Black Hat 2013 - OPSEC Failures of Spies

@absurdengineering 11 months ago

That doritos bag story is hilarious. “doritos bag” was a convenient name for an actual faraday shielding bag. Somewhere someone who never heard of that term waited too long into the conversation to ask “do you mean a literal Doritos Bag”? And by then it would look too silly to ask. So the trade term doritos bag was, like in the game of telephone, telegraphed into the literal Doritos Bag. Nobody in the isolated group where that fiasco was introduced had ever stopped to ask “like seriously literally a Doritos bag?! Should we try and call that phone in the bag to see if that actually works?” Yeah, sometimes the king is really naked. 😂

@HarterConner 4 years ago

Get this man a glass of water.

@JohnMischo 5 years ago

This was compelling. It is an excellent example of how metadata can be used against ANY target. This is why people need to care about how or even if this data is regulated and controlled. You took us step by step through the tools used, the data gathered and what it revealed, and finally how it was applied against a target in the real world. This is excellent journalism. As you said all of your source material is in the public domain, and anyone could recreate this outcome for themselves following the methods you laid out clearly. The fact that stories such as this don't wind up on the air at NBC is part of why there is distrust of "the media". Thank you for the reporting. I'm glad I stumbled on this and I am eager to follow up on how the state of metadata has evolved since you gave this talk in 2013.

@paulthomann5544 10 years ago

Really interesting! Funny how trying to be extra cautious made them easier to spot. So I guess it's safer to use phones to communicate to a variety of people, making it not only harder to spot them using such obvious metadata patterns, but also giving some amount of deniability should it still happen ("I didn't know that ten of my hundred contacts were spies"). Also good to see that there are european countries who try to get to the bottom of such incidents and aren't shy of disclosing what they find. It feels terrible to hear about people abducted in your own free democratic country by foreign secret services. Even if they might be bad people. Fair trial should apply to everybody, no matter where they live or were born.

@Bm23CC 5 years ago

The hunter becomes the hunted.

@RaidsEpicly 4 years ago

This randomly popped up in my recommended videos (I've never watched any hacker/cybersecurity content on youtube before) and I'm absolutely convinced it's because I just watched a retrospective on Robin Thicke that discussed his disastrous performance with miley cyrus at the mtv music awards in...2013. Bow down to the algorithm!

@serena_m_ 4 years ago

4:23 "a loaf of bread was walking down the street"

@L0j1k 4 years ago

"If any of you are compelled to go find George Purvis in Northern Virginia, I do not recommend knocking on his door. He does not take to it very well. He's a little sensitive about being exposed." That's how you know you're listening to a talk at "Black Hat" LOL. All those fucking corporate poseurs and feds sweating a tense butt stain in their chairs through their slacks.

@patrickcameron2950 4 years ago

Great talk. This guy works for The Intercept now which seems like a good fit.

@WackoMcGoose 4 years ago

...Dude put his phone in a literal bag of Doritos. You could write that in a spy novel, and people would call bullshit. I guess reality IS stupider than fiction!

@noahhastings6145 4 years ago

That loaf of bread having legs and eyes and being able to use them is the most terrifying part of this story

@moofymoo 5 years ago

that ending tho - please remember to swipe (to leave metadata)

@cathalomurchu9909 1 year ago

Who did their homework?

@donarnold8268 5 years ago

Thank you!

@TheTRURUDBOI 9 years ago

Yep, sounds bout right.

@eplus341 1 month ago

Imagine how AI can handle YOUR metadata and find everything about you without having to listen to your conversations and without technically having to break the law... the same effect for you as if it was breaking the law. The future of mankind lies within knowing what you are fighting for but not what you are fighting AGAINST. This is both terrifying and in a way optimistic.

@mikhailzaruykin663 4 years ago

This is hella spicy

@fritsonpetitfrere9038 4 years ago

Harvall, is that a Brad thor reference to Scot Harvath?

@soapbar88 4 years ago

DORITOS BAG LMFAO

@thekaiser4333 4 years ago

In international law, there is no such thing as extraordinary rendition. It is kidnapping and abduction, a serious felony, plain and simple. And unlike in the USA, kidnappers are prosecuted here in Europe.