results oriented and the technology is extremely difficult to get access to. It works very well with a combination of secret surveillance, but requires highly sophisticated operators. That is not the kind of operation anyone would tell even the groups they have intelligence from 'what they are doing', 'what they did', or 'how'... not even 'who they are'.

I am not sure where Britain is at that, but doubt they are anywhere even close to what the US or Israel can do.

Despite the fact that Britain has been running psy ops for much longer -- back to the upper half of the 19th century. (Anything truly serious and organized, that is.)

Often agencies like to spread out their domain, and it is typically disastrous when they do so. Even if they do not get good at it. There is no way they could. But, they effectively end up being like amateur crime fighters, playing 'batman' and just screwing up legitimate operations while doing so. It is awful.

Gaslighters Aren't UsJune 26, 2015 6:08 PM

@marty johnson

Every YouTube video of "experts" at conferences and symposiums is full of bold statements of supposed insight, and for every one that says this, another says that.
One says the perimeter is dead, the only hope is increased visibility. The next says visibility is bogus, we should have been focusing on defense all along. One vendor gives a dramatic presentation how the only solution is a ginormous Eagle Eye type of defense that watches every last molecule and oops, never mind the billion false positives per second. And here's another roundtable from ivory tower types saying the only solution is more encryption... except, here's a bloke spelling out exactly why more encryption only works until it doesn't.

If anyone is calling themself an "expert", then do not pay attention. If their marketing is doing so, forgive them.

Contagio has good links to good conferences: http://contagiodump.blogspot.com/2015/01/video-archives-of-security-conferences.html


Perimeter security is not "dead", obviously, but networks are increasingly laterally focused and there remains poor options for lateral visibility and protection. Any security system that offloads endless false positives is a bad security system. You want excellent visibility on your internal networks and strong heuristics as well as strong signature technology.

Nothing wrong with trying to pore through the material, but validating claims is extremely difficult to do. Very often the best tech is poorly understood by sales, and even sales engineers often do not well understand what it is.

But, if you can not find good documentation, good case studies, good information on 'how the system works', with strong proof of concepts then you probably are dealing with vaporware regardless of how well funded it is.

Harry JohnstonJune 26, 2015 6:39 PM

@Gamer: "Over the past few years we've been noticing an increasingly microsoft-positive sentiment on Slashdot." ... no need to postulate a conspiracy; this is probably just what statisticians call "regression toward the mean".

In other words, as Slashdot readership increases, the proportion of the readership belonging to any particular group (in this case, Microsoft haters) is liable to decrease.

[Full disclosure: I held a Microsoft MVP award for a few years several years back, and I use Windows professionally. So, yeah, I'm biased.]

Nick PJune 26, 2015 7:47 PM

@ gamer

Type astroturfing, facebook (or twitter) fake reviews, corporate fake grass roots campaigns, and so on to get plenty of results. Commercial sector has been using this before government. I had an article about a firm that did it for Fortune 500 companies with fake "community-oriented" websites and all but lost the link. Can't find it because this shit is so common that Google & DuckDuckGo are flooded. However, I recall they had a platform that somehow tracked the activities to automatically tell you how successful the sites, personas, and so on were esp buzz generated. Part of this was seeing how readers brought in newcomers and evangelized them for you.

The industry is estimated at close to a billion dollars a year.

@ marty johnson

"Do you suppose these tactics include smearing and discrediting of advanced technical solutions to security and privacy???"

Some have turned up here and elsewhere. They don't seem to smear good technology so much as neglect to mention it while embracing NSA et al's solutions and promoting private solutions that aren't good enough. Interestingly, this is what NSA itself does in its outreach. ;) At least one has smeared good tech that we know hampers NSA, though. So, they're experimenting with that idea at least.

"Now read Wired's recent article which practically says this is all bullshit."

His claims match my research. I've been calling them out as well on their bullshit. They were saying the same things about BBS's and password-protected forums back in the day. Most stuff on Dark Web is truly boring: same blogs, politics, forums, sharing sites, and whatever you find on open web. Without the best ones. ;)

"We are submerged in disinformation and it will get worse. "

It's a combo of misinformation and disinformation. The security industry is multi-part. Each have their own culture, background knowledge, and so on. It becomes the lens through which they see everything. Getting information to them about solid INFOSEC or even enemies' likely strategies takes a *lot* of work. You also have to get past the ego's and elitist attitudes possessed ironically by those getting their asses handed to them by nation states. Let's just say they tend to fumble around the solution space.

@ Chuck Norris

If they're getting information, it would probably be fine. Yet, the main document is about manipulation of opinions and stuff. Using such tactics in a global warming context is exactly the kind of thing we don't need. If that's what they did...

Russ McFartlandJune 26, 2015 9:15 PM

Interesting. That explains why these subconscious stinkeroos kept creeping up on blog comments everywhere. I had suspected they are government related astroturfing pen writers.

JustinJune 26, 2015 10:28 PM

@ Nick P

Type astroturfing, facebook (or twitter) fake reviews, corporate fake grass roots campaigns, and so on to get plenty of results. Commercial sector has been using this before government.

Yes! Not just Putin, but everything from presidential campaigns of both parties to Obamacare and TPP, gun rights, gun control, Microsoft Windows etc. (you name it---anything controversial) has been astroturfed. Chances are, if you go comment somewhere on the internet, that most people commenting there are being paid to comment there. It's highly commercialized and politicized. If it's something the average person would even care about, the average person's voice is more likely than not drowned out. Special interests rule, because chances are, if you are anything like the average and it isn't special to you, you aren't going to be bothered to even comment about it. Squeaky wheel gets the grease and all that, but there's a lot of money, power, and politics behind the squeak.

@ all

An August 2009 JTRIG memo entitled "Operational Highlights" boasts of "GCHQ's first serious crime effects operation" against a website that was identifying police informants and members of a witness protection program.

