little monkey

elstel.org

by Elws. Starnight

Plans to Assassinate and to Kidnap Assange

Category: general,
Source: info,
Language: en,
Type:
new
.
According to Yahoo News the CIA had plans to kidnap Assange and bring him to the US where he would face trial. Under the Trump administration it was even thought to assassinate Julian Assange or other WikiLeaks members, more or less as vengance to the disclosure of the Vault 7 material, though some intelligence officials argue that this would have been illegal. The CIA sees Wikileaks as a non government intelligence agency and not as a news outlet. In deed Wikileaks helped Edward Snowden to get from Hong Kong to Russia. Pompeo also claimed that Wikileaks would have encouraged its followers to find jobs at the CIA. Wikileaks has gone from a target of collection to a target of disruption – as apparently also the author of elstel.org. This included paralyzing Wikileaks's digital infrastructure, disrupting its communications, provoking internal disputes within the organization by planting damaging information, and stealing WikiLeaks members’ electronic devices, according to three former officials. The author of this web page has previously reported about deleted emails and a stolen gpg card for elstel.org; not yet about stolen and returned safety copies of the DualSat solver and about people being threatened. Actions like this seem to be taken without proper justification: We reported in our last message that it would not have been possible to sue Assange without invented allegations because the New York Times published almost the same key material for the concerned cases. As it now turned out that there were plans to assassinate Assange this should stop his extradition to the US given reasonable assumptions about the independence of the justice system. The Russians had even plans to sneak Assange out of the Ecuadorian embassy and to bring him to Russia. The plans seem to have been thwarted by Western Intelligence even before a gunfight, a car crashing into that one of Assange or a forced halting of his plane before taking off – as all of what has been thought of to block him from getting to Russia. “A former U.S. national security official confirmed that U.S. intelligence had access to video and audio feeds of Assange within the embassy but declined to specify how it acquired them.”



Without Further Commenting

Category: general,
Source: info,
Link: about:blank,
Language: en,
Type:
new
.



Stop the Money Pipeline

Category: general,
Source: info, action,
Language: en,
Type:
new
.
From 31 October to 12 November 2021 the most important climate talks of the COP 26 since the Paris Agreement will take place in Glasgow, Scotland. Call on the US government to use its power as a financial regulator to reign in banks, insurance companies and asset managers and to use its power over the FED to stop climate chaos. They could restrict banks and other financial institutions from directly owning fossil-fuel or deforestation-causing commodities or businesses. They need to require investment advisors and fiduciaries to implement their clients’ value green choices, they need to include climate and financial stability conditions in Treasury- or Fed-backed emergency or stimulus initiatives. They could incorporate climate into stress tests and scenario analyses, green public lending and make sure pension funds divest to become fossil free. Neither could all the harmful tar sand pipeline projects move forward without financial backing guaranteed by the state. It is about all and nothing! You can read more about it at stopthemoneypipeline.com, as well as about Biden´s last and futurely demanded executive orders for finance. Also sign the demand directly addressed to president Joe Biden.



a̅tea v0.8.2 / gpg key of elstel.org stolen

Category: programs,
Source: SecuritySW,
Language: en,
Type:
update
.

A̅tea has been tested for verifying an XMPP/Jabber certificate. It turned out that --show-cert/--faaite-cert was not correctly implemented for non-RSA certificates: parse_pubkey tried to free a structure that was previously never allocated. The certificate serial is now not only printed as hex but also as decimal like it is displayed by the Gajim messenger. free_pubkey has been added to avoid a memory leak on certificate printout/display.

Today I have also noticed that my gpg-card used to sign the SHA512SUMS file has likely been stolen. If you have read point 6 of the epilogue of my master thesis as suggested in my previous rss message then you do already know that encrypting or signing with gpg does add no security in case of messages from/to elstel.org. I have still published a revocation for the key.




Pegasus: Morocco spied on Emanuel Macron — Compromised Hardware

Category: general,
Source: info,
Language: en,
Type:
new
.

It is a scandal that is second to none: Morocco is reported to have spied on the mobile phone of French President Emanuel Macron and some of his ministers, including Foreign Minister Jean-Yves Le Drian and the former head of government Édouard Philippe, using the surveillance software Pegasus from the Israeli company NSO Group. It is known that the President uses his cell phone to give instructions to his staff and ministers at any time of the day or night. Where do we go when a banana republic is given the tools to spy on the French state? The wiretapping of Angela Merkel's cell phone by the NSA was already a sufficient scandal. Morocco denies it, but the newspaper “Le Monde” gives us precise technical explanations for the claim.

Ultimately, we are all and will all be insecure as long as we allow our secret services to spend huge sums on the black market for security vulnerabilities. This also pays free software developers to build in security flaws instead of encouraging them to be avoided. In connection with DANE, we reported about a bug report at the Firefox browser that suggests that its developers have been bought by our secret services. Disaffected developers keep reporting to the Debian Security Newsletter and say that the development is introducing more security flaws than can ever be discovered and removed afterwards. The Firefox browser is still the best choice compared to Google Chrome, Apple Safari or Microsoft Edge, as it is the only one of these browsers that does not monitor the surfing of its users. If you use Linux, you can still protect yourself to a certain extent. But it is even worse with mobile phones, where you have to rely on the insecurely designed Android, because Ubuntu has more or less died out for mobile phones. With an app store that requires registration with the user's email address, one cannot be secure by principle. To be, you would have to be able to download the apps via Tor (“Darknet”, see also DANE). Among the big tech villains, Apple wants to stand out lately by automatically scanning private data for pictures and text messages: petition against it. Those who know that they are being monitored also behave more conformly: At first this was proven by the psychologist Gregory White and called the “Chilling Effect”. Even after the NSA revelations in 2013, we know that there was less search for content about terrorism and war. The Salzburger Nachrichten regards the NSO Group's surveillance by Pegasus as a restriction of the freedom of the press.

In the news it is always the US that gets particularly upset about cyber cracking activity. In fact, criminals as well as Russian hacker groups apply every attack vector leaked to the outside in practice. But one has to ask who has developed these weapons — and these are almost always US based agencies. Today criminals use attack methods that were once reserved to secret services. Countless companies have been victims of such attacks. But if we want secure systems, then gradual changes will not help us much. We need technology like automatic program verification along with clean, uncompromised hardware. For his diploma thesis, the author of this website worked on a technology that would be needed precisely for this: a SAT solver. In the epilogue of my diploma thesis (point 6) you can read how Western (in all probability US) secret services make a further development of my solver impossible and thus violate the author's freedom of science and employment.