Matthew Keys, Reuters' deputy social media journalist has been suspended from his job, but the liberal news outlet is keeping him on the payroll. They've dismantled his work station, but not his computer. So that sums up their attitude: doing the minimum to still look like a capitalist corporation that has to do due diligence when one of their own is found to be charged with hacking their fellow news media, but expressing their tacit support by waiting to see if the charges stick.
The search warrant is now online, and makes for interesting reading, where you can discover the following:
o Yahoo turned over email materials to the investigation
o There isn't just some minor hack of a news article on the LA Times, as the tech symps keep claiming, restored in 30 minutes, but the issue of the theft of the Fox affiliate's email address list, which seems to include government email lists
o Damage to Tribune Media's server is set at $17,650.40 for 333 man hours and doesn't include costs related to the stolen email list affecting Fox 40 News in Sacramento nor ad revenue losses taken as a result of the attack
o There are at least two different IP addresses attached to the AESCracked account said to be run by Matthew Keys
o Other non-news stuff like "Adrian Lamo is gay"
Best quote? In the title of this blog -- about taking part in a hacking operation and thinking it will have no consequences. AESCracked says "Boomerangs don't always return to the thrower" after giving the hackers the passwords. And one of the hackers says: "This one will." Indeed.
So today Keys -- who is back perkily tweeting today and accepting well-wishers' concern and seeming to stave off one offer of Anonymous "court support" (does that mean stalking the prosecutors to their homes like Anon is doing to Carmen Ortiz from Swartz's case?!) -- announced that he had a pair of crack lawyers already notable (notorious) for defending Anonymous.
As @revmagdalen, a Twitter user who is often critical of Anonymous and WikiLeaks pointed out, if you are trying to show that you were *not* with Anonymous on a hacking operation, it hardly seems prudent to have accepted the pro-bono assistance of Anonymous-associated lawyers, but Keys said forthrightly that he didn't care about their past cases.
The Reverand is concerned about the defendant's rights in the hands of these lawyers and thinks it's not good if these work for The Cause through their client.
The attorneys do have a "progressive" agenda and seem to be trying to "write new law" as aggressive and vain lawyers are wont to do, and at least one of whom, Jay Liederman, loves the idea of the "DDoS as a sit-in" like the Woolworth's counter. Nonsense. The blacks in the 1960s demonstrating for their civil rights were asking for equality before the law, not taking other people's rights away. They politely entered stores, paid for a few purchases, then sat normally at the lunch counter like other folks. They were not disruptive. They didn't close down the entire store or make it unusable for other people. But that's what Anonymous does -- takes away other people's rights to freedom of association and expression, and closes down their business or nonprofit for varying periods, causing damage for clean-up and restoration. It's completely ridiculous to compare these very different types of protest, one non-coercive and the other coercive.
I don't know quite why Reverend is running a Bide-A-Wee Home for Wayward Anons (see Franny and Zooey) on her Twitter stream and worrying about their legal defense, to the effect that crusading lawyers shouldn't turn their clients into poster boys for their causes and should try to get them off. But... There will be plenty of others to worry about them getting off, and I'm more interested in seeing that justice is served -- and I believe that the feds would not bring this case after a year unless they felt they could make it airtight in court.
The operative point today from the lawyers speaking on the Kremlin tool Alyona Minkovsky's live Huffpo show is that -- surprise, surprise -- their client is not guilty (she used to run her propaganda spigot more directly at the Kremlin-funded RT, but now she is one thin layer removed at Huffpo, which makes it more "respectable," I guess).
And Jay Liederman, the attorney associated with the pro-DDoS position, says that Matthew Keys did not hack the site. When pressed rather gingerly by a Huffpo anchor who in fact was very supportive of the hacker throughout the show, as to whether or not his client was AESCracked, the pseudomyn of the person who gave the passwords to the Tribune news sites, he gets vague and starts saying that some of the time AESCracked was his client, but some of the time he was not.
Now, just a minute here. How is that going to be established? The problem with this IRC channel stuff is that the people operating the channel might scrub this information, but maybe some of it is retrievable from the ISP. It's true that when you log on to channels, you can just make up a name. So different people could use different names.
But the channel operator or moderator will have your IP address. And that's just what kayla -- that notorious kayla of LulzSec infamy -- asks for in this chat.
Now, here's what needs explanation -- and either it has one, that isn't going to be favourable to Keys, or it will prove his lawyers' point that he wasn't in control of this account or this name the entire time.
First, the search warrant from the agent says this:
p. 11 "email@example.com was registered by someone purporting to be MATT KEYS from a zip code of 95824 for Sacramento, California; these values are set by the user upon account creation and are not subject to verification. The account was activated on December 2, 20010 and accessed only once by the user. The IP addressed used to access this account was 22.214.171.124 and resolved to a location in Sacramento, California. An attempt to identify the user of this IPO address was unsuccessful.
Now, that's the alibi that could be used throughout -- oh, IP addresses are dynamic. Oh, you can't figure out who really owns them, blah blah blah. But as we know perfectly well, this is just geekitude, and in fact IP addresses can stay static; they can also be dynamic but still on a range that still shows location; and it can be triangulated with other information to pinpoint identity. As I've pointed out many times, the very reason that every website in the Metaverse uses your IP address to enable your log on or your history or your access to certain things is because this is indeed an identifier, and good enough of one for the purposes of the functioning of the Internet -- and identification of you on a persistent basis. People who keep warbling on about how this isn't the case are just trying to Fisk and distract from the smoking guns.
