Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security IT

'Project Vigilant' Recruits At Defcon To Track You 97

angry tapir writes "A secretive volunteer group that tries to track terrorists and criminals on the Internet went to the Defcon hacker conference in hopes of recruiting information security experts, but it will first have to overcome some skepticism. That's because most information security professionals have never heard of the group, called Project Vigilant."
This discussion has been archived. No new comments can be posted.

'Project Vigilant' Recruits At Defcon To Track You

Comments Filter:
  • by elrous0 ( 869638 ) * on Tuesday August 03, 2010 @08:29AM (#33122482)
    It would be no less obvious.
  • bogus (Score:5, Informative)

    by bsDaemon ( 87307 ) on Tuesday August 03, 2010 @08:35AM (#33122566)

    So, I got curious and clicked the link to the article. Then I clicked the link to the project's website, which beyond a splash screen with an INGSOC-esque logo with a half-assed latin slogan, you find a cheap-ass Drupal site which requires an OpenID account to log into. The list of logged-in users includes such gems as a guy named "poopcracker."

    If this is cointelpro, its either extremely terrible, or extremely brilliant for looking so shoddy. Chances are, its just misguided vigilantism by people who read "gray hat python" and now think they can 'hack the Gibson'. I'm not sure which would disturb me more.

    • Re:bogus (Score:5, Informative)

      by Anonymous Coward on Tuesday August 03, 2010 @08:59AM (#33122840)

      When you say "half-assed latin slogan," I hope you mean "pseudo-Latin slogan" - because that motto is the result of someone who doesn't know Latin trying to come up with something and getting it wrong. I think they were going for "We Watch Together," in which case they certainly shouldn't have used the first person *singular* of vigilo (not to mention misspelling "vigilo"). I think they meant Evigilamus Jugiter, to give the phrase the proper tone of menace (if they meant something less menacing, they should have gone with a variation on vigilamus pro te, which is the motto of the Canadian land forces and a translation of the chorus of O Canada).

    • Re:bogus (Score:5, Informative)

      by FriendlyLurker ( 50431 ) on Tuesday August 03, 2010 @09:00AM (#33122850)

      Some of the names behind Project Vigilante:

      ...the list of its officials, which includes Mark Rasch, who headed the DOJ's Internet Crime Unit for 9 years; Kevin Manson, a retired Homeland Security official; George Johnson, who "develop[ed] secure tools for the exchange of sensitive information between federal agencies" for the Pentagon; Ira Winkler, a former NSA official; and Suzanne Gorman, former security chief of the New York Stock Exchange. These are people with extensive, sophisticated expertise in compiling highly invasive data about individuals' Internet activities, and more so -- given their background -- how to package it in a way that can be used by federal agencies.

      From here [salon.com] and here [examiner.com].

      So... perhaps it is a honeypot as well? In any case, the real operation is run backend to your ISP.

    • Re: (Score:2, Interesting)

      by RobM9999 ( 191476 )

      If you like that then check out the linked site for BPH Global. besides being a) the same color. b) the same cheap-ass Drupal. c) even crappier looking (if possible)., click on the Background link and read that. I have read better written spam emails which want to give me millions/make my p3n1s bigger/ sell me v1agra. For thos not wanting to waste your time traveling there, I give you the treasure that is their background:

      -----
      If you audience are in the field of Information Technology, the term "informati

  • where it is definitely a good idea to take the blue pill!

  • EU already did it (Score:5, Informative)

    by ZeroExistenZ ( 721849 ) on Tuesday August 03, 2010 @08:36AM (#33122584)

    EU already has a simular technology in place.

    You can get the analysis at wikileaks: EU social network spy system brief, INDECT Work Package 4 [wikileaks.org]

    "The aim of work package 4 (WP4) is the development of key technologies that facilitate the building of an intelligence gathering system by combining and extending the current state-of-the-art methods in Natural Language Processing (NLP). One of the goals of WP4 is to propose NLP and machine learning methods that learn relationships between people and organizations through websites and social networks. Key requirements for the development of such methods are: (1) the identification of entities, their relationships and the events in which they participate, and (2) the labelling of the entities, relationships and events in a corpus that will be used as a means both for developing the methods."

  • He had a detailed post [salon.com] of 'Project Vigilant'.

    Uber told Computer World [computerworld.com] that he decided to divulge his group's role in directing Lamo to turn into an informant because he thought that Lamo's patriotic act was being unfairly disparaged.