Personally I would support any operations against a website like that. And there are websites like that. They are not hard to find and they are not legitimate. People have a right to remain silent to the police, but they do not have a right to coerce others to remain silent to the police. I know, everybody hates a rat, but people have a right to talk to police and testify to courts without having to fear for their lives. I, for one, hate mob rule, and I've been beat up myself for complaining about serious crimes.

Iron EagleJune 26, 2015 11:19 PM

@Russ McFartland, @Justin

Interesting. That explains why these subconscious stinkeroos kept creeping up on blog comments everywhere. I had suspected they are government related astroturfing pen writers.
Squeaky wheel gets the grease and all that, but there's a lot of money, power, and politics behind the squeak.

It often is just some internet whacko with too much time on their hands, as opposed to any sort of consolidated conspiracy or plot. "Mirage Men" is a must see documentary on this sort of operation: you have a valid counterintelligence agent who had a problem. UFO nuts were overly interested in sensitive airbases. So, they fed into one of the primary nuts delusions. They brought him into a room and claimed they really had alien contact, and provided him with a lot of evidence towards this conclusion. He ended up killing himself before going even far more bonkers then he already was.

All of this was denied by the Air Force. Except the guy did work for them, and they did have an operation. But, he continued speaking at major UFO conferences even long after he retired.

I worked around some of this, years back, and it was really the most creepy shit I have ever come across in my life. Glad I did not have to peer too closely in that fucked up, Halloween hell world.

You see this around a lot of forums related on hacking. Some of it is cops from various nations, some of it is various intel agencies. They are paranoid that everyone and anyone is either some kind of spy, or working for foreign powers. Often they will bounce between various personas. On one turn, they may be strongly sticking to "default government message", on another turn they may appear as a radical. They will even argue against themselves. Kind of useless, and they are really just cheap heads working for "defense contractors" who also shop out to corporations interested in protecting their brand name and such as that.

When they figure someone is a real threat, they first do extensive homework on them, then try and gain their confidence while also running a confusion campaign. They use pervasive surveillance to do this, break ins, disguises. Disguises are for varieties of doppleganger operations. For instance, they might appear as people you have known in the past, but stay out of contact range. Deliver the mail wearing a mask of one of your high school teachers, or as your high school best friend. By the time you realize anything, they are gone. It just sets them on edge. It gives them a "small world" syndrome and primes them for wanting to find someone they can trust, who they can confide in. By the time they do, they are near desperate and dump everything they can. (If what they do is very secret, the stress just continues.)

For a confidence campaign, the objective is to gain your trust, often by looking like and talking like someone they know you have known in the past. The human mind is just keyed that way. Similar voice, similar face, similar personality. But different.

Isolating people is easier then it might seem, but spies and hackers often are very paranoid people who tend to keep to very small social circles. If there are trust figures, it is important to separate them, to ruin those relationships. Not difficult to do when you control what they see online. Or to write emails or contact them in such ways that they would never respond back.

It is all very systematic and response oriented. If you know the techniques because you have studied similar systems, you are best off. Just do not let them get into your head, because if they have, then they have already won. You will be thinking one thing, focusing on the sort of manipulative evil shit they spew, and they will be working from another angle entirely. It isn't about making sense, it is about not making sense. They try to get at that level of the brain, where your mind will just make sense out of anything absurd. By then, it is just mush.

You are then open to "friends" who make sense, but is really some really weird psychopath who is just wearing a mask all day long. It is hard to get into their mindset. Think about it. What kind of person would wear masks to look like someone else? Be they just some poster online, or be they the person you share a drink with at a local bar. Devils is what they are, that twisted to do such bizarre things ordinary people would never even begin to dream of.

Iron EagleJune 26, 2015 11:36 PM

@Justin

Personally I would support any operations against a website like that. And there are websites like that. They are not hard to find and they are not legitimate. People have a right to remain silent to the police, but they do not have a right to coerce others to remain silent to the police. I know, everybody hates a rat, but people have a right to talk to police and testify to courts without having to fear for their lives. I, for one, hate mob rule, and I've been beat up myself for complaining about serious crimes.

I apologize, I meant to address this. You should have reported them for beating you up. That is where I think there is a good case for some law and order. The rats are the criminals who are a sordid bunch, despising all authority, thinking themselves god on earth. They are just animals who are incapable of reasoning. Born merely for the hunt, to be caught and made an example of.

I am sorry you did not have effective help on such a horrible matter. Where I come from the bad ones get their payback. People have this idea that there are "sociopaths" and then "everyone else", but the fact is there are just really rotten people. Sociopaths can know fear.

You would have liked the people I used to know. They would target some criminal boss and go after them like that. Alienate them, get them on the run, let them feel they have control, then put the pressure back on them when they think it could never come back again.

Masters at making people wonder if they are not human at all. Which is a fitting attack tactic, after all, they are dealing with those who treat people as if they are not themselves human. So, for whatever reason, that tactic works really well. Blurring the line between how they define people, and how they do not define people.

Until that cracks. It is so stretched, they end up seeing anyone and everyone as "one of them". It finally taps into what they know they so deeply deserve.

Hard to tap into that with hardened criminals. Because they live as if everyone owes them everything, all the time. But down deep inside, they know the score. And once they see that brought to the surface, there is no putting it back down. It is taking the skeletons out of the closet and putting them on parade, with flashing bright cameras and video camera and the whole world gawking.

Astroturfing sons of bitches, and bitches who birth them. Fancy rats in top hats, thinking they are kings of the world. But, they know in their hearts, their ultimate destiny is bars of the zoo, the prison of their own making. Everyone has the capacity to burn in shame, except the innocent. And the more guilty they are, the more burn they feel. Just hard to get that match going.

Gaslighters Aren't UsJune 27, 2015 1:55 AM

Well, this is quite interesting. Just finished scanning the documents. I was surprised to see they actually used the batman logo, after having stated this is a danger of this kind of behavior. A little relieved to see they appear to be less focused on altering the opinion of democratic populations then news blurbs had previously led me to believe.

I was also relieved to discover they had not run across any of the 'good stuff'.

Looks like a lot of NLP crap.

