NYPD has cameras everywhere, here’s details and relevance

My Beacon Reader won’t let me post updates so I am doing it here, please consider funding my project.

image

The NYPD Domain Awareness System can be configured with video “tripwires.” These trigger an alert when persons matching a certain description enter view of cameras which cover much of a 4 square mile area of lower Manhattan. The most complex analytic capabilities, like facial recognition, are deployed most at “near field” locations, like at MTA turnstiles.

image

Documents obtained by activists revealed photo dossiers were maintained by the NYPD of multiple demonstrators.

See the Intercept’s August 18 article on surveillance of Black Lives Matter protesters at Grand Central Station and elsewhere.

“I’m pretty sure that photo is from Penn Station, so they definitely had it on file or something. If you look at my A14 pictures, I caught some serious stuff — cops pushing people over,”  protest photographer Alex Seel told the Intercept.

There are plenty of camera views at Penn Station, Rockefeller Center, Grand Central, and other locations throughout the transit system, the NYPD would have little need to walk away from its video wall to track activists’ movements.

image

​Help me get $200 by the end of the weekend and I’ll publish the complete as-installed camera network of the NYPD TARU ARGUS system and Lower Manhattan Security Initiative

Did IBM use “Face Capture” to Surveil Boston Calling? What is “Face Capture”?

City of Boston Public Event Mgmt Demo handout, prepared by IBM for the City of Boston in anticipation of live implementation in May of 2013.

A large element of what was troubling to readers with whom I spoke about our disclosures at DigBoston was so-called “face capture” and “face tracking” software employed on live video surveillance of Boston Calling attendees at both music festivals last year.

In emailed comments published by the Boston Globe days before the most recent festival, IBM addressed reports of the technology’s use.

City of Boston Public Event Mgmt Demo handout, prepared by IBM for the City of Boston in anticipation of live implementation in May of 2013.
“City of Boston Public Event Mgmt Demo handout,” prepared by IBM for the City of Boston in anticipation of live testing in May of 2013.

Writes the Globe:

IBM did not return calls seeking comment about the demonstration, but in an e-mail, company spokeswoman Holli Haswell said neither “face capture . . . nor facial recognition” were used at the event.

Out of consideration for the privacy of the thousands of individuals whose images were captured and retained for more than year, flapping in the digital breeze, as it were, and additionally out of a desire to respect substantive security concerns, we eschewed publication of the original files. We did, however, provide exhaustive sourcing, and take back not a single line of our original work. Dan McCarthy, Editor of DigBoston, had this to say about the “Boston Trolling” series’ significance:

“The discovery of this story, and its ensuing publication in the print and online pages of DigBoston, has been a watershed mark for journalism, but not just within Greater Boston. In the weeks that followed the initial chapter, we have been approached by print publications and online news outlets, both national and international. And there’s good reason for that. The microcosm this story represents seems to have tapped into a larger encroaching sense of diminishing privacy in the new socio-cultural frontier.”

There are in fact multiple references to “face capture,” both in the preparation for and in the “Post-Mortem [sic]” of the Smart Surveillance Solution pilot at Boston Calling. (note the timestamps in the above image).

In preparation for the first festival, at least three cameras were configured with “face capture” as a Use Case.

From IBM spreadsheet "CoB Analytic Cameras."
From IBM spreadsheet “CoB Analytic Cameras.”

“Face Capture” in video surveillance is not a type of software, but a necessary element in multiple analytic profiles. It refers to exactly what it literally describes, the photographic capture of a person’s face. IBM’s denial is particularly hollow, in that it cannot only be refuted directly by its own documentation, but by a simple observation of the visual media that its employee stored unsecured on his private server.

“Face Capture” can be done on any video where a subject’s face appears in full or in a predetermined percentage in at least one frame – software can be configured to do this automatically according to certain rules determined by the programmer and operator, such as in the performance of a “Near-field People Search.” Some software, including IBM’s, can “learn” what sort of searches it should perform and deliver automated alerts when it gets a “hit.”

