Police bugged SHAC, but what else did they do?
Collins | 10.10.2008 12:44 | SHAC | Animal Liberation
Police have admitted to bugging SHAC, however it's what tehy don't admit to that is more interesting.
As expected SHAC was bugged by the police. This isn't a surprise. What is interesting is that Police have knowledge of files that SHAC supposedly securely erased.
This means that either the police had an virus on SHAC members computers or that SHAC has a apolice informer in it's ranks.It is likely that both are true however the amount of knowledge police seem to have could only have been acquired by them having a software bug on SHAC computers.
This is something all activists must be careful about. The Police are putting backdoors onto peoples computers. Virus checkers won't spot them as they will not be known by anti-virus companies.
What can we do against this new threat?
This means that either the police had an virus on SHAC members computers or that SHAC has a apolice informer in it's ranks.It is likely that both are true however the amount of knowledge police seem to have could only have been acquired by them having a software bug on SHAC computers.
This is something all activists must be careful about. The Police are putting backdoors onto peoples computers. Virus checkers won't spot them as they will not be known by anti-virus companies.
What can we do against this new threat?
Collins
Comments
Hide 11 hidden comments or hide all comments
Well you can make it harder
10.10.2008 12:53
Alpha Geek
Don not assume Linux =safe
10.10.2008 13:03
Beta Geek
autosave was probably to blame
10.10.2008 13:15
Even if you securely delete the final plaintext copy, fragments of these insecurely deleted autosaved files could still remain on the disk.
The lessons are:
* Don't put sensitive information on computers unless absolutely necessary.
* Use full disk encryption rather than relying on encryption of specific files or partitions.
Full disk encryption means everything on the disk is encrypted - the operating system, the applications, and the files. There is some good free and open source full disk encryption software called Truecrypt:
http://www.truecrypt.org/
Remember also to shut down or lock the computer when you are away from it - if they gain access to your computer while it is running and open, all the encryption will be useless.
supporter
I agree
10.10.2008 13:45
Alpha Geek
SHAC Computer information
10.10.2008 13:48
AS WE HAVE BEEN TRYING TO TELL PEOPLE FOR MONTHS THIS IS THE RESULT OF A PC BELONGING TO SEAN KIRTLEY HAVING ITS HARD-DRIVE COPIED AND THE CONTENTS SOLD TO THE POLICE.
It is frustrating beyond belief to have this being denied again and again by people within SHAC when it is now common knowledge and was even discussed openly in court.
This thread on Indymedia a couple of weeks ago started to talk about it and that was great however once again we saw somebody from the SHAC inner circle (this time called 'Indymedia Pat' ) decide that it should be closed down and the truth hidden
http://www.indymedia.org.uk/en/2008/09/408433.html?c=all
Why Indymedia allowed this I can't imagine.
Now that this has all been confirmed in open court will 'Indymedia Pat' be back to apologise and will Indymedia mods release the hidden comments so that those within the movement can see the truth ?
We need to stay together but we need to tell the truth
sauce?
10.10.2008 13:54
> What is interesting is that Police have knowledge of files that
> SHAC supposedly securely erased.
Care to share where this is from?
hp
SHAC Computer information
10.10.2008 13:58
AS WE HAVE BEEN TRYING TO TELL PEOPLE FOR MONTHS THIS IS THE RESULT OF A PC BELONGING TO SEAN KIRTLEY HAVING ITS HARD-DRIVE COPIED AND THE CONTENTS SOLD TO THE POLICE.
It is frustrating beyond belief to have this being denied again and again by people within SHAC when it is now common knowledge and was even discussed openly in court.
This thread on Indymedia a couple of weeks ago started to talk about it and that was great however once again we saw somebody from the SHAC inner circle (this time called 'Indymedia Pat' ) decide that it should be closed down and the truth hidden
http://www.indymedia.org.uk/en/2008/09/408433.html?c=all
Why Indymedia allowed this I can't imagine.
Now that this has all been confirmed in open court will 'Indymedia Pat' be back to apologise and will Indymedia mods release the hidden comments so that those within the movement can see the truth ?
--------------------------------------------------------------------------------
We need to stay together but we need to tell the truth
ignore the troll (post: SHAC computer information)
10.10.2008 14:36
It is probably just someone from the pro-animal abuse SHACwatch site trying to shit-stir.
supporter
Sean is Sequani not SHAC - totally irrelevant hysterical comment again
10.10.2008 14:54
Now back to the real topic - most likely any worries about security will be due to autosaving as someone has previously said. Full disk encryption software will give you much more security and 'eliminate' this problem - if it cannot be hacked into that is. PGP is secure as far as we are aware but there is a specific company in the UK that works for the police and government who specialise in cracking encrypted computers. How successful they are is another question altogether... time will tell!