There is a very strong potential for friendly fire. True story. There was this early version of the DIRT virus years ago. User views the html, gets hacked, never knows what hit them. Well, one guy decided to play batman with that - as hackers have tended to do - and hacked up a child pornography list. What is the problem? Well, he hacked an undercover officer while doing that.

One of my ex-coworkers once came to me after our company suffered a hack. He asked if we could hack them. I said "no, turn it over to the FBI". "It could ruin an ongoing investigation for all you know". You might think, "Oh, bad guy coworker, right?" If by "bad guy" you meant a highly decorated ex-air force officer, then, I suppose so... no, he was not a bad guy.

Police work is a genuine bitch. Very often wrong people are jailed. What does that mean? Who cares when you are saving the world and playing batman? Right? Only the actual criminal goes free because of that. In many instances the criminal can even confess and be ignored -- someone else is already locked up for the crime!

Real basic "math", but people don't want to believe that. They want to play "good guy", and it does not matter if they even know what they are doing or deal with real consequences.

Obviously, there are other problems. For instance, targeting hackvitivists. Well, Sabu was working for the FBI. He was the head of Lulzsec. Who else there should anyone have been bothered with? Yet, you could easily have, for instance, Brits attacking Americans whom they believe to be bad actors... when in factor they are attacking something way over their heads. It is absurd. Friendly fire. Only one team does not have the slightest clue as to what they are doing.

I can tell from the lack of details (even for a glossy "buy into me" presentation to another agency they want to impress) that they have not even begun to work out the problem of social media and handling serious online aliases. They admit this is a problem, but even the questions they are asking - the problems they are stating - are 90s level efforts. They do not know the right questions to ask because they do not have the sort of resources required to keep a live operation with many actors all networked together and the illusion of persistancy across those networks.

Good example: one forum we saw targeted engaged one individual who kept up multiple persistant "alpha male" personas. One was anti. One was 'kind of anti, but kind of swung both ways and with relatively plausible reasons to do so'. Another was strong anti.

With all of them the goal was to steamroll everyone else, winning battles with 'the anti', and so winning favors with the 'fors'. They, however, had very poor covers, and when pressed for details, they failed. They did not detect failure, either. All were regulars. And the agenda? Biggest problem of all. Very, very simple, black and white agenda to simply destabilize the community and obtain target information by sending out links which could help them attribute otherwise anonymous posters. As well as some other knuckle dragging goals.

You have to understand: the individual had very, very poor training. Next to no experience with psychological operations -- not even on the same class with your basic confidence artist. Very little understanding of effective security psychology at all. A little around the level of what you would find from amateurs at NLP conferences. Their cover was very weak and poorly thought out and they could be trivially engaged to expand on it without feeling a need to ask for help or looking anything up.

Hyper aware of the basic weaknesses of praise and condemnation, but unaware of the very same weaknesses in their own selves. And prone to the very same vanity weaknesses found in your common "must lead" "alpha males" they play act.

Of course, you are usually talking about very little clearance, no experience running agents, no experience in substantial counterintelligence successes, no experience really, at all. Very little salary, and motivated to try and be accepted in their own new found prestigious peer group. No family background, no sense of belonging to their own group. Tripe as their belief sets. Basically, hammering into their own skulls what they view as "patriotic", but everyone else sees as brown nosing.

Consider: it is not very glamorous nor prestigious of a position. It is a glorified desk job, and not at all "real world" where they would not fare very well.

And their glorious targets? Kids. Twenty something kids trying to figure out what they believe. Kids who can barely work a computer and have some ideas in their head they probably should not. But honest kids. Not marxists, not islamists, nothing. Kids who are shockingly liberal, and maybe have too much left wing crap stuck in their heads, but who don't do anything worse then have a viewpoint which is not the current and total best line of what government propagandists believe they should have.

That is what you call a 'dead end desk job'.

They can't believe that they belong. That they have a badge. They have clearance. James Bond with a keyboard (in their heads).

JustinJune 27, 2015 2:44 AM

@ Iron Eagle

That's a lot of food for thought. Your perspective on UFO's is refreshing. On some forums people take that stuff very seriously and will not be dissuaded.

"You should have reported them for beating you up."

They were duly reported. That was a long time ago. It just pisses me off when people smoke crack, and deal that stuff, and allow it to be dealt. Second-hand crack smoke is awful. And all the astroturfers would have you believe crackheads and other druggies are "nonviolent"---well try to get between them and their crack.

People read between the lines of what I post, and all of a sudden it seems they know way too much about me...no offense there, not you, but some of the things you say (like it is)...the hairs go up on the back of my neck. Sometimes I think I'm getting way too much attention on this forum. Not to mention the people who lurk but never post.

@ Gaslighters Aren't Us

Weirder and weirder. Down the rabbit hole we go.

name.withheld.for.obvious.reasonsJune 27, 2015 3:18 AM

@ Nick P

Let's just say they tend to fumble around the solution space.

That's hilarious--but true...I'll have to put my latest web trousers on it...


I tried to visualize an N-dimensional non-Euclidean Hilbert or Banach kernel for processing their fumbles...but a Kalman filter will do in this case.

TimJune 27, 2015 3:55 AM

Fascinated by the human insight in the psychology report.

These people are not even able to measure success (unsurprisingly), and feel guilty about what they're doing - this is a relief in some ways. Obviously what they're doing is just about the most disgraceful thing imaginable, unless they're sure of the aim and the justification - which they aren't, not least because they can't measure success.

It is easy to imagine gchq as a cunning and powerful organisation. It is a comfort to remember they're actually just stupid human beings like the rest of us.

I pity those poor idiots I really do - what a terrible way to earn a living.

Clive RobinsonJune 27, 2015 9:22 AM

@ Tim,

I pity those poor idiots I really do - what a terrible way to earn a living.

Why pitty them they are thieving criminals taking money --that could be better used elsewhere-- by immoral means.

They should be sacked and have their pension and other assets taken from them, then they might understand why there are ethics committees that would be duty bound to stop their unsound --of mind-- reasoning and activities.

