Possible SigInt Metadata Dump Files Circulating
Some huge *meaning close to exobyte size* data sets are circulating in storage clouds this last week, appear to be snapshots of signals intelligence metadata including vector tracking of signals targets (possibly cell phones based on movement vectors) and cross-associated metadata for their communications. Indications are that these are recon signal dumps of the american sigint system loaded by a major organized crime syndicate and cover most of last year. There is also a set of organic tracking signals, assumably covert agent communications, and another set that appears to be all American and European cash money transactions(???).
Wilfred Guerin wrote:
Some huge *meaning close to exobyte size* data sets are circulating in storage clouds this last week, appear to be snapshots of signals intelligence metadata including vector tracking of signals targets (possibly cell phones based on movement vectors) and cross-associated metadata for their communications. Indications are that these are recon signal dumps of the american sigint system loaded by a major organized crime syndicate and cover most of last year. There is also a set of organic tracking signals, assumably covert agent communications, and another set that appears to be all American and European cash money transactions(???).
Links to more info? Are these intended to be public, or some kind of config failure?
Files are standard DB Table dumps (packed) loading from a cluster of VPNs from torrent and NAS protocols through central europe (entry providers are all in privacy-sensitive countries) and intended to be a distributed database service; there is simply nothing big enough to handle this onload directly. (at 120+gbps bursts) Some of the services are posting public torrent data and open sql database access. Table files are set up as redundant master with cross-population and standard distribution techniques. Some of the tracking data appears to have 1 inch resolution target vectors. On Wed, Jun 10, 2015 at 8:52 AM, Griffin Boyce <griffin@cryptolab.net> wrote:
Wilfred Guerin wrote:
Some huge *meaning close to exobyte size* data sets are circulating in storage clouds this last week, appear to be snapshots of signals intelligence metadata including vector tracking of signals targets (possibly cell phones based on movement vectors) and cross-associated metadata for their communications. Indications are that these are recon signal dumps of the american sigint system loaded by a major organized crime syndicate and cover most of last year. There is also a set of organic tracking signals, assumably covert agent communications, and another set that appears to be all American and European cash money transactions(???).
Links to more info? Are these intended to be public, or some kind of config failure?
You don't keep 120+gbps running without some government backing you. I can only think this is some sort of major political statement, by some people with significant political (and real) capital to spend. Who's got the influence and money to do this, and why? I can only imagine it's some sort of reaction to the USA freedom act. So if you think your data collection system might now be illegal, do you open source it because it'll spill the beans on the banksters who double-crossed you? Regardless of why, how do you manage data integrity of such a large dump so you are not looking at intentionally manipulated data? On Wed, Jun 10, 2015 at 09:17:59AM -0400, Wilfred Guerin wrote:
Files are standard DB Table dumps (packed) loading from a cluster of VPNs from torrent and NAS protocols through central europe (entry providers are all in privacy-sensitive countries) and intended to be a distributed database service; there is simply nothing big enough to handle this onload directly. (at 120+gbps bursts) Some of the services are posting public torrent data and open sql database access. Table files are set up as redundant master with cross-population and standard distribution techniques. Some of the tracking data appears to have 1 inch resolution target vectors.
On Wed, Jun 10, 2015 at 8:52 AM, Griffin Boyce <griffin@cryptolab.net> wrote:
Wilfred Guerin wrote:
Some huge *meaning close to exobyte size* data sets are circulating in storage clouds this last week, appear to be snapshots of signals intelligence metadata including vector tracking of signals targets (possibly cell phones based on movement vectors) and cross-associated metadata for their communications. Indications are that these are recon signal dumps of the american sigint system loaded by a major organized crime syndicate and cover most of last year. There is also a set of organic tracking signals, assumably covert agent communications, and another set that appears to be all American and European cash money transactions(???).
Links to more info? Are these intended to be public, or some kind of config failure?
-- ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash
Here are some specifics on the data types, surprises, and questions: Originating party requested data services that were 100% onload guaranteed, specifically indicating source as an analogue signal digitisation system that did not have sufficient buffer capacity. Initial requests were for linear buffer but then changed to block file storage and public NAS capability. A similar request for SQL or distributed database storage in cloud hosting was also fielded by many services. Data structures are standard floats in spherical coordinates for 4D vectors, include some reference table indexes in most of the formats, and have some distinct ranges in a "small" selection of sample data: Time is offset (not unix) close to a western military standard but varies in density. Precision of Floats in 3D vector is trimmed, indicating a specific physical resolution. One of the electronic signal log files includes a standard signal characteristic for antenna direction in addition to location vector, typical of cell and e-war systems. Also includes values that may be rate of signaling or CPU processor speed(?). Most of the data uses index values, range is linear 0..count. Some of the data uses both an index and unique identifier, another set uses a large bit scope value assumed to be a hash, but its structure has been identified as a structured tree, possibly a known standard (described below) For each structure type, there are additional values related to the signal characteristics and some indexing/classifier but none related to a identifiable pattern other than sequentially loaded index tables. We are very concerned about the consistency of the data, one must assume that a full SPOOF is possible with calculated generation, however some selections map accurately into adjusted-coordinate 3D structures such as office buildings, houses, and viable speed tracking on highways. A party with direct access is preparing maps. Our interest is to prepare distributed processing techniques to consolidate rendering of the entire snapshot. One set is obviously electronic device data, another is most likely EM(?) tracking of coin and currency objects, another includes more precise vectors and a large unique identifier value and is extremely concerning. There is no statistical anomaly of missing data per region (coverage of entire planet), the density of records is consistent and in all small selections the data has high correlation with physical locations including terrain and structures, aircraft routes, highway speeds, and typical patterns at an accuracy that would require the same knowledge to artificially generate. More importantly: The coin & currency tracking data maps FAR TOO CLEARLY into reasonable commerce patterns, coins into and out of *registers*, bank trucks and storage. Without a full 3d model and a huge computational effort to simulate global commerce, it is more likely that a high precision radar system or sigint capability is actually tracking these targets. The large bit scope and header reference of one data set is especially concerning: 10-12 billion unique identifiers using standard genetic expression encoding values in tree form and a related signal characteristic profile. Tracked at 0.25m resolution. With signals. Log density may be due to AD sampling resolution. Data is historical, mid-year 2014. On Wed, Jun 10, 2015 at 10:37 AM, Troy Benjegerdes <hozer@hozed.org> wrote:
You don't keep 120+gbps running without some government backing you.
I can only think this is some sort of major political statement, by some people with significant political (and real) capital to spend.
Who's got the influence and money to do this, and why? I can only imagine it's some sort of reaction to the USA freedom act.
So if you think your data collection system might now be illegal, do you open source it because it'll spill the beans on the banksters who double-crossed you?
Regardless of why, how do you manage data integrity of such a large dump so you are not looking at intentionally manipulated data?
On Wed, Jun 10, 2015 at 09:17:59AM -0400, Wilfred Guerin wrote:
Files are standard DB Table dumps (packed) loading from a cluster of VPNs from torrent and NAS protocols through central europe (entry providers are all in privacy-sensitive countries) and intended to be a distributed database service; there is simply nothing big enough to handle this onload directly. (at 120+gbps bursts) Some of the services are posting public torrent data and open sql database access. Table files are set up as redundant master with cross-population and standard distribution techniques. Some of the tracking data appears to have 1 inch resolution target vectors.
On Wed, Jun 10, 2015 at 8:52 AM, Griffin Boyce <griffin@cryptolab.net> wrote:
Wilfred Guerin wrote:
Some huge *meaning close to exobyte size* data sets are circulating in storage clouds this last week, appear to be snapshots of signals intelligence metadata including vector tracking of signals targets (possibly cell phones based on movement vectors) and cross-associated metadata for their communications. Indications are that these are recon signal dumps of the american sigint system loaded by a major organized crime syndicate and cover most of last year. There is also a set of organic tracking signals, assumably covert agent communications, and another set that appears to be all American and European cash money transactions(???).
Links to more info? Are these intended to be public, or some kind of config failure?
-- ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop
Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash
More importantly: The coin & currency tracking data maps FAR TOO CLEARLY into reasonable commerce patterns, coins into and out of *registers*, bank trucks and storage. Without a full 3d model and a huge computational effort to simulate global commerce, it is more likely that a high precision radar system or sigint capability is actually tracking these targets.
