by fiddler
Following up on previous posts (here, here, here, here, and here):
HBGary Federal, Team Themis, Hunton & Williams and the US Chamber of Commerce:
- Aaron Barr, HBGary Federal CEO, who spearheaded the company's attempts to discover the identity of members of Anonymous and whose emails were exposed by Anonymous in return, resigned on Feb. 28. Barr said he wanted to spend more time with his family and recover his reputation. The article linked also points out poor security practices within the company, including a general disregard of the importance of using distinct and complex passwords -- perhaps something else Barr could work on in his spare time, now.
- Within a day of Barr's resignation, three House Democrats called for an investigation into law firm Hunton & Williams as well as HBGary Federal, Berico Technologies and Palantir Technologies, together known as Team Themis, who worked together to develop the proposal for the Chamber, according to the memos leaked by Anonymous. Leading the group was Rep. Hank Johnson (D-Ga), who wrote that the emails appeared "to reveal a conspiracy to use subversive techniques to target Chamber critics," including "possible illegal actions against citizens engaged in free speech."
From the letter, addressed to the chairs of the House Committees on Oversight and Government Reform, Judiciary, Armed Services and the Select Committee on
Intelligence:
We ask that your Committee immediately begin an investigation with hearings into the issues raised by recent reports alleging that three federal defense and intelligence agency datasecurity contractors, and a leading law firm, planned a “dirty-tricks” campaign that included possible illegal actions against citizens engaged in free speech.
A series of email messages recently published on the Internet indicates that defense datasecurity contractors HB Gary Federal, Palantir and Berico (collectively calling themselves “Team Themis”) and the law firm of Hunton & Williams planned a campaign to sabotage and discredit critics of the U.S. Chamber of Commerce, including U.S. Chamber Watch, the union federation Change to Win, the Center for American Progress, the Service Employees International Union and other organizations.
The published correspondence appears to reveal a conspiracy to use subversive techniques to target Chamber critics. The techniques may have been developed at U.S.government expense to target terrorists and other security threats. The emails indicate that these defense contractors planned to mine social network sites for information on Chamber critics; planned to plant “false documents” and “fake insider personas” that would be used to discredit the groups; and discussed the use of malicious and intrusive software (“malware”) to steal private information from the groups and disrupt their internal electronic communications. Given evidence of their proposal to infiltrate computer systems, discredit and disrupt the operations of U.S. advocacy groups, Team Themis and Hunton and Williams may have conspired to carry out or previously carried out actions in violation of federal law, including:
• Forgery under 10 USC §923
• Mail and Wire Fraud under 18 USC §1341 and 18 USC §1343
• Fraud and Related Activity in Connection with Computers 18 USC §1030
The possibility that any one of these crimes was committed warrants investigation. It is deeply troubling to think that tactics developed for use against terrorists may have been unleashed against American citizens.... At a minimum, we submit that the Committee may wish to obtain any correspondence and documents from the parties concerning the planned campaign and any other similar activities, including the government contracts under which the contractors in question have been paid millions of dollars....We must guarantee not just free spoken, print and broadcast media but unfettered Internet and electronic communication as well. Citizens who exercise their rights should not be the victims of illegal and insidious electronic attack any more than peaceful protestors should be the victims of intimidation or physical violence.
By March 6, 20 House Democrats had agreed to push for an investigation, which is unlikely to take place because of Republicans' own ties to the US Chamber of Commerce. During the 2010 election cycle, the US Chamber donated $23,500 to Republicans running for House seats and $65,500 to Republicans running in the Senate, as opposed to only $7,000 for House Democrats and $5,000 for Senate Democrats. The US Chamber also donated $23,000 to mostly Republican PACs; the organization's fundraising, much of which apparently was conducted through local branches here and abroad, raised questions of campaign funding propriety.