As for those that employ them one can only hope that there is a special place in hell reserved for them, and the sooner they are dispatched that way the better for all.

Nick PJune 27, 2015 10:29 AM

@ name.withheld

Lol. A series of Kalman filters feeding into government commitees, corporate IT departments, and occasionally each other. Some increase precision slightly as they process more noisy data. Others... decrease... precision over time as new data comes in. Word has it that an SAP is developing yet another Kalman filter that operates on the output of other filters to try to converge them into something resembling useful data. Cost overruns are expected on this...

Note: I've always visualized it as a hill climbing algorithm with backtracking... operating in a landfill. Beware the local maximas. ;)

rotorJune 27, 2015 11:19 AM

I live in the UK. To us this isn't really news. It's all over the place. BBC1 has started airing a show during prime time that explains how the London police goes around the city tracking bad guys to "keep us safe" and how grateful we should be for all those stingrays and biometrics. Last Thursday I could barely contain my laughter as I read a free newspaper handed out in all London underground stations. One of the articles explained how "new and cutting edge research" was helping to "keep us safe" by developing new ways of analysing tweets and web pages in order to profile and prevent radical content. The article then proceeded to explain that "some *legally obtained* e-mails and chat logs could also be added to the database". I wonder how they manage to populate their database with enough personal e-mails and private chat logs to uncover significant statistical trends without incurring in illegal dragnet surveillance... Anyway, the point is, this is now bread and butter in the UK.

NoldenJune 27, 2015 11:41 AM

@Tim
"I pity those poor idiots I really do - what a terrible way to earn a living."

I totally agree. These are ultimately a bunch of regular guys (the kind of people who sat next to us a college) who fell for a flimsy story about saving the world and are now caught behind a desk, processing the sexting logs and penis snaps of their neighbors' children or posting a load of crap on reddit in order to distract a bunch of teenagers from talking about Tor. I often try to put myself in these people's shoes. What will it feel like reaching retirement age and looking back on their legacy, especially now that the cat is out of the bag with the Snowden revelations?

vas pupJune 27, 2015 12:02 PM

@all: Stasi program Zersetzung was similar program of previous century. See details in Stasi article on Wikipedia.
Adolf Hitler used to say 'The best way to fight the idea is to break the skull of the idea holder'. Now the point is to break the brain within the skull living skull intact. 21st century gentlemen! Outcome: Idiocracy.

The propaganda. It's everywhere.June 27, 2015 12:34 PM

@Gamer

It all makes more sense once you learn that supposedly neutral third-party forums, such as reddit, may not actually be so neutral.

The coordination of downvotes of certain topics, censorship of those same topics (i.e., mysterious and/or dubiously explained disappearance of links to "undesirable" news coverage), the insanely questionable practice of shadow banning, the impossibly pro-Democrat (not to be confused in any way with democracy) of r/politics, the usurping of r/undelete and subsequently r/undeleteundelete, etc., show Reddit has obviously been gamed. Whether it's via corporate or government manipulation - like most mainstream media - Reddit should not be trusted as a reliable source of information.

For now anyway, Voat (although still in its infancy) is the new Reddit.

Iron EagleJune 27, 2015 2:11 PM

@Justin

People read between the lines of what I post, and all of a sudden it seems they know way too much about me...no offense there, not you, but some of the things you say (like it is)...the hairs go up on the back of my neck. Sometimes I think I'm getting way too much attention on this forum. Not to mention the people who lurk but never post.

Justin, I am not joking. I will give you the lay of the land.

When you have someone under surveillance, if you wish to inform them of this, you can inject signatures of their private behavior into your speech with them in such a way it can appear coincidental. However, they will leave knowing it is not. This is typically decided in advance on a team level, but it is also an option left open to individual operators.

Depending on the circumstances.

There are various uses for this. One, it can be used to intimidate people who work for your own side. Some sorts of training is very likely to get even the most stable and loyal of people very upset. This is understandable. But, to get control back and to return them to some level of caution, you can remind them in this way that nothing they do and nothing they say is out of inspection.

If they are an enemy target, this behavior can be used to establish rapport and, at the same time, knock them off their feet. They can not prove they are under surveillance, but there is only such level of coincidence even they can abide by. How you say it matters. Tone comes through even in writing. You deliver it in a serious, confident manner so they know you know. But, they will also count it off as a coincidence.

I will not say "why" that is used, but I will say that is used.

It goes against everything you would think that you should ever do with someone whom you have expended enough time and energy to get surveilled. I will say that. So you have to understand that this tactic is simply that valuable. Though I will also point out blowback chance is nil. Despite how it can seem otherwise. This is because of the effect it has. It has the same effect on everyone, if it is delivered in the proper constraints.

"Why" might you come under such surveillance? Where you post is a major factor there. This is such a site where you might come under surveillance. These sorts of people are trained to believe nothing anyone says or does to establish who they are. Even if you are a friendly to one group, you may not be a friendly to another. There are several major nation players at this. And even if you appear to be a friendly, your own nation might consider you likely not. Believe nothing, believe no one, test everything.

Defenses. Do not post on such sites. You have a right to, so let us forego that choice. Assume surveillance even if it is impossible. On a regular basis put out false information which is decidedly not you. Do this on your systems, ones connected to the internet, ones not connected. Do this via social networking, email, sms, anywhere you might talk. Do not make threats. But do be sure and make controversial statements "in private". Do that which a person would never normally do under surveillance at the same time. Separate where you do this and with whom you do it.

Then see if anyone comes back with it.

How do I know this works. Because training and live fire are the exact same thing. In training you are the target. In live fire someone else is. This is also how you can stomach doing this to others. Because you are well accustomed to having it done to your own self.

You know exactly how they think. You learn how to evade and turn such systems against them. You know what to keep and what to avoid. And you can detect and be prepared for their reactions.

The devil is in the details. This is why there is training. Know your enemy is not some meaningless slogan. It is essential.