*coins*? I could imagine RFID-type tracking of bills. What I can't imagine is how you'd ever manage to track metal coins in and out of a cash register, unless the *register* itself has embedded analog signint pre-processing. If it's worldwide, I can only imagine consistent data if acquired by satellite, so it's got to be some frequency that propagates relatively well, with some sort of passive radar[1] type mechanism? Or is this why all cell phones have FM receivers now?[2] [1]http://www.defenceandsecurity-airbusds.com/en_US/web/guest/passive-radar-fro... [2]http://www.opb.org/about/connect/mobilefm/
Just to check if I'm getting this correctly: There's an immense amount of sigint data that's (being) leaked into public infrastructure - and wilfred@vt.edu is telling us about it? Can we access this data **? How is Wilfred knowing of this, and allowed to speak of it? Why not speak of the onloader's identity? Tracking cash currency is certainly interesting from many standpoints... actually doing it seems outrageous. Leaking this data intentionally is extremely outrageous - no matter the target's value the laundering can not warrant the backlash. As a politically minded shake-up-leak, this one is the most daring so far, and would most likely be the most effective at dismantling the espionage engine. It almost seems too good (and in a way terrifying*) to be true... Is dear Wilfred pulling our legs? How would we know at this point? Assuming truth.. please validate known NSA locations and other US-secret areas. If the dataset is manipulated at all - and one would assume that it is - it should exclude sensitive persons first. Sensitive persons should hang out near sensitive person areas - if the sensitive person area's are less full than they should be.... Think Obama sitting in the white house and going home, think the first family, think area 51, think coins not being attached to people properly. Note that notable persons may be falsified, so ideally one would find an atypically understaffed military base or something of the like. Perhaps an agent/secret-base that was exposed? All those that entered an Internet-tap-room in a datacenter? Military ships' crewmen? If such data-gaps are found/indicated, compare it to other nations and you'll know which who's data you're receiving (although everyone understands it'd probably be the USGOV/NSA). Wilfred, are you publishing this to prevent the data just disappearing? * I'd actually really like to know where I've been in the past, and I know *they *know but won't tell me. And the amount of exceedingly valuable scientific (census) data one could parse from such a database.... Still, we'd move rather suddently from panopticon to omniopticon (a term I thought of to describe "everyone watches everything" instead of "they watch everything". I know it's not a flawless name but it works). ** I realize there's no way we're going to store or transfer this much data - but there should be something that can be done to preserve this dataset!
Some of my thoughts:
Tracking cash currency is certainly interesting from many standpoints... actually doing it seems outrageous. Leaking this data intentionally is extremely outrageous - no matter the target's value the laundering can not warrant the backlash. As a politically minded shake-up-leak, this one is the most daring so far, and would most likely be the most effective at dismantling the espionage engine. It almost seems too good (and in a way terrifying*) to be true...
I have some idea the truth will be both far from what we think it is, and, depending on who you are, far more terrifying. Let's imagine your an espionage guy, and you have clear evidence of something the world needs to know. Like say that those high-frequency trading 'bugs' were actually backdoor cash payments/bribes, which is my favorite conspiracy theory. Now you have a clear indication that the guys you know are making bribes are off bribing the right people to make a political shitstorm that will dismantle the most beautiful technological achievement you've ever seen or heard of in history to root out bad guys and corruption. Okay, granted, maybe I'm giving too much credit for idealism. But what the hell else are we here if not a bunch of idealists? Besides, I think the above is just as plausible as a global currency-tracking sigint engine that's not a blockchain.
Is dear Wilfred pulling our legs? How would we know at this point?
By getting some archives of the data, and studying it.
* I'd actually really like to know where I've been in the past, and I know *they *know but won't tell me. And the amount of exceedingly valuable scientific (census) data one could parse from such a database.... Still, we'd move rather suddently from panopticon to omniopticon (a term I thought of to describe "everyone watches everything" instead of "they watch everything". I know it's not a flawless name but it works).
Hell, if I could tape a few dollar bills to my planter and get free 1-inch location tracking, this would substantially increase agricultural productivity world-wide, as well as tracking & logistics. Why bother with package tracking when you just tape a dollar on the outside? We've already got an opticon, let's make the best of it and have it be an omniopticon, and figure out how the hell to live with it.
** I realize there's no way we're going to store or transfer this much data - but there should be something that can be done to preserve this dataset!