IBM and the City of Boston most certainly performed “face capture” at Boston Calling – whether or not they used facial recognition technology remains to be settled. Both have denied this as well, while the same IBM employee’s documentation makes note for integration of a “third-party facial recognition engine.” Boston Police denied their involvement in the program entirely, and shortly after pictures of BPD officers observing the software in live use were published by Vice’s Noisey. I’m publishing all of the “Command Center” photos with BPD in them for dramatic effect below.

DigBoston’s McCarthy also noted the attitude of acceptance of privacy encroachments in the wake of the Marathon bombings, and how revelations like those published in Dig are enabling a “sudden shift to one of justifiable skepticism. It may be one of the last weapons the Fourth Estate has in these increasingly uncertain and nervous times.”

05252013_1 05252013_2 05252013_6 05252013_10

IBM’s “Smart Surveillance System” – Liner Notes Intro

I’m going to explore here revelations published elsewhere, in detail that was duly blue-penciled into oblivion by able editors. This is a first introductory post and concerns the acquisition the revelatory information, its general nature, and some hints at specific content and future publication plans.

In the course of what for me is routine mining of the internet for choice key terms, using some custom Google queries, I happened upon a server belonging to an IBM researcher working on the company’s Smart Surveillance System project, AKA “SSS” and “S3.” This server contained among other documentation the SSS deployments in several cities across the United States, including Boston, Chicago, New York City, as well as for various private and public agencies. It also included notes for deployments in locations outside the US (OCONUS), such as Pakistan, Israel, and Saudi Arabia. The story of the server itself and its owner is developing – the url which I navigated to no longer resolves, and I it is safe to assume that publication of the server’s contents has finally triggered a tripwire, after months of my having free access to it – never mind probable years of unsecured exposure before I discovered it.

After remaining accessible for several weeks after some of its content was disclosed in the first of a three-part DigBoston series on surveillance in the City of Boston, the server, at an FTP url, no longer resolves in my browser nor allows connection via an FTP client. It is safe to assume that the exposure was discovered by the owner, or, as likely, that he was alerted to it by his employer. Fortunately for the public I was able to not only download most of the server’s files before I lost access, I also exported an XML file of the entire directory, which includes names of files as well as metadata.

Boston Police told us they did not participate in the project  which the two Boston Police officers in yellow jackets above are seen participating in.
Boston Police told us they did not participate in the project which the two Boston Police officers in yellow jackets above are seen participating in.

The volume and variety of the files (everything from PowerPoint to .G64 video files) has made extracting their meaning and context an incremental process – my understanding the information has increased exponentially with editing for public consumption at DigBoston, and now well into a review of the much more extensive documentation of projects in NYC and Chicago it is plain to me how elucidating this trove will be.

Closely guarded details of the NYPD/LMSI’ “Domain Awareness System” are now being parsed and organized, and I expect that in the near future I and collaborating journalists will be able to significantly increase the public’s understanding of how authorities and computers are watching. I also expect that an IBM employee will probably be fired soon, if he has not been already.

 

Open Source Intelligence for Newsrooms

So much has been made of Open Source Intelligence, OSINT, among both practitioners and the press, in the past few years that I was reluctant to use it without ironic quotes. You can find web-based toolkits and professional copy, and crowd-sourced pastebins on the subject, in abundance. You will be given long lists of bookmarks for websites for “People Finders” and “Deep Web Search” and the like, and some of these can be quite useful. Professionally produced literature will add methodology such as the traditional intelligence-gathering cycle to similar lists of sources. While all of these resources can be tapped for their selective value, I have yet to encounter any such guide or reference that can be read as an instruction manual and applied with reliable results (50%). One popular information-gathering method on the web, Google Dorks, seems to be particularly disappointing for most competent researchers attempting to expand their toolbox to include internet OSINT and ‘data-mining.’ It is quite possible for non-programmer reporters and researchers to apply the tools used in penetration-testing, data-mining, and by intelligence professionals to discover obscure documents targeted to their interest.