- Stop the Chamber and Velvet Revolution, two of the groups the US Chamber had targeted in its anti-criticism campaign, have filed a professional conduct complaint against Hunton & Williams with the D.C. Office of Bar Counsel at the Bar Association. The complaint seeks to have the attorneys disbarred for violations of the rules of professional conduct:
John W. Woods, Richard L. Wyatt Jr., and Robert T. Quackenboss are members of the District of Columbia Bar and employed by the firm, Hunton & Williams (“H&W”) in its Washington, D.C office. These lawyers, on behalf of their client, the United States Chamber of Commerce (“COC”), engaged, as the evidence below demonstrates, in an extended pattern of unethical behavior that included likely criminal conduct. Specifically, they solicited, conspired with and counseled three of its investigative private security firms to engage in domestic spying, fraud, forgery, extortion, cyber stalking, defamation, harassment, destruction of property, spear phishing, destruction of property, identity theft, computer scraping, cyber attacks, interference with business, civil rights violations, harassment, and theft.
In short, this unethical and criminal conduct involves “dishonesty, fraud, deceit, or misrepresentation” which violates the Rules of Professional Conduct, and undermines the rule of law, respect for the law and confidence in the law. Incredibly, as this conduct occurred from November 2010 through February 2011, in dozens of calls, emails, proposals, meetings and conferences, none of the H&W lawyers ever expressed any reservation or doubt about the unethical conduct proposed and committed by their investigators. In fact, they actively solicited and approved everything that was proposed and presented....
- In another matter arising from the leaked memos, an intellectual property attorney named Sean F. Kane apparently approached HBGary for help in "spiking" internet criticism of his client "by any means necessary". (original email at second link) There is no record at WikiLeaks of a reply to this, and Kane has made no comment on the matter. This makes me wonder whether HBGary had a reputation for "by any means necessary" action for other small, non-corporate and non-governmental clients, and what that might have included.
- According to more leaked memos, HBGary Inc. was also working on a new, undetectable and non-removable kind of Windows rootkit, which would allow an outside computer to take over a Windows computer and use its resources without the knowledge of the Windows computer's user. The project was named Magenta, and was forwarded to Ray Owen, president of Farallon Research LLC, a company whose mission is "to connect advanced commercial technologies and the companies that develop them with the requirements of the U.S. government." The company is located in San Francisco and northern Virginia -- and that's all the information available on them at their website, other than a nicely drawn map of the Farallon Islands.
This isn't the first time HBGary has created backdoors for the government. As well as working on backdoors with General Dynamics, the company created its own rootkit package years ago, which it made available for sale to customers. I am not a computer programmer; someone with more computing background might be interested in checking out that link and commenting on what it contains and the implications of this.
The Twitter Case:
On March 11, U.S. Magistrate Judge Theresa Buchanan issued an opinion for the government and against privacy in deciding that the Justice Department should have access to information on people associated with Wikileaks who have Twitter accounts. The judge denied any assertions of privacy claimed by the Electronic Freedom Foundation and the American Civil Liberties Union:
Buchanan rejected each of the arguments in quick succession, saying that there was no First Amendment issue because activists "have already made their Twitter posts and associations publicly available." The account holders have "no Fourth Amendment privacy interest in their IP addresses," she said, and federal privacy law did not apply because prosecutors were not seeking contents of the communications.
So, because the tweets are public, the accounts, private messages and information associated with them aren't private? Or the people with whom one communicates in private messages? Or the locations of those people, or their associations with others? At what point does private information begin? And isn't this just more of an unending fishing expedition to find something for the government to use against Julian Assange, or some way to connect him with PFC Bradley Manning?
The EFF and the ACLU plan to appeal the decision. The DOJ wanted information on the locations and persons involved in private messaging with the following accounts: Birgitta Jónsdóttir, a member of the Icelandic parliament; Seattle-based Wikileaks volunteer Jacob Appelbaum; and Dutch hacker and XS4ALL Internet provider co-founder Rop Gonggrijp. Information was also sought on Assange and Manning, suspected Wikileaks source, but neither of them were plaintiffs in this suit.
Anonymous:
- According to Ars Technica, Anonymous says it hasn't been bothering HBGary since the release of the memos; it's busy elsewhere. HBGary has apparently continued to be the subject of harassment by someone claiming to be part of Anonymous, who sends snide memos about the company's security (or lack of it.)
- Forbes blog interviews the 16-year-old girl who hacked HBGary, or someone who says she is.