The other way is to blow it all off. You do not do anything, you do not work for anyone, you never have worked for anyone nor done anything of an interest to anyone. Nor will you ever. You could still be used. If someone goes through the efforts of getting into your systems, and they may have the slightest remaining doubt, but you know you have nothing to worry about because you have zero of value they might use you for something. This is extremely unlikely, however.

There are always going to be more important people, more important targets. So, you know this, just as you know you have nothing to fear from cops because you never break the law.

I write this because of what you wrote about your hairs standing up on your neck. I knew a friend who was very scary, very well studied in psychology who told me that they use that as a litmus test with unknown people. I wondered about that because they could handle anyone. I also wondered about that because I have never had that sensation before nor since.

You also state you post on UFO forums, which may mean conspiracy sites. And you post that you had this warning signal when it seemed people knew a lot about you. If you have nothing of value, then you can chalk that off. I am not sure why anyone would use that technique with you, however. Maybe they do not believe you. Maybe they view your everyday opinions as some manner of threat to their purposes. I would definitely assume your systems are compromised in the worst case and operate as if that were true. In the best case, maybe they gathered their information from easier to obtain sources.

That is another defense. Do not have easier to obtain sources.

And if you do, ensure they are fake.

Iron EagleJune 27, 2015 2:27 PM

@"reddit"

I do not know all the ins and outs of reddit, but some observations. The problem with relevancy voting systems is it trains people to group think. This works great in some circumstances. If you want to know good advice on some neutral topic, or find the hottest story, that can be helpful. If you want to find the funniest cat video, that can work great. But, for many topics where minority opinions may be the best, it is very bad. Where group think may be a strong negative attribute, it is very bad.

You do not need a government conspiracy to fuck that up. It is already fucked up by default.

"reddit"June 27, 2015 4:28 PM

@Iron Eagle

In general, I couldn't agree more with your observations on "relevancy voting systems."

However, in the specific, what I (and many, many others) have observed on Reddit goes way beyond group think. Even eliminating the voting entirely from the equation, there's some massive manipulation happening as to which news stories/topics are allowed to get significant exposure.

...and by this point I'm sure we can all agree, the fact that you do not need a government conspiracy to fuck things up, doesn't mean there isn't one.

Iron EagleJune 27, 2015 5:51 PM

I have gone over the documents. Most of this information indicates they are either not targeting undercover foreign intelligence officers at all, or they literally have almost no experience doing so.

Explaining this is not very difficult to do.

There are other, obvious, possibilities. This may be disinformation. Snowden had access to operations and presentations which were loosely thrown about secure networks. Likely, so did spies. Or, less plausibly, Snowden was knowingly or unknowingly subjected to a sophisticated disinformation campaign.

More likely, this is simply what happens when a signals intelligence agency tries to expand their turf into domain which is much more sexy by already owned, by say, MI5 and MI6. Who wants to be just support? Nobody makes movies about support. Well, disregarding the upcoming "Minions" movie...

I am not downplaying their capacities and organization because I believe this is what one should do for friendly intelligence organizations. Where one believes they are highly capable.

The most dangerous form of intelligence officer is the undercover one. They will tend to have two to five primary aliases. If they do any online work, they may have hundreds or even thousands of minor aliases.

There are two central flaws in these papers:

1) They are operating as if the alias of that officer is real, be it primary or minor aliases. Very likely, minor aliases will usually have little to no credentials, though some may be used by, for instance, grabbing someone else's identity from, for instance, social media. Where that purpose is merely to have a flimsy, quick cover unlikely to be checked up on seriously.

The primary aliases would have significant capacity for investigation and inspection by competing organizations. This means there are no real friends, colleagues, family. What you have is a lot of noise, and then primary individuals anyone would want to investigate to establish their background. This is like the old days when you have a phone number or a phoney work record. Nobody substantial is there until someone comes along and checks up on them. With social media this is more difficult. You have others who work these accounts, and then when they get a buzz they forward contact to the operatives who are prepared to provide adequate cover story which is convincing.

Worse, they know that that buzzer was rung likely because some competing intelligence agency is doing the ringing. So, this gives them all sorts of opportunities for turning around the situation right away. This tells them their officer is being spied on. And this opens doors for turning the tables on them. This is extremely valuable to them. It can spawn all sorts of very valuable operations.

So, mirroring an alias, digging into the past of an alias, discrediting an alias, on and on these documents go all is assuming that they are not dealing with an alias. Which is completely absurd and naive.

2) A good example to explain this point is their "four d's", which are "to disrupt, deny, discredit, and deceive". Which of those four d's is actually what they should be doing with an undercover foreign intelligence officer? To deceive. The others are the exact opposite of what they would want to do for a reason beyond merely opening themselves up to counter operations.

You want to convince, persuade, encourage, credit, allow. You want to befriend, you want to watch. And you want to do all of this without appearing you are doing it at all. Because showing even friendly attention can reveal your hand.

You want to set them at ease, make them feel secure. You control them by promoting them. Same with any cover or false flag company. Do not over act, but be plausible.

There is some mention of these sorts of tactics in some of these documents, but almost invariably they are ultimately used for one of the "four d's" as opposed to what they should be doing. Which is very much the exact opposite, and the exact opposite is exactly what is very significantly missing in these documents.

This is like a serious of documents that claim to say "this is how you learn to drive" and then only provide instructions for everything not to do. And very conspicuously gives next to no advice about how actually to drive.

INUTSJune 27, 2015 6:08 PM

@ironeagle, thought-provoking point about the trick of "inject signatures." But it really hinges on a minimal degree of competence, does it not? It doesn't work if your Stasi is a laughingstock. For independent states and properly-constituted civil society, a portentous 'We're watching you,' doesn't raise hairs on the neck so much as it tickles the funny bone. The Chinese, Russian, Iranian, and Pakistani states regularly make fools of their 'Western' watchers. Civil society routinely makes fools of them too, but then Western-bloc states are quick to attribute the humiliation to less embarrassing adversaries like China. When a regime is a joke to its dominant classes, when its closet is full of criminal skeletons and its legitimacy is in shreds, and when it's left behind as a delusional has-been by the world, then its actual enemies have nothing to fear. They can ruin a few helots if it makes them feel better, but the old Atlantic axis lieben doch alle--alle Menschen.