I apply a hybrid method I refer to casually as forensic indexing which produces results which enhance a story, and quite often merit publication in their own right.

I am offering my services to media organizations as a researcher and consultant, to teach journalists to apply Open Source Intelligence methods to their reporting with reliably publishable results. I will also be developing a workshop-style tutorial for presentation at relevant national conferences. My personal website (this one), another wordpress site dedicated to this project, as well as this description page for it are still under-construction, however the method is fully ready to be applied, and I am immediately available for hire.

Years of trial have gone into proofing this method, and I have retained uncounted gigabytes of sensitive and/or newsworthy items. A recent find was published in DigBoston (co-written by Chris Faraone, Jon Riley, and myself) regarding an intelligence video surveillance system tested at a concert last year in Boston, and has been widely covered in other media outlets, from Vice to Popular Science (and “…I know it’s the Mail, but….”).

Read the Boston story here:

BOSTON TROLLING (PART I): YOU PARTIED HARD AT BOSTON CALLING AND THERE’S FACIAL RECOGNITION DATA TO PROVE IT

BOSTON TROLLING (PART II): SMARTER CITY OR CITY UNDER SURVEILLANCE?

A third part is coming very soon –

Chris Faraone, who edited the DigBoston piece as well as sharing the by-line, was kind enough to give me a recommendation to publish here:

It’s hard to think of a better lens than Boston through which to expose these questionable technologies. I’ve been covering Boston for ten years, and as someone who is not a native, I can say that a large part of the reason I stayed here after journalism school was because the people in this city are generally the type who are smart and informed enough to give a damn about their privacy.

On top of that, it’s not exactly a secret in this city that the police are incompetent, from their pathetic homicide clearance rate, to the department’s history of hardcore bigotry, to their failure to communicate effectively with federal authorities both before and after the bombing of the Boston Marathon. Since this story came out on Thursday, the Dig has received an inordinate amount of positive feedback and had virtually no one attempt the old argument of, “If you’re not doing anything wrong then you have nothing to worry about.”

I’m very much looking forward to the work Kenneth Lipp does with information he has gathered on other cities, but the Hub was by all measures — from the readers to the leaders — an ideal place to get started.

Contact me at gaussianinference@gmail.com for more information.

More links describing documents uncovered:

https://kennethlipp.wordpress.com/2013/11/06/forensic-indexing-metadata-and-the-dvic-privacy-policy/

https://kennethlipp.wordpress.com/2013/12/07/blackwater-gsa-schedule-84-security-services-pricing-catalog/

https://kennethlipp.wordpress.com/2013/12/08/research-hacking-searching-for-sensitive-documents-on-ftp-captchas-and-the-google-governor/

https://kennethlipp.wordpress.com/2013/11/21/the-department-of-defense-information-operations-condition-infocon-decision-matrix/

 

And here's an unrelated but awesome picture I took of Eric Holder
And here’s an unrelated but awesome picture I took of Eric Holder

“Transgressor” – Sex, Porn, and Profiling RC Horsch

transgressor

I have the pleasure of taking on more projects as producer for Woodshop Films/Scrapple.TV, one of the first of which will be a mini-doc, pilot spot on artist RC Horsch. We spend a lot of time talking about convention in the art world regarding what is porn and what is art – and in this brief preview blow, RC shares his perspective on sex work.

 

The Great Bull Run: Bulls ARE Great, but People Suck

I went with my buddy Poe from the Panic Hour and Joshua Albert, with a crew (Liam) from Scrapple TV, to cover the Great Bull Run near Reading, PA on Saturday.

GE

I did not know how I would approach covering such an event, and jumping into the pen with the other sprinting idiots to capture the best footage, I found myself a party to cruelty.

It’s a rush, and like any other if you don’t keep it going you will crash. Along with the crash often comes the guilt over what you did while so enthralled. After the adrenaline of danger ebbed and I saw the fear in that animal’s eyes, I was crestfallen.