Sneaky Geeky
The troll just doesn't give up!
10.10.2008 15:02
Oh well what ever makes him/her happy............. bless!!
Troll Watch!
Risks of full disk encryption
10.10.2008 15:21
The risks are:
1) The thumbscrew attack: use some form of torture to get the person to give up their passphrase.
2) Weak passphrase: don't use you dog's name, and make it long and difficult to guess!
3) Keyloggers: unless you are with your computer 24/7, someone can gain physical access to your computer and plant a hardware keylogger that records all your keystrokes - including when you type in the passphrase.
4) Firewire ports: firewire/iLink ports have direct access to the computer memory, which would necessarily include the decryption key. Remove or disable your firewire ports.
5) Access to a running computer: protecting from someone who has physical access to a computer is difficult at the best of times, but if it is powered on, it is even more difficult. Set your computer to use a locking screensaver, and turn it on when you are not sat at the computer.
supporter
What is happening ?
10.10.2008 15:29
I am confused at the motivation of people in trying to cover this up, the police obtained vital evidence as the result of what was in effect a burglary, we can use that to demand this evidence is inadmissable and get any convition overturned.
I realise that some poeple feel a bit foolish because they trusted others who turned out to be police but sometimes we need to stand up and admit our mistakes, learn from them and move on. Trying to cover things up and pretend they did not happen is a little silly.
The police have clearly gathered a lot of information, probably about individuals but most of it will be of no use to them just donations and emails of support etc so there is no need to be worried or try to keep others in the dark because that just looks suspicious.
As a final thought would some please, please not call posters trolls just because they have differing viewpoints, it is a really annoying part of this webpage that all opposition opinion is called trolling. Internet trolling is a very different thing.
Supporter
Stay strong
10.10.2008 15:43
We have been following your work and we are so sorry that things are going so badly for you all right now. The laws in the US are very different to England and what the police have done to you would neved be allowed here.
We hope you stay strong and can come through this with new people and new groups to take over from those that have failed.
Mary - USA
are these SHAC stories posted by a troll?
10.10.2008 16:32
supporter
Definition of a Troll
10.10.2008 16:57
This is my last comment because I've been advised you shouldn't feed the Trolls ............lol...........
Troll Watch!
Why not use macs?
10.10.2008 17:04
Mac fan
Why not use macs?
10.10.2008 17:05
Mac fan
What actually happened..
10.10.2008 17:18
They were not aware of this, and what the police have got their hands on are the automatically saved files which weren't encrypted.
There was no virus, they dont know their passwords and they havent got anywhere near as many recovered files as they are making out.
So everyone please stop worrying!
I highly suggest everyone gets full disk encryption
A friend of SHAC
Homepage: http://www.shac.net
Good to know BUT who was advising them?
10.10.2008 17:29
But it is good to know that it;s simple cock up and not a super PLOD black helicopter squad :)
Another Mac Fan
re: What actually happened
10.10.2008 18:12
Collins
Don't rely on disk free space wipers
10.10.2008 19:43
Tools that wipe the free space take a long time and aren't always guaranteed to work. Also, you would have to run them every time you edited your file, since you never know when you might get a visit. That makes them practically useless, in my opinion.
If you want security, full disk encryption is the only way to go. And even then, be aware of the possible risks (see my earlier post).
Note that if you use Thunderbird, it is possible to turn off autosave of emails you are writing. It's probably a good idea to do this even if you use full disk encryption, just as another layer of security.
supporter
A Very Real concern
11.10.2008 09:26
Every time I post I get to a page stating there is a problem with the security certificate - what does this mean?
I would be interested in others views - it is worth noting that there was almost certainly an informer within shac - also that one group are pleading guilty to conspiracy to black mail while the others (with heather Nicholson) are pleading not guilty
George Coombs
e-mail: georgecmbs@tiscali.co.uk
Some comments
11.10.2008 12:11
2. If your computer is taken by the police at any time, if you want to be very careful it is wise to assume that the operating system has been "doctored", perhaps to record keystrokes for transmission to the internet. This is a touch paranoid, to be fair, and unless you're a terrorist there's a chance that the police won't spend the time/money doing this. It may also be illegal (though that may not stop them). If your computer is returned to you after "evidence gathering" then personally I would wipe the entire operating system and reinstall it. Usually this is not for the faint-hearted as it can be a pig to do. Many machines no longer come with restore discs these days - instead they have a "restore partition" on the hard disc which unfortunately also can be doctored (although it's harder to do). If you want to be sure, get someone to restore it all properly from CDs/DVDs that have not been confiscated.