Even so, there's this:
When the Anonymous hacknarchists (I don't like the cutesy name "hacktivist" and won't use it on them as it implies they do good social activism which they mainly do not) suspect that AESCracked is an informant, they expel him from the chat room. Then kayla asks for his IP address:
Client connecting at belldandy.anonops.ru:A2SCracked (A2SCracked@75-53-171-204.lightspeed.nscrca.sbcglobal.net)
Then kayla says: "that's a real IPS" -- and indeed it is, because it shows a Sacramento location, it's not an anonymizer.
Then later, another LulzSec operative asks for and gets the IP addresses of AESCracked and gets these: 126.96.36.199 188.8.131.52
These could be anonymizers and they show the UK as a location -- that's my understanding of it but someone who is a "computer scientist" can examine all this and tell me what they think.
So the alibi is either/and a) you can't tell what my client's IP address is because it doesn't show that much information to locate him b) IP addresses aren't identifiers because they are dynamic c) look at these different ones ascribed to him in this one chat log.
Mkay, but yah, whatever. No sale from where I sit. It's really a stretch to think that first AESCracked comes on and offers passwords and eggs the hackers on, then somebody else hijacks/hacks/takes/uses his account from somewhere else, to do other stuff, more serious, like take Fox affiliate emails? I find that hard to believe.
This is just my first rough take from reading this quickly and I will try to find more time to study it later.
Meanwhile, some other interesting Anoniana: one of them says at one point "never the media" at the offer of hacking the Fox affiliate. As if Anonymous as some thieves' law that they don't hack media, so that they are not accused of harming the First Amendment freedom they seek. Nonsense, of course, because they've hacked Gawker, PBS and other media sites and they do all count as media.
Then AESCracked argues essentially, "but Fox isn't media". And the Anon reasons thusly, even with bad spelling:
"you're correct but people percieve them to be media, and that would be very bad for us"
Yeah. Truly. But you are bad. So meh.
And they go and hack the Fox stuff anyway. So much for thieves' law.
As we know, Parmy Olson, who wrote the door-stop book on Anonymous, says that she asked Keys if he did the hack and he denied it.
But she didn't put all of this in her book, and I challenge her about this at the Forbes site, because I think she is just protecting her journalsts' tribe there (and it's part of minimizing the crimes of Anonymous and their infection of society, too).
In fact, she seems to be part of what has outed his involvement, as her book is mentioned in the search warrant. But Keys himself bragged of his involvement. Motivation? Well, it looks to me like it's this -- wanting to belong:
It disappoints me because there was a good chunk of time when I didn't fit in anywhere, and finally I fit in somewhere, even if it was among a group of renegade criminals. You guys were funny and smart and very patient even though I'm internet dumb. And then this happens and it sucks balls
He's disappointed that they are accusing him of leaking to the feds. Not clear exactly how that worked, with Sabu deliberately, or because Sabu was working for the feds and leaked him.
But the lawyers claimed today that Keys was "on assignment," that he did this hack merely as part of a caper whereby he wanted to gain the confidence of Anonymous hackers that he was studying in the IRC channel, in order to "do a story".
Well, I instantly thought of the Food Lion defense and how that notion didn't work. That is, Food Lion was specifically about using the deception of an employment application at a supermarket, to enable journalists to work undercover in the store to cover bad conditions. But it's in the larger sense philosophically (even if not technically or legally) about how you can't commit a felony, then get exonerated from it by saying you were "doing a story" as a journalist, and you "needed" to do it this way for cover. This case is taught everywhere as an ethics issue in journalism schools, and I've never seen anybody claim in the press freedom community claim that this court decision should have been different. You don't get to feign employment and defraud an employer, or commit a felony like hacking and stealing and defacing, in order to "get the story".
I couldn't help thinking how this comes back to my muting and defriending by Anthony de Rosa, the director of social media for Reuters, whom I confronted on Facebook for his tendentious coverage of OWS on the Brooklyn Bridge, and asked him to stop trying to make the news, and just cover it. Because indeed, these that's what happens when he joins the Jacobins and the Marxist-Leninists in trying to justify bridge occupation.
Reuters should ditch these social media mavens who are just crypto-revolutionaries in their midst trying to overthrow the institution. Yes, I mean that. It's not journalism.
I will be watching very carefully to see if the Committee to Protect Journalists caves under the ferocious pressure they have been under now for years by the Electronic Frontier Foundation, who has one of their operatives now on the staff, and takes up Keys as a "journalist's case".
It doesn't at all appear to be one, whatever the lawyers are bluffing with.
Some other noise on the Internet -- the wacky Internet life of Matthew Keys, who led a "double life," as a journalist by day and a nerd nuisance by night trolling people. Did you know that Keys is a "famous Internet troll" and has an entry at Encyclopedia Dramatica? And so on. There are plenty of comments around, i.e. on Gawker to let us know that Keys is a douche -- stalking people, playing the victim, being an ass, whatever. It's immaterial to his case, however. Sabu or any number of "Internet enforcers" may have felt that this guy needed to go down -- and maybe they set him up and burned him, especially because he wrote negatively about them.
But really what this case comes down to is whether these lawyers can make the case that their client's attachment to AESCracked and these IP addresses sticks or not. We don't know everything the feds may have come up with to show that these things all stick, but I have a feeling that they do have the goods.
"you've been part of this operation," says tflow, one of the Lulzsec hackers.
Here's Mr. Alibi coming down the tracks:
"AESCracked: I've never been part of the operation.
AESCracked: Just a lurker ; )"
And yet he distinctly came in the chat room, gave the passwords, then said "go get 'em". So we'll see.
Hey, I should apply to be the Reuters deputy social media journalist, I have an entry at Encylopedia Dramatica, too!