The physics community built a global network to handle data coming from CERN. The network and the computers are all there. The hard part will be convincing physicists that discovering the true nature of money & surveillance is more imporant than the true nature of the higgs boson, at least for a few weeks. http://wlcg.web.cern.ch/ What's the data rate of this sigint thing? Does it exceed 30 Gigabytes/sec? What are the chances we could just pick it up with a decent software defined radio? Or is someone just baiting us to do some free work for their next dystopian summer blockbuster movie? -- ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash
About Time: The signals data is contained in a conventional EM loop, typical of 1960s design as implemented in most terrestrial and satellite reconaissance systems. The clock increment of the signal and a 3rd party note explain how the digitisation process work, they have found the original EM signal. EM CRT tubes operating in mid X-Ray band with a closed loop and frequency increment per time (linear or step) can replicate the entire 2Thz civilian EM signals band in an X carrier AND copy the prior signals a thousand times over for a thousand years. (0.88s geostationary circular, 0.133s earth circumference [potential strong indication of physical design and loop locations]) see: Maxwell-Tube-Cyclotron, typical EM X-Ray beam physics, and a huge missing assortment of published data on signals in any higher frequency band than light over the last century. The originating party apparently has the ability to retool their EM signals coding system electronics, and have updated their design multiple times in the sequence of snapshots this last week. This is why you are not allowed to use the green-blue bands of fiber optic conductor except in military applications and on-site networking. (visible light bands are at 420Thz-800Thz, typical (IR+) fiber is less than 2Thz) Even with poor carrier band packing and perhaps a few thousand full spectrum EM reconaissance sources at any time (0hz..400Thz), either by full carrier replication or indexed frequency carrier per time in a loop/ring, this system assumably has many decades of reconaissance data. Obviously it is time buffered, as they are pulling last years' data out now. No indication where the ring is, size of structure (aside from these time increments), or how complex a grid or mesh it may be. (signal distribution) You can make these tubes at home, similar to the coil on the back of your broken television. WARNING X-RAY AND HIGH FREQUENCY RADIATION! ;) -- data is currently exiting .de/ams and south america into P2P clusters in 2GB blocks. --- "X-Rated: Not for Viewing in Any Theater of War." (typical western classification code for similar technologies...) On Wed, Jun 10, 2015 at 12:00 PM, Wilfred Guerin <wilfred@vt.edu> wrote:
Here are some specifics on the data types, surprises, and questions:
Originating party requested data services that were 100% onload guaranteed, specifically indicating source as an analogue signal digitisation system that did not have sufficient buffer capacity. Initial requests were for linear buffer but then changed to block file storage and public NAS capability. A similar request for SQL or distributed database storage in cloud hosting was also fielded by many services.
Data structures are standard floats in spherical coordinates for 4D vectors, include some reference table indexes in most of the formats, and have some distinct ranges in a "small" selection of sample data:
Time is offset (not unix) close to a western military standard but varies in density.
Precision of Floats in 3D vector is trimmed, indicating a specific physical resolution.
One of the electronic signal log files includes a standard signal characteristic for antenna direction in addition to location vector, typical of cell and e-war systems. Also includes values that may be rate of signaling or CPU processor speed(?).
Most of the data uses index values, range is linear 0..count.
Some of the data uses both an index and unique identifier, another set uses a large bit scope value assumed to be a hash, but its structure has been identified as a structured tree, possibly a known standard (described below)
For each structure type, there are additional values related to the signal characteristics and some indexing/classifier but none related to a identifiable pattern other than sequentially loaded index tables.
We are very concerned about the consistency of the data, one must assume that a full SPOOF is possible with calculated generation, however some selections map accurately into adjusted-coordinate 3D structures such as office buildings, houses, and viable speed tracking on highways. A party with direct access is preparing maps. Our interest is to prepare distributed processing techniques to consolidate rendering of the entire snapshot.
One set is obviously electronic device data, another is most likely EM(?) tracking of coin and currency objects, another includes more precise vectors and a large unique identifier value and is extremely concerning.
There is no statistical anomaly of missing data per region (coverage of entire planet), the density of records is consistent and in all small selections the data has high correlation with physical locations including terrain and structures, aircraft routes, highway speeds, and typical patterns at an accuracy that would require the same knowledge to artificially generate.
More importantly: The coin & currency tracking data maps FAR TOO CLEARLY into reasonable commerce patterns, coins into and out of *registers*, bank trucks and storage. Without a full 3d model and a huge computational effort to simulate global commerce, it is more likely that a high precision radar system or sigint capability is actually tracking these targets.
The large bit scope and header reference of one data set is especially concerning:
10-12 billion unique identifiers using standard genetic expression encoding values in tree form and a related signal characteristic profile.
Tracked at 0.25m resolution. With signals. Log density may be due to AD sampling resolution. Data is historical, mid-year 2014.
On Wed, Jun 10, 2015 at 09:17:59AM -0400, Wilfred Guerin wrote:
Files are standard DB Table dumps (packed) loading from a cluster of VPNs from torrent and NAS protocols through central europe (entry providers are all in privacy-sensitive countries) and intended to be a distributed database service; there is simply nothing big enough to handle this onload directly. (at 120+gbps bursts) Some of the services are posting public torrent data and open sql database access. Table files are set up as redundant master with cross-population and standard distribution techniques. Some of the tracking data appears to have 1 inch resolution target vectors.