Iron EagleJune 27, 2015 6:44 PM

@"reddit"

In general, I couldn't agree more with your observations on "relevancy voting systems."
However, in the specific, what I (and many, many others) have observed on Reddit goes way beyond group think. Even eliminating the voting entirely from the equation, there's some massive manipulation happening as to which news stories/topics are allowed to get significant exposure.
...and by this point I'm sure we can all agree, the fact that you do not need a government conspiracy to fuck things up, doesn't mean there isn't one.


I think you now have documents very explicitly confirming these suspicions.

Your last statement, especially says you are a very smart person, strong with words, and don't feel in the slightest bit intimidated by these efforts. Which means to me you do not feel that you are a likely personal target of anything significant and likely see most of this as it is: keystone cops.

Frankly, an even better depicition: disturbingly evil keystone cops, lol. :-)

There are cops who hunt for little fish, and cops who hunt for big fish. Now, even if you are a big fish hunter, what would you do on reddit to try and catch that very rare, white whale? Muckrack "enemy" forums, or try and get close to them using that as a doorway to gain their trust?

I do believe inciting either confusion or mistrust can be a tactic. Inciting confusion can put someone in a state of desire to have matters explained to them. Inciting distrust can put someone in a state of desire to have someone to trust. Akin to inciting celibacy to really cook someone up for a honey trap, I suppose.

This is one good reason it is wise to assess one's own self accurately, and try and ignore such activity. Where people go wrong is when they put themselves into the other categories. This is typically because of common vanity. People tend to believe that others are more interested in them then they really are. They fail to try and do accurate personal risk assessment and end up damaging themselves.

Should fault lay on this organization performing such actions? I think so, absolutely. Hopefully, this exposure leads them to change. But, considering the way England seems to be going.... not so much confidence on that.

It appears very apparent they are firing on friendly civilians en masse, both their own people and the people of other friendly nations. This is not... what... they should be doing. In my opinion.


GamerJune 27, 2015 8:20 PM

However, in the specific, what I (and many, many others) have observed on Reddit goes way beyond group think. Even eliminating the voting entirely from the equation, there's some massive manipulation happening as to which news stories/topics are allowed to get significant exposure.

...and by this point I'm sure we can all agree, the fact that you do not need a government conspiracy to fuck things up, doesn't mean there isn't one.

The government conspiracy may be as little as a lack of regulatory oversight.

How much would it cost a company for a single 30 second commercial advertisement on TV? To make the commercial and just to run it once?

For a fraction of that cost they can hire people for years to vote stories up & down on Reddit. It's awfully similar to a pump and dump stock scam, but this seems to be legal. And that's really kind of frightening. Especially when you can't tie the company to the advertising, and the advertising can claim anything, including falsehoods, without repercussions. Possibly some low-level flunky middleman will get burned, but that's about it.

SkepticalJune 27, 2015 11:53 PM

The second story is not a concern upon examination of the source documents, which defuse the sinister but largely implicit implications of the Intercept article.

This discrepancy between what the documents show, and what the Intercept article implies, has become a regular feature of the Intercept's "reporting", which is often little more than half-informed pamphleteering. I'd also note that many of the propaganda techniques described in the documents are - in a deliciously ironic turn of events - precisely those techniques one sees again and again in the Intercept's reporting.

Look, the documents describe a group that targets forums specifically designed to facilitate criminal transactions and enterprises, and terrorist groups.

The Intercept, in a magnificent display of ethics and a sense of humanity apparently decided not to redact the name of the psychologist involved, no doubt hoping that his naming would lead to sanctions against him. I find this to be disgustingly callous - I find myself almost as annoyed by the stupidity of the disclosure (it is vindictive, and wrongly so, without any further utility) as I am by the lack of consideration in disclosing it.

What does this group do?

From the documents:

The three operational groups can be further sub-divided into teams as follows:
Rest of the World:
o Cyber Crime (based in Scarborough)
o Serious Crime
o Cyber Co-ordination and Operations
o Network Defence (based in Bude)
o Iran
o Global (non-Iranian targets)
Counter-Terrorism (CT):
o Active CT Operations
o Active Language CT Operations
o CT Covert Internet Investigations
o Forensic Analysis
Support to Military Operations (SMO):
o Strategic and Tactical Level Effects Delivery
o Seized Media Exploitation
o Standby Globally Deployable Capability

Another portion of the document discusses preventing crime by emphasizing the cost of the undertaking and the risk of getting caught.

These are legitimate operations against criminal, terrorist, and hostile government targets.

Moreover, they are non-violent operations. If they can discredit a key leader urging a strategy of fomenting sectarian violence by committing atrocities, then good for them. If they can disrupt a criminal conspiracy by sowing distrust and discord among the conspirators, then good for them.

In short there is nothing illegal or unethical about what is contained in the documents.

The only way you get to something illegal and immoral is by taking the broadest implications of the Intercept article - namely that this is a group aimed at "manipulating public opinion" broadly, including peaceful dissidents.

However the document supports none of those things. I have the sense that the reporters either don't understand the types of operations they're reading about, or they're deliberately distorting the facts for their own ideological mission.

Really - let's just for a moment turn down the paranoia dial a little and think this through. There are a plethora of online criminal networks that cause billions worth of damage to businesses in the UK and elsewhere. Terrorist organizations rely heavily on online networks to recruit foreign fighters and donors, and to build an ideological following.

These are the organizations where, with the meager staff described in the documents, one will find focus.

Are you a carder trying to become an administrator on one of the larger criminal sites? Then you may well encounter an intelligence or law enforcement officer under a fake persona. Will you know? No, you won't. Perhaps you'll still take the risk, but the cost of your business just went up.