Barr said he wanted to spend more time with his family and recover his reputation.
Good luck with that second part.
Posted by: joel hanes | March 16, 2011 at 05:42 PM
Considering that at least one of the hacked emails is from Barr's wife, threatening divorce, it's possible his family doesn't really want to spend more time with him.
Posted by: Fiddler | March 16, 2011 at 09:12 PM
didn't he mean "recover from his reputation"?
Posted by: bobbyp | March 16, 2011 at 09:33 PM
Yeah: and House Republicans will take up this complaint against the CC about the same as they publicly disavow Andrew Breitbart and James O'Keeffe.
Or more likely, find some way to kill the former while holding up the latter as sterling exemplars of bold, crusading "journalism". Anonymous, of course, being mere vulgar "hackers".....
Posted by: Jay C | March 16, 2011 at 10:07 PM
splendid.
thanks for posting this fiddler.
Posted by: russell | March 16, 2011 at 10:15 PM
So, because the tweets are public, the accounts, private messages and information associated with them aren't private? Or the people with whom one communicates in private messages? Or the locations of those people, or their associations with others? At what point does private information begin?
Regarding this - IANAL but here is my understanding.
For most electronic communications - phone, email, web - information about who you communicated with, when, etc., is considered to be public, and therefore not protected.
Likewise, information held by a third party such as an ISP is generally considered to be public, and therefore not protected.
What's considered to be protected is the *content* of the communication. What you said, but not who you said it to, or when, or who else they spoke to, etc.
Not sure about personal information associated with accounts.
The general analogy is to postal mail, where whatever is on the envelope is fair game, but the letter inside is protected.
Sorry for no links, time at the moment is short, but if you google up "pen register" you should find the relevant information.
If I have time later I will add some links.
Posted by: russell | March 17, 2011 at 08:47 AM
This is such an overused reason that I don't know why people who are actually doing that would bother with it.
That's a really interesting theory. I'd like to hear more explanation on exactly how this influence gets exerted. I would be surprised if USCOC makes the top 100 donor list of any congressional candidate.
Posted by: Slartibartfast | March 17, 2011 at 10:21 AM
I'm guessing the response will be more like: "you've got to be kidding me". $65k, removed from the collective coffers of Republicans, would hardly be noticed. It's a gnat-bite compared with the (for instance) nearly $4 million given to congressional Democrats by the AAJ (formerly known as American Association of Trial Lawyers), or the $3 million given by the American Bankers' Association (two-thirds to Republicans), just picking a couple of big hitters.
Compared to Koch Industries donations, USCoC is nearly invisible.
Posted by: Slartibartfast | March 17, 2011 at 10:37 AM
I would be surprised if USCOC makes the top 100 donor list of any congressional candidate.
In 2010, you are correct. In earlier election cycles, USCOC shows up as not just in the top 100, but as *the* top contributor in a number of races.
If you go to <http://www.opensecrets.org>Open Secrets and search for "chamber of commerce", you'll find it. I'd add a link but the URL from the search request is hideous.
Where they do show up in 2010 is as a major funder of electioneering communications, which is basically issue advocacy in a major media market during an election cycle that does not explicitly support one candidate or another. They spent about $31M in 2010.
Their major influence, however, is in direct lobbying of sitting Congresspeople. Here is a good discussion of USCOC activities. Here is a breakdown of USCOC lobbying expenditures in 2010 ($130+ million, as compared to their $31M in electioneering).
They make a big dent.
Posted by: russell | March 17, 2011 at 10:57 AM
Sorry, Open Secrets. Forgot to link it above.
Posted by: russell | March 17, 2011 at 10:58 AM
If I were to write that various organizations like unions who skew largely Democratic spent $14.67 in total on behalf of Democratic candidates compared to the $5.32 in total for Republican candidates during this last election cycle, I don't think that would fly, with or without dead links.
Think .... political ads.
Think ......... the Rove and Armey organizations' undisclosed contributors.
Think ... as the Deepthroat character in "All The President's Men" might counsel from the shadows in a parking garage .... bigger.
Think ... Google.
The CC's giving vein had more numbers to the left of the decimal point than presented in Fiddler's post.