  • by Drakkenmensch ( 1255800 ) on Tuesday August 03, 2010 @08:41AM (#33122650)
    Smart money says this is a sting operation to bag hackers who are a bit too keen to use their tech savvy to spy on their neighbours!
  • by AHuxley ( 892839 ) on Tuesday August 03, 2010 @08:46AM (#33122700) Journal
    Two links with some more reading on Project Vigilant.
    "that it monitors the traffic of 12 regional Internet service providers, hands much of that information to federal agencies, and encouraged one of its "volunteers," researcher Adrian Lamo, to inform the federal government about the alleged source of a controversial video of civilian deaths in Iraq leaked to whistle-blower site Wikileaks in April."..
    but said that because the companies included a provision allowing them to share users' Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally gather data from those Internet carriers and use it to craft reports for federal agencies.
    from:
    Stealthy Government Contractor Monitors U.S. Internet Providers, Worked With Wikileaks Informant
    http://blogs.forbes.com/firewall/2010/08/01/stealthy-government-contractor-monitors-u-s-internet-providers-says-it-employed-wikileaks-informant [forbes.com]
    "Elite US cyber team courts hackers to fight terror"
    http://www.google.com/hostednews/afp/article/ALeqM5hKoXQdL-L1HFYObz0_UUHMactSWg [google.com]

    Top tip, stop chatting to strangers, try a sneaker net gap and again stop chatting :)
    • Re: (Score:3, Funny)

      by brxndxn ( 461473 )

      Don't cyber snitch.

    • Wait, what??? (Score:3, Insightful)

      by schwaang ( 667808 )

      According to Uber, one of Project Vigilant's manifold methods for gathering intelligence includes collecting information from a dozen regional U.S. Internet service providers (ISPs). Uber declined to name those ISPs, but said that because the companies included a provision allowing them to share users' Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally gather data from those Internet carriers and use it to craft reports for federal agencies.

      Wait

  • Chet Uber? (Score:5, Funny)

    by Sporkinum ( 655143 ) on Tuesday August 03, 2010 @08:51AM (#33122752)

    He must have the world's most awesome popped collar!

    • by elrous0 ( 869638 ) *
      I bet he can really ski the K-12.
    • Re: (Score:3, Insightful)

      by medv4380 ( 1604309 )
      The guy is one of the Cyber War nuts 2002 [newscientist.com] he was running with the business name of Security Posture trying to cater to the conspiracy theory nuts. Everyone already knows that Game Boys [penny-arcade.com] emit pilot killing rays.
  • Pot, meet kettle (Score:4, Insightful)

    by esocid ( 946821 ) on Tuesday August 03, 2010 @08:52AM (#33122770) Journal

    According to Uber, Project Vigilant also played a role in Iran's Green Uprising last year, operating five Internet proxy servers that helped dissidents circumvent government spying and move information out of Iran and into the hands of dissident groups.

    So when does the US get some of this help to circumvent government^H^H^H^H^H^H^H^H^H^H protective spying and allow the free transmission of information. Oh, wait. I see now.

    On Sunday, Uber said he was the first person to call the federal government about the sensitive cache of documents allegedly leaked by U.S. Army Intelligence Analyst Bradley Manning, and which was ultimately published on Wikileaks. Manning leaked the documents to Adrian Lamo, who does "adversary characterization" for the group, Uber said.

  • You know, as crazy as this may sound to some of you, working in the US intelligence field or the peripheral fields is not akin to being evil.

    This really doesn't worry me too much to be honest. I'd rather have these people out there working then not. It's not as black and white as some would like to paint it. When the US Army Intel analyst Manning got busted leaking documents to wikileaks, he broke a Federal law and the authorities, working with an informant through this program, found out. This program was

    • Re: (Score:3, Funny)

      You know, as crazy as this may sound to some of you, working in the US intelligence field or the peripheral fields is not akin to being evil.

      You must be old here.
      • You must be old here.

        That's right. He should have recognised that "US" and "intelligence" can't coexist in the same sentence.

        *Ducks* ;-D
    • by AHuxley ( 892839 ) on Tuesday August 03, 2010 @09:16AM (#33123028) Journal
      "akin to being evil" really depends on the decade? the Church report, Iran contra, Operation Ajax, Room 641A, Sibel Edmond, COINTELPRO ...
      Do you really want unaccountable, hidden, profit driven - mercs, private corporations, individuals and cyber vigilante types doing what the FBI should?
      • Re: (Score:1, Troll)

        by Dishevel ( 1105119 )

        Do you really want unaccountable, hidden, profit driven - mercs, private corporations, individuals and cyber vigilante types doing what the FBI should?

        No. You are right.

        Open letter to the World

        We quit. We do not like evil people looking at stuff and busting people. We can not trust them 100% so we are firing them all. Effective intimidate the US will fire all FBI, CIA, NSA, ICE, Treasury agents, and so forth. They are all going home today. We the people from San Fransisco understand that once we stop with our gestapo, imperialistic, "War for Oil", decadent consumerists ways the world will once again embrace us and take us into the loving fold of humanit

      • Re: (Score:3, Insightful)

        by GooberToo ( 74388 )

        You mean the CIA and NSA. The FBI is for domestic intelligence gathering and enforcement only. This is, in fact, why the FBI and CIA/NSA were purposely intended to never have open channels with each other. What everyone called broken following 9/11 was actually by design and for very, very, very good reasons. The reason is simply, its ripe for domestic abuse and violation of the Constitution.