Asshole gets due.
Asshole gets due.

I believe in the strength of an earnest mea culpa – it’s not enough to weep over your mistake, we must at the very least endeavor to make our part in wrongdoing better.

We’ll be using our video today to get the word out about the plight of these animals, watch for our video this week.

And there was also a “Tomato Royale.”

Assholes waste vegetable food after torturing animal food.
Assholes waste vegetable food after torturing animal food.

A Refusal To Mourn The Death, By Fire, Of A Child In London – Dylan Thomas

Dylan_Thomas,_Maritime_Quarter,_Swansea

A Refusal To Mourn The Death, By Fire, Of A Child In London

By Dylan Thomas

Never until the mankind making
Bird beast and flower
Fathering and all humbling darkness
Tells with silence the last light breaking
And the still hour
Is come of the sea tumbling in harness

And I must enter again the round
Zion of the water bead
And the synagogue of the ear of corn
Shall I let pray the shadow of a sound
Or sow my salt seed
In the least valley of sackcloth to mourn

The majesty and burning of the child’s death.
I shall not murder
The mankind of her going with a grave truth
Nor blaspheme down the stations of the breath
With any further
Elegy of innocence and youth.

Deep with the first dead lies London’s daughter,
Robed in the long friends,
The grains beyond age, the dark veins of her mother,
Secret by the unmourning water
Of the riding Thames.
After the first death, there is no other.

Philly City Council Candidate Nikki Allen Poe Joins Calls to Free Imprisoned Journalist Barrett Brown

My friend Poe is running for Philadelphia City Council under issues including an end to abusive searches, weed decrim, and ridding our city of the arbitrary Philadelphia Parking Authority. I’m acting as Poe’s campaign manager.

IMG_20140423_132252

Speaking in support of Barrett Brown’s immediate release, Poe commented:

“We are trying to Spark a Change here in Philly by ending abusive law enforcement practices and taking a common sense approach to public safety, and really agreeing that a political prisoner should not be held and subjected to successive, inflated prosecutions, as far as change goes, doesn’t seem ground-breaking. Myself being prone to self-defeating internet and public outbursts, I further sympathize with Mr. Brown and urge his immediate freedom be secured.”

Another quick word from Poe:

You can hear more from this peach of a citizen here. I’m not just his manager, I’m his Rove.

Barrett pleaded guilty today to three counts, you can read all about his case at the Free Barrett Brown website. The introductory text below is reproduced from there (I’ll be publishing a review of Barrett’s new book in two shakes, stay on your guard).

Barrett Brown is an American activist, author, and freelance writer/journalist. His work has appeared in theGuardianVanity FairHuffington PostBusinessweekTrue/SlantSkeptical Inquirer and many other outlets. He has appeared as a guest on MSNBC, Fox News and Russia Today and as an interviewee in three recent documentary films: We Are LegionFuture Radicals, and Terms and Conditions May Apply.

He is the founder of Project PM, a distributed think-tank which researches and reports on matters related to the intelligence contracting industry. More recently, he has been misrepresented in the media as a spokesperson for the hacktivist collective known as Anonymous. He’s a co-author on Flock of Dodos: Behind Modern Creationism, Intelligent Design and the Easter Bunny, and had been working on additional books, with topics such as the failures of American media punditry and the early history of Anonymous, while maintaining a blog. Previously, Barrett had served as Communications Director for Enlighten the Vote.

Although Barrett had a serious side, he was also noted for his irreverence and use of humorsatire and hyperbole, demonstrated through writings for National Lampoon and The Onion and is often described as a modern-day Hunter S. Thompson.

Having previously been raided by the FBI on March 6, 2012 and not arrested or charged, on September 12, 2012 Barrett Brown was again raided and this time arrested by the Federal Bureau of Investigation while he was online participating in a Tinychat session. He was subsequently denied bail and detained without charge and adequate medical treatment for over two weeks while in the custody of US Marshals. In the first week of October 2012, he was finally indicted on three counts. related to alleged activities or postings on popular websites such as Twitter andYouTube.