Posted by: Countme--In | March 17, 2011 at 11:01 AM
Think ......... the Rove and Armey organizations' undisclosed contributors.
Correct.
Due to the specifics of how they are incorporated, USCOC is not required to disclose donors, and they *DO NOT* disclose donors. And the lion's share of their funding comes from a very small number of donors with very deep pockets.
In 2008, frex, almost half of their funding came from 45 donors, here.
The USCOC *is not* the same organization as your local Chamber of Commerce. They are primarily funded by, and they represent, very large, national to international scale corporations. Some of those corporations are domestic, and some are foreign.
They vigorously resist efforts to require them to disclose donor information, and what is known about their donor list is primarily known through the efforts of folks who scour the corporation's own tax records. The donor is required to disclose information about who they donate *to*.
slarti is correct, the five-figure amounts they donate directly to individual campaigns is pocket change. But that's not where the USCOC is most active. That's not really their game.
Posted by: russell | March 17, 2011 at 11:14 AM
I didn't consider that, russell; thanks. Probably that ought to have been the point to make, instead of the measly tens of thousands mentioned in the main post.
Interesting that all of the top 501c donors are Conservative.
Posted by: Slartibartfast | March 17, 2011 at 11:20 AM
I need help. In order for me to be persuaded that my information retrieval and thinking processes are deeply flawed, I need to gain an understanding of how those who always reach correct conclusions, accessing the same broad information flows that I have access to and using similarly endowed and constructed mental processes, get there. I kinda know that it must relate to accepting only correct and accurate information and rejecting incorrect and inaccurate information. How does one acquire such a skill?
Or is it a fact those few people are so nearly perfect that they are correct almost all of the time.
It still seems to me that the secret to reach the objective would be to continue working to impart the correct political views to those who are failing rather than shutting off the flow of information from those sources that promote the incorrect views or vilifying
the people who hold incorrect views.
Substitute good and bad, good and evil, appropriate and inappropriate, or other suitable pairs for correct and incorrect.
Posted by: GoodOleBoy | March 17, 2011 at 11:40 AM
When I linked the amounts given by the US Chamber to specific recipients, I was thinking more along the line that those individuals might be enough to stop any investigation of the Chamber. I realize the amounts are pocket change -- but isn't it possible that by giving pocket change to those individuals, the US Chamber is obviously staking out an interest in the way these Congresspeople vote and act? A sort of "we side with them, so they'd better side with us because we have influential friends"?
In general, Congresspeople don't like to be seen voting or acting against their supporters, especially big-name supporters.
The Chamber does have immense influence besides their donations -- their public ratings of members of Congress are a strong indicator of each member's positions on business and, because of the Chamber's conservative bent, on other conservative issues. Their rating is one of the ten used throughout National Journal's Almanac of American Politics, which profiles every individual in Congress, and which is serves as a standard political science reference.
Some links: From Project Vote Smart, US Chamber ratings for the current Congress;
US Chamber How They Voted page for 2007-2009, with a link to obtain paper copies of earlier ratings; US Chamber's page on how the House voted on 18 issues in 2008, including their explanation of their ratings.
Posted by: Fiddler | March 17, 2011 at 11:52 AM
If that's true, then the even larger amounts that everyone receives from multiple other donors exert even larger leverage, doesn't it?
I don't think the direct contributions are, in and of themselves, anything remarkable. I think russell makes a more sticky point.
Posted by: Slartibartfast | March 17, 2011 at 01:06 PM
russell, it's difficult to quantify or make concrete what the US Chamber may have done with Rove and Armey, since the support is undisclosed. It's possible that the Chamber has its fingers in a multitude of undisclosed political maneuverings -- but where would you find data on them? If they're undisclosed, they're unquantified; they're not available for comparison or review. I did look for other evidence of the Chamber's political activities, but didn't find anything quotable; maybe I wasn't looking in the right places. Any suggestions?
Posted by: Fiddler | March 17, 2011 at 01:50 PM
slarti, the last comment is for you too -- where else would you look for solid information on the Chamber's political influence?