        The FBI was basically considered to be federal police. The CIA/NSA is considered quasi-military, which is exactly why

    • by betterunixthanunix ( 980855 ) on Tuesday August 03, 2010 @09:17AM (#33123040)
      Was it specifically bad to turn in Manning? No, things are no black and white. From where I sit, though, Wikileaks is doing a good thing by exposing government lies -- we cannot trust the government to be honest about classified documents, which is why we need Wikileaks. If these guys are fighting against Wikileaks, that means they are pitted against those of us who want a more open government.

      What worries me is that these guys are not required to abide by the constitution; they voluntarily collect information, and then turn it over to the government, which allows the government to obtain evidence that it would not otherwise be able to collect. These "fourth party" arrangements have been discussed in the past, and just because they are not hot news items anymore does not mean they are less worrysome.
    • Most laws are generally a bad thing. Supporting something just because it is "a law" is sheeple behavior. Question everything.
    • Re: (Score:1, Troll)

      by e2d2 ( 115622 )

      Mods label anything they don't agree with as troll. It's pathetic.

    • No matter where you stand on Manning and Wikileaks, the intent of the Fourth Amendment (and the entire Revolution, really) is against the whole idea of the government snooping on its citizens without restraint.

      It's one thing when the feds get a warrant to eavesdrop on a suspect like Manning, it's quite another when they wholesale eavesdrop on the entire population (or 250 million IPs in this case) and use the Manning affair to justify it after the fact.

  • When I was a MIRT Handler at Castlecops I heard of a secretive invite only organization that coordinated and worked on tracking online criminal activity. I was not told the name of this group. The deal was: if they wanted you then you would hear from them.
    I wonder if this is the same group.

    If so, then I assume their shadowy invite-only policy isn't working so well for recruiting.

    • by zerro ( 1820876 )
      .. or, perhaps it was another organization that you are thinking of. Could it be like the Russian "spy ring" that was recently "broken up" - this was probably just the decoy operation? It reminds me of the rough premise of Spies Like Us.
      • I'm pretty sure the group I heard about was the real deal. Respected and well known Information Security researchers work with them or for them. Mostly volunteer staffed and they communicate with the government on emerging threats.
        Sounds very similar..

        Or it could just be a private forum where a bunch of white hat hackers and researchers talk about stuff.

        • Sure, it could be any of the things you mention. Unless it is operating under review it is also a cherry picking war hawk's dream organization. Who is going to contest the misappropriation of the analyses to support aggressive action?

          The one thing that would have made this country safer after the 2001 attacks was an honest PUBLIC dialogue about the fucked nature of modern strategic options. We have been living with arsenals of WMDs for too long and they are smaller and more synonymous with power than eve

  • Won't help those people to reach the goal, though.
  • This is news? (Score:2, Informative)

    by Anonymous Coward

    "Seedy company hires hackers to commit felonies" -- Yawn.

    "A person or entity providing an electronic communication service to the public shall not intentionally divulge the contents of any communication while in transmission on that service to any person or entity other than an addressee or intended recipient of such communication or an agent of such addressee or intended recipient."

  • Terrorists? (Score:3, Insightful)

    by alfredos ( 1694270 ) on Tuesday August 03, 2010 @09:43AM (#33123460)
    Given the abuse and buzz power that that word has seen in the last couple of years, I tend to treat anything that comes with 'terroris.+' in the subject with a grain of salt. Well, actually more than a grain: I start giving credit starting at the absolute bottom of the scale when that regex matches, and it usually doesn't get very far. There is just too many people out there trying to make a living, if not easy money, out of scaring people and leveraging the politicians with that fear. Take a look at "The power of nightmares", a BBC documentary readily available on YouTube, about the latter.
  • Why aren't they focusing the same attention on elections in the USA?

  • Monitors the traffic of 12 regional Internet service providers? Is there a list posted anywhere? My ISP has a EULA, and there's are a few references to third party providers, but it doesn't seems to mention monitoring or sharing of activity or usage details.
    • by AHuxley ( 892839 )
      A EULA for consumers, a EULA for costumers and a EULA from the gov to be an isp/bell/telco?
  • Given that they are being shilled by Wired and associated with Adrian Lamo, I think a lot of people are assuming they are just as fake.... esp people familiar with the cozy relationtionship Lamo had with Wired and the personality/mythos they manufactured around him...

    Trying to get their name out there via association with a fake hacker and his sob story via the same publication that was used to bring attention to his 'exploits'.. really does not give them good PR.....
  • Lamo? Uber? Seriously now, don't they have more creative writers than that? This sounds like life is starting to emulate art (if you can call the assorted CSI:* series such).

  • Capability based security has been patiently waiting for people to get fed up with the broken mess that is user based security.... it's time to end this mess by properly securing everyone's computers.
  • "Two Guys from Quantico Pizza"
    More on-topic: I certainly do hope hackers take up the offer. The more Wikileaks, the better for Democracy and Freedom.
  • In Soviet Russia, YOU track Project Vigilant!
  • Chet Uber for Project Vigilance? ..

    Sounds a lot like Christian Valor (se7en) if anyone remembers him..

    My money is on him being bullshit artist looking for some speaking gigs before he gets found out to be a fraud.

You know you've landed gear-up when it takes full power to taxi.

Working...