Are you someone who posts on a site like this and enjoys discussing these topics? Your chance of encountering anyone belonging to that unit is within a very small neighborhood of zero. I'll tell you why. You don't cause billions of damage, you're not plotting terrorist acts, and it doesn't particularly matter to the British Government whether you consistently drink the Greenwald kool-aid or not. Your opinions are important to you, and they should be. To the British Government? No. Important enough to devote one of a staff of 122 people (described in the document) to getting you to - what, think less poorly of GCHQ?? Sorry, no.

Let's get real people. These discussions often teeter on the line between a fair skepticism and an utterly absurd paranoia, and lately they've been falling on the side of the latter.

Iron EagleJune 28, 2015 12:48 AM

@Skeptical

Oh, hello Skeptical. Well. Here is the Bad Guy from these matters...

I will be blunt with you from the outset. I have worked at two companies that were hacked by anonymous. This hurt me very badly.

That aside... which I am quite sure you are, by now, very aware of...

Okay. So, I do not disagree with you.

But, then. There is me.

Obviously, I do not mind critiquing GCHQ very deeply, because, well. If they dare fuck with me, I can close down whatever projects I wish from them.

An advantage of being very high up on the America food chain.

But. I do not expect you to be a complete idiot, and you probably understand this.

We can cut to the chase. Or not.

Do you believe we have informed... England... of our next action, or not?

I mean, I am at a distinct disadvantage here. First of all. I have never worked for the US Government, nor do I now. But, I do know a guy in the SBS.

We have a mutual like for smoking pot.

Why would I lie.

Oh. And his sons are kind of important.

Any questions?

Because.......


Jeffrey Who Has Anxiety ProblemsJune 28, 2015 2:18 AM

Folks. I agree with Skeptical here. Only, I would go just a lil bit further. If you believe GCHQ should target you, well, they should target me. I hate to admit it, but I have run an SBS agent from their shore for a few years now. The dad of David Litchfield.

Gollee gosh, gee whiz. Bad man that I am.

Fuck with me.

Again I say...June 28, 2015 7:48 AM

Skeptical goes back to the laughingstock drawing board and furiously thinks up a new stupid idea. This one is, 'get over yourself, nobody gives a shit what you think' It came to him because he hears it all the time in his basement broom closet I mean office.

Unusually, there's a teeny weeny grain of truth in what skeptical says. Like, what could be more boring and pointless than this chump:

http://www.washingtonpost.com/posttv/world/national-security/post-archive-2001-profile-of-anwar-al-aulaqi/2011/09/30/gIQAKDDi9K_video.html?hpid=z1

http://www.nytimes.com/2001/10/19/us/nation-challenged-american-muslims-influential-american-muslims-temper-their.html?src=pm

Really, Who gives a shit? It's like Skeptical in a costume, blah blah blah shut the fuck up already. al-Awlaki. Zzzzzz.

But then some alcoholic FBI jerkoff whips himself into religious ecstasies with his Opus Dei whippy thing. He hears those anodyne boring ideas on TV; he gets a dull retarded inkling, then he straps his holy spiked ouchie on his hairy leg and prays so hard he sweats, till baby jesus throws him a bone of low-grade divine inspiration: 'Wow, that guy would make a great informant!'

So then this poor apple-polishing sap Awlaki gets gets framed for soliciting, twice - not with hot Ukrainian double-G sexbots but with fat ugly pigs - pigs meaning not merely unappetizing porkers but undercover cops, ugly as only female cops can be. Homelier and more insulting than Petraeus' honey trap. Before he even gets to drain the lizard. Then next thing you know he's knocking on doors, helping bewildered strangers recruit for jihad, lamer and more annoying than any jehovah witness. Then he's flying around making videos, boring the shit out of jihadis. Then, because they can't catch any real terrorists, CIA blows him up, Ka-FOOM.

Just goes to show, no matter how boring or jejune you are, no matter how pointless your piss-ant life, it could happen to you.

It could even happen to Skeptical.

BuckJune 28, 2015 10:49 AM

@Skeptical

Moreover, they are non-violent operations. If they can discredit a key leader urging a strategy of fomenting sectarian violence by committing atrocities, then good for them. If they can disrupt a criminal conspiracy by sowing distrust and discord among the conspirators, then good for them.
In short there is nothing illegal or unethical about what is contained in the documents.
The only way you get to something illegal and immoral is by taking the broadest implications of the Intercept article - namely that this is a group aimed at "manipulating public opinion" broadly, including peaceful dissidents.
Everyone knows that we can find boogeymen conspirators in each closet and all the beds we look under. Nobody cares about the Intercept's shitty reporting or whether or not whistle-blowers are a grave danger to the national security state... What we do give a shit about is the increasingly expensive and laughably ineffective countermeasures being applied to the threat of the day. They just end up breeding more threats, not to mention the wasted effort and resources that could be better spent on beneficial infrastructure developments.

everybodyJune 28, 2015 11:35 AM

Gaslighters Aren't Us


Good example: one forum we saw targeted engaged one individual who kept up multiple persistant "alpha male" personas.

That forum sounds like Schneier on Security...;-)

ModeratorJune 28, 2015 2:39 PM

@Iron Eagle, I have unpublished two of your recent comments that went beyond the pale. Also, @Jeff Who..., @franklin, @Can You Guess..., @All: Can we please keep the discussion civil and the "fucks" to a minimum.

e30g9i09g409iJune 28, 2015 3:59 PM

PSYOPS research has always been the most heavily guarded data by any government. You'll hear about DARPA testing engineered cancer on a US city populace long before you get details on PSYOPS research or implementations.

I'd actually bet senior analysts in the NSA can't even access the data..

I'd imagine there are at least some tools that have come from this given electronic mass communications are over a century old, and TV is half a century old, and marketing concepts date back thousands of years.. Governments spend insane amounts on black projects and it's not all USAF and satellites..

I doubt there are mind control weapons. It's probably just social psychology stuff that comes from a lot of clinical trial statistics and would be extremely easy to hide in mass communications..

SkepticalJune 28, 2015 4:21 PM


@Buck: What we do give a shit about is the increasingly expensive and laughably ineffective countermeasures being applied to the threat of the day. They just end up breeding more threats, not to mention the wasted effort and resources that could be better spent on beneficial infrastructure developments.