Posted by: Fiddler | March 17, 2011 at 01:51 PM
russell, it's difficult to quantify or make concrete what the US Chamber may have done with Rove and Armey, since the support is undisclosed.
Yes, I agree. My comment was not to claim collusion between USCOC and Rove et al, but was basically expanding on Countme's "Think of..." comment.
USCOC, like Rove's organization, does not disclose donor names, and as a result attracts money from folks who would prefer to remain anonymous.
Thanks for raising the issue and providing a chance to clarify.
Posted by: russell | March 17, 2011 at 02:12 PM
Goodoleboy, I'm not sure how your comment relates to this post. Would you be willing to clarify a bit?
Posted by: Fiddler | March 17, 2011 at 10:13 PM
So, because the tweets are public, the accounts, private messages and information associated with them aren't private? Or the people with whom one communicates in private messages? Or the locations of those people, or their associations with others? At what point does private information begin?
So if somebody sends a letter to the editor of a newspaper via the U.S. Mail every bit of their private correspondence and their personal records are subject to seizure by the government?
Posted by: RAM | March 17, 2011 at 10:54 PM
'Goodoleboy, I'm not sure how your comment relates to this post. Would you be willing to clarify a bit?'
I was roused by the references to fund-raising and political donors, which somehow seem to make their way into most ObWi posts or comments. Your next comment then went back to that topic, although it seems to be a minor theme in the post.
'When I linked the amounts given by the US Chamber to specific recipients, I was thinking more along the line that those individuals might be enough to stop any investigation of the Chamber. I realize the amounts are pocket change -- but isn't it possible that by giving pocket change to those individuals, the US Chamber is obviously staking out an interest in the way these Congresspeople vote and act? A sort of "we side with them, so they'd better side with us because we have influential friends"?
In general, Congresspeople don't like to be seen voting or acting against their supporters, especially big-name supporters.'
I have no quarrel with this point, but is it really any different than President Obama's bending over backwards for his labor union contributors in the auto industry bailouts? It is we side with them so they better side with us - it just depends which side you are on.
I'm getting really old, so maybe my brains are scrambled. Sorry if the comment is not relevant to the post.
Posted by: GoodOleBoy | March 18, 2011 at 09:55 AM
ROFL at the idea that the auto industry bailouts were for the benefit of the UAW and not, say, the board of directors of General Motors.
Posted by: Phil | March 18, 2011 at 10:22 AM
is it really any different than President Obama's bending over backwards for his labor union contributors in the auto industry bailouts?
I'm trying hard to imagine a world in which unions leaders believe that Obama is bending over backwards to serve their interests. Aside from the complete failure to pass card-check legislation despite Democratic control of the House, Senate, and Whitehouse, there's been plenty of indications that unions aren't exactly thrilled with the administration.
But I see Phil has made the same point better. Just like bailing out Greece and Ireland has a lot more to do with bailing out the German and French banks that had made foolish loans to Greek/Irish institutions, bailing out GM had a lot more to do with the interests of financial titans than it did with autoworkers.
Posted by: Turbulence | March 18, 2011 at 10:38 AM
I have no quarrel with this point, but is it really any different than President Obama's bending over backwards for his labor union contributors in the auto industry bailouts?
Let us, for the sake of argument, concede this pointless tu-quo-qua point. Please do stack up labor's legislative and regulatory wins against the business community's in the last 35 years. Who has won? And why?
You know, even if a bad player has nearly all the chips in the game, most of the time they will bust the small fry. All other things being equal, it's a near certainty.
Posted by: bobbyp | March 18, 2011 at 09:01 PM
More excellent work, Fiddler. Thanks!
Posted by: Gary Farber | March 19, 2011 at 12:17 PM
Whoops, meant to post here: This is a great story.
Used to be Bill Gibson/Bruce Sterling, now Charlie Stross, and so many other's, stories, but that's our modern life in cyberspace.
Meanwhile, other friends still ask me what a blog is. And many of you don't follow Twitter. And then there's the NEW stuff. :-)
We trot towards Greg Egan every day.
Yes, Greg Egan.
I FBed and Tweeted your post, Fiddler. :-)
Posted by: Gary Farber | March 19, 2011 at 12:50 PM