On December 4, 2012 Barrett was indicted by a federal grand jury on twelve additional counts related to data from the Stratfor breach. Despite his lack of direct involvement in the operation and stated opposition to it, he faces these charges simply for allegedly pasting a hyperlink online. On January 23rd, 2013 he was indicted a third time on two more counts, relating to the March 2012 FBI raid(s) on his apartment and his mother’s house.

Barrett has pleaded not guilty in all three cases. He is currently incarcerated while awaiting trial. At this critical time, with such a prominent internet activist facing an extremely difficult legal battle and uncertain future, he needs our unwavering help and support. We encourage you to donate to his defense, so that he may have the resources he needs to fight these charges. Your prospective contribution has significance in a wider campaign for free speech and transparency both on the internet and across the world.”

Webinar by G4S on Marcellus Fracking Operation Security – “What the Frack?

This is now canceled, or renamed rather, and I was waiting to post about it until after attending. I am not surprised given the incendiary topic, but I am sad to miss what may have been some insight into the private-intelligence security apparatus protecting fossil fuel operations.  Carlos Barbosa of notorious security giant G4S was scheduled to talk about the “lessons learned, from a security perspective,” of for-hire policing of “one of the more active and profitable sources of shale gas today.” The webinar was to be held by Security Products.

marc

Best Five Comments on the Panic Hour Wing Bowl Video

IMG_20140131_063221

I attended Wing Bowl 22 with my good friends Poe and Rachael, and our coverage on video painted a less than flattering picture of the attendees and the event in general.  Some enthusiasts took issue with our portrayal. The following are the top 5 comments posted on the YouTube video, as shared by Poe on his facebook page. You can also watch the video below.

Gumby at WIng Bowl
Gumby at WIng Bowl

1. Are you scumbag fucks from philly? I Really hope not. If so I will definitely make it my job to run you out of my city. Your best bet would be to delete this account

2. Best part is at 1:15 where the condescending asshole gets corrected. What a tool.

3. Your r a homo. You interviewed the most wasted people there!!!!!!!! I would never go but they raise a lot of money for charity.

4.Fuck you if you dont like wing bowl Fuck you go to france you pansy,
cuz france is a cuntry of fag bois who luv peen and butthole.

And I like this last one:

5.So the Jason-Schwartzman-abortion, the bald dude, who looks like a community college professor, and the asian SJW-erette showed us that something, which just has to suck, indeed sucks. Time well spent guys. Keep making the world better and keep fighting the patriarchy and white men with a video that is on the level of Jay Leno’s Jaywalk.

2002 High Intensity Drug Trafficking Area Strategy Targeted Appalachia’s “Number One Cash Crop”

Screenshot - 01152014 - 03:45:14 PM

According to the 2002 annual report of the White House’s Office of National Drug Control Policy High Intensity Drug Trafficking Area (HIDTA) Program, the HIDTA effort in Appalachian states was focused on the production of marijuana. I found this interesting in the implications for how the federal government distinguishes areas of “high-trafficking,” which it has positively done in 13% of US counties since the program began.

From the report, which also notes that marijuana is a top agricultural product for the region:

Marijuana is the number one cash crop in the three states that comprise the Appalachia HIDTA. The states of Kentucky, Tennessee, and West Virginia, with less than 4 percent of the total U.S. population, produced 28.3 percent of the domestic marijuana supply, as measured in total eradicated plants in 2001. Marijuana usage rates in the area, however generally were below the national average.

Screenshot - 01152014 - 03:50:33 PM

On the “Shock” over those behind the “Close-Gitmo push”

Fox News has published a bunch of letters it appears they made stand together in groups at gunpoint.