There's nothing in the documents to suggest that this could somehow cause more threats. If anything the goal seems to be to experiment with ways of defusing threats.

Let's take a forum where there there are individuals who express an interest in joining a terrorist organization, or who express a firm ideological agreement with those organizations. Now let's say that instead of setting up a sting operation, one is able to defuse that process of radicalization. How does one do that? The tactics described in the documents aren't the stuff of rocket science. One could establish a credible persona, develop rapport with others, while others on the forum who are recruiting for the terrorist organization might be discredited or undermined. And one could use that credible persona to advocate a different message - one that pushes that potential recruit away from violent criminal actions.

Now, you raise the question of effectiveness. It's a very fair one. It's also one that is impossible for us to even begin to assess without access to much, much more data. We don't know how this effort would fit with other lines of effort to achieve desired objectives, for example, which would be important to an assessment of its value. Obviously we don't know where or whether it has ever achieved any objectives, how it measured success, how it determined the impact of its actions, etc.

At worst, they're exploring using non-violent means to prevent persons from joining violent movements and to disrupt existing violent and criminal organizations. That's not a terrible thing.

J. AngletonJune 28, 2015 6:34 PM

@Again I say...

Priceless, man, priceless. There are a lot of bots, trolls, bottrolls and trollbots on here, but you _definitely_ ain't one of 'em. ^o^ AUTHOR! ^o^ AUTHOR! ^o^

NOTE TO FIVE EYES: Start injecting more darkly curmudgeonous smartassery to avoid detection.

GolgiJune 28, 2015 8:11 PM

@ Iron Eagle

"This is such a site where you might come under surveillance."

MAN, you write a lot. But u gave this site too little credit. Every reader is surveiled here. Every poster knows this.

BuckJune 28, 2015 9:32 PM

@Skeptical

There's nothing in the documents to suggest that this could somehow cause more threats. If anything the goal seems to be to experiment with ways of defusing threats.
I really doubt that more data would ever help us in this situation. With so many variables in constant flux, how long will we hold out hope for anything resembling reliably reproducible results in matters as complex as the human psyche?
At worst, they're exploring using non-violent means to prevent persons from joining violent movements and to disrupt existing violent and criminal organizations. That's not a terrible thing.
Yeah, what could possibly go wrong, right?

Well, I would posit the idea that people are generally kind to their neighbors... That the root cause of terrorism is actually a failure of chemical and psychological experimentation committed against potentially dangerous target populations -- all done in the name of security, of course... There's another kind of terrorism too though -- the one where well intentioned officers of various agencies step on each other's toes during sting operations gond bad. Be it because of funding battles and old turf wars or over the top compartmentalization, it's obviously all done in the name of security... Heck, in this context, it's essential that we spy on France and Germany! How ever else could the left-hand possibly hope to learn what the right-hand is doing and vice-versa..?

Admittedly, my theory is also impossible to prove, yet it isn't falsifiable either...

ZenzeroJune 29, 2015 5:53 AM


@Skeptical
"If anything the goal seems to be to experiment with ways of defusing threats."


I think it's a lot more then that when you also take this document of previous disclosures:

https://firstlook.org/theintercept/document/2014/07/14/jtrig-tools-techniques/

Some operations revealed:

“Change outcome of online polls” (UNDERPASS)

“Ability to artificially increase traffic to a website” (GATEWAY) and “ability to inflate page views on websites” (SLIPSTREAM)

“Amplification of a given message, normally video, on popular multimedia websites (Youtube)” (GESTATOR)

There's a virtual grab bag of active and some (at the time), in development tools. The small selection above show that they are used, planned, developed with a lot more the just small experiments aimed at defusing a threat.

It should be remembered that GCHQ/JTRIG need to be considered as a whole, looking at all available data, not just one point in the data set.

meJune 29, 2015 1:36 PM

England is truly lost. It's not even a controversial statement.

America... Despite the evidence piling up, I'm still in denial that they are post-constitutional. I have a sinking feeling though I'm going to hit F5 and ...

anonJune 30, 2015 5:51 AM

@Skeptical At worst, they're exploring using non-violent means to prevent persons from joining violent movements and to disrupt existing violent and criminal organizations. That's not a terrible thing.

Let's have a government agency manipulate public opinion, give them vast resources and let them operate in secret.

Surely, nobody will ever exploit this.

PokemonOctober 28, 2016 4:58 AM

Pokemon Standards

No Unicode Support in X-Windows or X11 http://xcpu.sourceforge.net

System-D in Linux - Described as the Rabbit Hole.

Attacking *DARPA* Secure Sockets Layer.

Weakening and backdooring ANSI Standards - Dennis Ritchie & Ken Thompson's Legacy!

Putting 3GP into LTE with Mikey!

Duel_EC_DRBG

Do there people realise these systems protect: "NUCLEAR POWER STATIONS?" along with "Strategic Missle Defence Systems?" is the fun of putting backdoors at the CPU and HDD level whilst engadging in insider trading and splashing broken standards everywhere "wearing thin?"

PokemonOctober 28, 2016 5:14 AM

Why Pokemon Standards?

Pokedex as of X & Y - Richard Stallman = Jiggly Puff!

No per-process name spaces in BSD or Linux - Bash programmed in ALGOL described by maintainers as *POISON*

Fortran, Java & C++ everywhere with deep-dynamic linking and famous LD_PRELOAD and .so dependency resolver problems.

Backdoor's - so much fun & so much fail in so much little time!

"We need to stop this" - Eric E. Schmidt

It'll harm inovation? No mention of the fact it'll cause "nuclear" melt down at power plants as well - bit like Samsung exploding phones!

PokemonOctober 28, 2016 7:06 AM

Do you know the REAL story behind the GNU?

One maintainer, insisted on using Fortran inside the Unix Kernel after Version 7

Then he didnt leave Bell-Labs to bring Unix to the world after writting a driver for his printer!

He was "EXPELLED!" For being a hi-jinx Joker!

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.