-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/30/2015 04:02 PM, stef wrote:
and they host all the juicy bits on documents on documentcloud, requiring anyone interested to expose themselves. it is not possible to download the dumps anonymously in a simple zip file, you really have to use goddamn javascript.
this is totally unacceptable. when approached on this, you get very irritated answers, if at all. to say "this stinks" is an understatement. it's a goddamn trap.
I am not inclined to believe that a "simple zip file" can be downloaded anonymously, without employing extraordinary OpSec procedures that would incidentally render javascript useless for tracking purposes. Not if the adversaries in your threat model include any official agency of any of the FVEYE countries, or any of the major private contractors working with them. The network itself is the trap, with or without javascript, with or without obfuscation via TOR or etc. I would be much more concerned with the handling of those downloaded files on the local machine - if a trap is suspected, zero day exploits hidden in the files should be assumed. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWDat/AAoJEDZ0Gg87KR0LC94QAL39VlUBFSpnW8nuvMuA0aiW J6Qc3IbqulWNQAyvba8ISmAKpMrYRq3RHUF6ATWRNXRyG4UURS6SRRhTpw/WnYmv JgQzacPBR5NHEYMGXOh3pb/RZ4aKLFq7Jx3/y9jqkCHBfUCqouYmEmTS3wxaGeAj gWB4gMhSxcF5FvQGap9VUXTWJNUasrEd+Cl+1rlcxJY+2IJ0AkZgNdlXVfhJb7yD m115MLvmQFOdmMSTYGhA54rKReNepUc4PM8Wda9y0r+/MQpxlmx3A095z+QHqYfQ Fs/eiDGeYDmAOZy5SG/TZSGqxGUj6Yto+UfAu5nEt/4aBrMpgyd8qlg+cZquACoi ZIXqF09g/Jtaw6gZ2uBbXFI1Spiq3tT7lv3AnADhyAwRtjlquPNaTjgY/BckzavQ 5DSzYp9b52Fd5fsWzkhJ8SInG4wcGgPKjFJscWlTvMyvvmrzjRl1Ua6MqUnXG/b9 Z9L7K1S4qzOmcEGl05BtWIThPxZw4Tr6xQbQ08lbcMrpa8IBP2Eb1C778eULIU2m 37JCugF3FprRZvpymnpQIBVi9ly2S2Y1629YfJB/Zs0zCy0cd5u6XcqnLwELCdMR pM/J5AHJEyv1dPzAEaIGXPdxpkHuH1rtdAgeAM85FUt0UzsOc3rM9PdFQ8xKSV4D Mh58LWEHn2x8unlFYnJ9 =KVQL -----END PGP SIGNATURE-----