Jason_Leopold_on_RT_Americaedit

The letter clusters highlight the appropriate shock that American citizens should apparently feel at the personal histories of those involved in efforts to obtain transparency regarding US detentions at Guantanamo Bay, Cuba, and the overall movement to have that US Naval base closed. The author, Jeffrey Gordon, formerly worked at Gitmo, and is irresistible to female journalists.

An apt rewrite was presented in the comments of a Facebook post of a subject of the impotent expose, Jason Leopold. The author of the rewrite, Sarah Kay, gave me permission to reproduce it on my blog. Enjoy enjoy enjoy:

“On saturday, January 11, a coalition of “close-Gitmo” forces is expected to march on Washington to commemorate the 12th anniversary of detention and interrogation operations.

Though the march from the White House to the National Museum of American History is purportedly about advancing those weird soviet concepts they call “human rights” and this absolutely inane, childish idea of “stopping torture”, a closer look at some of the participants Fox News has found through a vague Google search reveals a more troubling, some might say hidden, agenda. it was so hidden, I, investigative reporter JD Gordon, dug a few “facts” from my picnic basket.

If more real patriots knew who is behind this campaign, there would be nationwide outrage, somewhere in a forgotten Utah province sadly unreachable for comment due to the polar vortex, another proof there is no global warming, but I digress.

While everyone seems to agree on principle and on paper about those rights of the human beings to live under one flag and one god, and this idea what we should stop torture – in an ideal world where no terrorism exists -, Americans, all of them, any of them, should not be fooled by these false red flags with a gold hammer and a sickle meant to damage US power and prestige, that we thankfully restored with the use of torture.

Just dig a little deeper into this Wikipedia page that I made myself of who has been driving the anti-Gitmo disinformation campaign these past 12 years, and we discover an international, fervently anti-American, far-left coalition attacking the nation through a savvy propaganda effort. (*)

This includes those linked to Al-Qaeda financiers, those same men we seek to imprison and who joined the coalition as supporters of human rights; communist groups, anarchist movements directly derived from Proudhon – backed by sympathetic “independent” and non-White House approved press and politicians probably all living in the babylon that is New York City.

Let’s take a look at the key players:

Amnesty International. Along with HRW, AI was revealed as a partner organisation to Al Karama, a human rights non-profit run by Qatar’s Abdul Rahman Omeir Al-Naimi. To hammer my point home, I will link you to a beacon of perfect objectivity, Eli Lake.

Center for Constitutional Rights. CCR was founded by another communist lawyer probably joining a union in the 1960s, a sad time for the United States, a man who told the press his goal was to “destroy society from within”, a well-known anarchist theme overarching every single constitutional law class in the world. The Constitution itself was in fact the work of communists seeking to undermine the Founding Fathers. CCR’s signature work over the past decade was to coordinate the “Gitmo Bar Association” of 500 lawyers representing detainees. Lawyers representing detainees… be scared, America.

Reprieve. A British organisation that has clearly not read the memo we had sent Margaret Thatcher in order to force our former owner that they needed to comply with our intelligence methods, it pressures release of British citizens, under the false assumption that there is a “state sovereignty”. Here is a list of people British prisoner Shaker Amer is friends with, although we can not confirm he knows of their existence, but Richard Reid was a shoe-bomber, so clearly they must have known each other.

World Can’t Wait. Actor Sean Penn is in it; see another one of my pieces in which I advocate for the deportation of Sean Penn and deprivation of his US citizenship.

Jason Leopold. Leopold is a former Los Angeles Times investigative journalist with a checkered past that is clearly incredible, since no journalist that would fit Dianne Feinstein’s definition would dare ever have a life, a past, or abide by non-patriot behavior. Although I did not subpoena medical records, I can tell you that Jason Leopold suffers from mental illness (he is, after all, one of the key players of this “human rights” cult). Jason Leopold is a former investigative journalist and is currently employed by Al-Jazeera, but his pieces are long, complex, derived from personal investigation and fact-checking, he is advised by a lawyer, and has visited the prison numerous times; there is no need to dwell on the work, the man clearly has issues. I, investigative reporter JD Gordon, can officially attest of having been born last year, hereby having no past, and have never personally engaged into any kind of ethical reporting whatsoever. I will never end up in a weird 2005 WaPo piece written by one of my colleagues, a “media critic” (he hates the media).