3. Bear in mind that the ROM (a silicon chip) of a machine can also be compromised! There is an anti-theft product on the market that modifies the contents of the "boot sequence" software, so that it sends out a regular tracking signal over the internet. This is a good thing if your machine is stolen, as it helps the owner find their machine even if the operating system is wiped and reinstalled. However the same technology is available to the police/authorities and can be used to install keystroke loggers to discover your encryption passwords. To combat this, the "BIOS" needs to be reinstalled (or "reflashed"). Again this requires an expert.
4. The problems with the security certificate are almost certainly NOT evidence that the cops are intercepting your visits/posts to IM. They are there (I believe) because IM has not purchased "legitimate" server certificates from a certifying authority. This might be because IM admins don't believe in having an "authority" (as IM is anti-authoritarian) but also because certificates can be expensive, and IM presumably isn't awash with cash. A properly working/purchased certificate only guarantees so much anyway - if the certifying authority was to hand over the certificate private key to the police, they would be able to decrypt everything you do. (There's no evidence that this is rife however, since if it was made public, it would start to degrade public trust in buying online, which the certifying authorities rely on to continue their business).
5. Lastly keep backups of everything you want to keep, and give them to your non-activist friends for safe storage. Keep stuff encrypted at your own house and (in general) unencrypted at your friends' houses (unless you have special reason to be worried, in which case keep it encrypted everywhere). The reason I suggest keeping it unencrypted is that if your encryption fails (or you forget your password) you have a backup that you can rely on! Encryption is great but it can cause you more problems than it solves if you are not careful. Never refer to backups in instant messaging, text, email or telephone calls otherwise the police will be able to find out where you keep copies.
Think that's about it.
Jon
Long memory
11.10.2008 19:20
You want to pretend all this was the result of some fucking PC scan or save technology then go right ahead. Lots of the usual wankers can produce the same posts all pretending it was that with lots of pseudo IT knowledge to make themselves look good.
WELL I KNOW THE TRUTH
I KNOW THAT SEAN'S HARDDRIVE WAS COPIED
I KNOW THAT HE WAS SOLD OUT
I KNOW THAT GRASSES ARE IN THE MOVEMENT AT HIGH LEVELS
I KNOW THAT FURTHER ARRESTS ARE LIKELY AND IMMINENT
I KNOW THAT SOME ARE TRYING TO COVER THIS UP
I KNOW THAT PEOPLE WITHIN THE INDYMEDIA ORGANISATION ARE HELPING THEM
In short you can all fuck off, I will never again have anything to do with you or Indymedia
I will work if needed on my own to liberate the animals that live in hell while others get rich.
THERE WILL BE A DAY OF RECKONING AND WE WILL REMEMBER THOSE WHO SOLD US OUT AND THOSE WHO HELPED THEM.
YOU CAN ALL GO TO HELL
ALF
An effective solution....
12.10.2008 08:11
http://mandalka.name/privatix/index.html.en
You can run it in a "Virtual Machine" on any Windows computer and it will leave no traces of what you have been doing, (except on the encrypted USB key). This means that you can have a normal OS that you use for "normal" activities and a separate OS for any more "controversial" activities.
It works....
Microsoft sucks!
12.10.2008 13:26
The Most Recently Used files log every file you've opened and saved.
How to Clear the Windows Explorer MRU Lists
http://support.microsoft.com/kb/142298
also delete the entries in-
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet_Explorer\Typed
I also recommend overwiting the IE history folder and deleting the info in that .dat file which is hidden in that folder.
EnCase user!
more on this
13.10.2008 00:55
If you are surfing you can use TOR too - though again, it is slower than accessing the Internet directly.
Let's be honest though, there is no real chance of privacy when every mobile phone is a potential police microphone and location finder, records of net activity are kept for years, and DNA evidence can be retrieved from any computer. I reckon the cops are gonna be one step ahead of this on this one...but they don't have the money, resources, or expertise at present to follow-up on absolutely every case - they will reserve this for really high profile issues.
I would be interested to hear about any really foolproof means of having total privacy using a PC.
Krop
How to clean Firefox's history
22.10.2008 12:46
Mainly they are accessed from their history.dat file which can be opened with Notepad.
in XP-
C:\Documents and settings\\application Data\Mozilla\Profiles\\history.dat
in Linux-
~/.Mozilla/profiles//history.dat
OR from the cookie data
C:\Documents and settings\\application Data\Mozilla\Profiles\\cookies.dat
~/.Mozilla/profiles//history.dat
also in linux browse this URL-
about:cache
Nicola
Hide 11 hidden comments or hide all comments