Wilfred Guerin wrote:
Some huge *meaning close to exobyte size* data sets are circulating in storage clouds this last week, appear to be snapshots of signals intelligence metadata including vector tracking of signals targets (possibly cell phones based on movement vectors) and cross-associated metadata for their communications. Indications are that these are recon signal dumps of the american sigint system loaded by a major organized crime syndicate and cover most of last year. There is also a set of organic tracking signals, assumably covert agent communications, and another set that appears to be all American and European cash money transactions(???).
On Fri, Jun 12, 2015 at 01:13:02AM -0400, grarpamp wrote:
No evidence, calling baloney on this one. The theory is fun though.
It'd make for a good techno-thriller movie... Just gotta make sure to triple-band X-ray em loop broadcast cpunks as evidence of prior art. Yes, I will sue your ass disney, so you might as well pay up now.
It's been 4 days with no evidence. Last e-mail of Wilfred's e-mails seems downright erratic. Hope this at least goes *somewhere*. Probably not, though.
On June 13, 2015 10:46:56 AM Lodewijk andré de la porte <l@odewijk.nl> wrote:
It's been 4 days with no evidence. Last e-mail of Wilfred's e-mails seems downright erratic. Hope this at least goes *somewhere*. Probably not, though.
He could always send any evidence to JY/Cryptome off-list... but, yeah. Probably not.
All I've seen in the news are NASA climate data release, Medicare drug data.... Anyone have more info on this? On Sat, Jun 13, 2015, 1:54 PM Shelley <shelley@misanthropia.org> wrote:
On June 13, 2015 10:46:56 AM Lodewijk andré de la porte <l@odewijk.nl> wrote:
It's been 4 days with no evidence. Last e-mail of Wilfred's e-mails seems downright erratic. Hope this at least goes *somewhere*. Probably not, though.
He could always send any evidence to JY/Cryptome off-list... but, yeah. Probably not.
On 6/13/15, J.R. Jones <mrjones2020@gmail.com> wrote:
All I've seen in the news are NASA climate data release, Medicare drug data....
Anyone have more info on this?
it was Facebook Beacon[0] sans-radiotap-headers logdata[1]; above PHY left as exercise for the reader... BIG BLUE (merely hint at maybe) SUEYOU! now quiet as a mouse, lest crushed to dust. best regards, 0. "Facestab Bluetoothache Tracker Tech" - https://www.facebook.com/business/a/facebook-bluetooth-beacons 1. "The radiotap header format is a mechanism to supply additional information about frames, from the driver to userspace applications such as libpcap..." - http://www.radiotap.org/
On 6/14/15, coderman <coderman@gmail.com> wrote:
... it was Facebook Beacon[0] sans-radiotap-headers logdata[1]; above PHY left as exercise for the reader...
i'm sorry, of course no people my friend, ever logs content, or pub, or raw tap data. of course not! after GOOG's streetsniffer settlement. *cough* best regards, coderman, shocked at the very concept of overuse, of convenient technical capabilities... shocked!
Wilfred just won the bet he had with his schoolmates that we'd fall for literally anything, including a claim that the government was tracking the flow of every single bill and coin in circulation.
On 6/16/15, Sean Lynch <seanl@literati.org> wrote:
Wilfred just won the bet he had with his schoolmates that we'd fall for literally anything, including a claim that the government was tracking the flow of every single bill and coin in circulation.
Indeed. And this "story" is timed rather well to (In My Extremely High And Maximally Humble Opion) distract us from the (IMEHAMHO) much more relevant matter of the real time network injection attacks overloading even "security professionals" regardless of OS. For those who are truly paranoid or needing of security, we need a plan for a rock hard software stack for public communication. Cypherpunks - owned by some sci-fi wannabe author testing the concept pool of enthusiastic know alls. At least we're not the yank-tank. We're superrior or or ... or something.
On Mon, Jun 15, 2015 at 8:35 PM, Sean Lynch <seanl@literati.org> wrote:
the government was tracking the flow of every single bill
Bills are serialized and certainly trackable at exchage points. Though such points (banks) are increasingly acting weirder when their patrons deal in cash, there's no scanning going on yet at the level of the till. There are probably fine papers comparing the analysis that can be done with serialized bills vs bitcoins ledger.
participants (10)
-
coderman -
grarpamp -
Griffin Boyce -
J.R. Jones -
Lodewijk andré de la porte -
Sean Lynch -
Shelley -
Troy Benjegerdes -
Wilfred Guerin -
Zenaan Harkness