This is who Obama is trying to appease.

BENGHAZI!!! FALLUJAH!!! AL-QAEDA!!! AL-QAEDA AFFILIATES!!

According to facts and numbers I will never source, one-third of prisoners that have been released have returned to terrorism (their homes, school, their families, etc – engaging in acts of terrorism).

PREVENTING TERRORISM!!!

JD Gordon is a retired Navy Commander and an objective member of the journalistic community of Fox News.

Research Hacking – Searching for Sensitive Documents on FTP; Captchas and the Google Governor

If you want to find *sensitive documents using Google search (*documents with impacting information which someone does not want revealed, more or less), I’ve found that in addition to targeting queries to search for specific domains and file types, an alternative and potent approach is to restrict your results to files residing on an ftp server. 

The rationale is that while many allow anonymous log-in and even more are indexed by Google, FTP servers are used more for uploading and downloading, storing files than viewing pages, and typically house more office-type documents (as well as software).  As limiting your searches to ftp servers also significantly restricts the overall number of results to be returned, choice keywords combined with a query that tells Google to bring back files that have “ftp://” but NOT “http://” or “https://” in the url yield a high density of relevant results. This search type is easily executed:

Screenshot - 12032013 - 08:10:35 AM

A caveat one encounters before long using this method is that eventually Google will present you with a “captcha.” Many, many websites use captchas and pretty much everyone who uses the internet has encountered one. The basic idea behind a captcha is to prevent people from using programs to send automated requests to a webserver, they are a main tool in fighting spam by thwarting bots that mine the internet for email addresses and other data, and which register for online accounts and other services en masse. The captcha presents the user with a natural language problem which they must provide an answer to.

Google is also continuously updating its code to make it difficult to exploit Google “dorks,” queries using advanced operators similar to one used above (but usually more technical and specific). Dorks are mostly geared toward penetration testers looking for web application and other vulnerabilities, but the cracker’s tools can easily be adapted for open source research.

Screenshot - 12032013 - 08:13:41 AM

Unless you are in fact a machine (sometimes you’re a machine, in which case there are solutions), this should be easily solved; however lately, instead of returning me to my search after answering the captcha, Google has been sending me back to the first search page of my query (forcing me to somewhat start the browsing process again and to encounter another captcha). I’m calling it a Google Governor, as it seems to throttle searchers’ ability to employ high-powered queries.

The good news is that the workaround is really just smart searching. One thing you’ll notice upon browsing your results is that dozens of files from the same, irrelevant site will be presented. Eliminate these by adding -inurl:”websitenameistupid.com” (which tells Google NOT exactly “websitenameistupid.com” in the url). Further restrict your results by omitting sites in foreign domains (especially useful with acronym-based keyword searches): -site:cz -site:nk.

When you find an ftp site which looks interesting, copy and past the url into a client like Filezilla for easier browsing.

To give you an idea of the sensitivity of documents that can be found: One folder was titled “[Name] PW and Signature,” which contained dozens of files with passwords as well as .crt, .pem, and .key files; another titled “admin10” contained the file “passwords.xls.” This was the site of a Department of Defense and Department of Homeland Security contractor – the document contains the log-in credentials for bank accounts, utilities, and government portals. This particular document is of more interest to the penetration tester; for our purposes it serves as a meter for the sensitivity of the gigabytes of files that accompanied it on the server. The recklessness of the uploader exposed internal details of dozens of corporations and their business with government agencies.

The hopefully sufficiently blurred "passwords.xls"
The hopefully sufficiently blurred “passwords.xls”

*As of this writing, the FTP mentioned above is no longer accessible