As the operators of www.elstel.org we have received mailings from so called advertising agencies every now and then. They wanted to place text and banner ads on our site. However by asking back we found out that these offers were not about simply placing ads for certain products on our site. These agencies have had inquired for a very different business: They wanted to publish payed comments faking a real discussion as made up by users visiting our site.
They would have offered us 10 - 15 USD per posting and month as an opt-in payment looking ahead to respective increases as soon as our site would become increasingly popular. We experienced what can be called the real secret of success of popular bloggers from a very different side: The skillful placing of ads. Only those who advertise in the right way (i.e. subliminally and hardly noticeable for the visitors) will be linked and will thus be able to enjoye more traffic or site visits.
We do not sell our soul! Since we have clearly refused these requests (The suggested propositions would act against our ethical believe) we have not been pestered any more. Unfortunately we are not allowed to publish our correspondence here due to a “non disclosure agreement”:
Another mail did not contain any of these subliminally threatening clauses. We have decided to publish it in a slightly modified way with different names:
Hello, My name is Ernest and I'm sending you this message because I think your site http://www.elstel.org would be perfect for my some of my clients. I'll explain, I'm an advertising representative and I'd like to discuss with you about the possibility of you offering us advertising space (for my clients) on your site. We are interested in sponsored (paid) posts and banners. Thanks, Ernest Cunningham Business development www.advertisingXY.com
However this is not yet all which needs to be said. A short time before we could have published our article “Plastic Synthetics, Environment and Health” I had to make a painful experience. ‘ The computer on which I was writing my new article had been cracked. After the lettering “dangerous” faded in for short OpenOffice crashed and the file into which I had saved my article shortly before was suddenly lost. I instantaneously disconnected my computer from the internet by unplugging the ethernet cable. After relaunching OpenOffice it did not announce the crash nor was there any possibility to recover the file that had been edited while the computer had crashed. OpenOffice just launched the way as if nothing would have happened. Thinking myself save because my computer was already offline I simply plugged in an USB stick with a routine copy from before. The file with a copy of my article suddenly became deleted. Unbelievable! The crackers did know about my safety copy and how to trigger a deletion for it after the computer had gone offline.’ The incident has delayed the publishing of the article for more than one year. Large parts needed to be re-written from scratch (That was right before the summer 2011). There have been countless attacks on computers under my maintenance since May 2008 (The first time even with a speech message ‘Oh what do we have here? A wordbook German - Portuguese; haha - that were are going to delete now.’).
An attack of a very different kind took place in 2011 in Puno, Peru when the author was on a trip through South America. The small Atom notebook which was fitting into my carry-on luggage had been freshly installed from a DVD (verified download) with RedHat/SELINUX. It had not been connected with the internet at all until then as well as during the installation. The only thing which I had done this time with my notebook was directly entering the URLs of two banks: that one of the Hypo Alpe Adria and the Schoellerbank. I just had to do so because there was no public computer close to me while I had run out of money on my checkings account. After this I continued my journey. I got stuck for more than a week in the Bolivian selva because they blocked the street in both directions. When I arrived in Brazil I recognized that the little Atom notebook had become cracked during those few minutes in Puno where I had gone online. Important system files had been replaced (the glibc being among these) and only these core packages had been modified as I could find out by installing a 1:1 copy of exactly the same system as before from the same DVD with the same packages in another partition. The computer had no more been online since my visit in Puno. Consequently it was also cracked there. The interesting thing about it was that the security certificate of one of both banks (connection via https) needs to have been falsified in order to make this possible (The bank itself would hardly crack their own customer). Even though it happens every now and then that such security certificates become falsified by criminals I would consider this possibility very unlikely as the falsification has also never been uncovered. It needs to be considered much more likely that the intrusion has been conducted by a secret service or intelligence agency. Such services are known to posses hundreds of rogue security certificates for their own use.
Apart from these three major attacks I had to take countless “pinpricks” like my postings being prevented on Facebook or www.orf.at (As far as the connection to the internet or the respective server gets interrupted your browser will normally show an error message; however here it was simply possible to send the posted messages without any error message. Nonetheless the posted messages did never occur readably for the public.). Even more emails can be blocked and telephone calls can be re-routed: Once I had been to Villach the town near where I live. When I had to make a phone call with my cellular I started to be connected with a wrong person all the time. This although I had double checked the stored phone number and in spite of having retried many times. As there was no working telephone box around (today every one has a mobile phone) I decided to enter the branch office of Bank Austria next to me and started to tell the clerk who had welcomed me there what has happened. Fortunately he did not hesitate for long, disappeared a while in his room and came back out again with a cable telephone after a while which he put on the counter. As there currently were no other customers around I was up to having an untroubled telephone call &hdots; Many Thanks, again!
However it could likely be that there are more ruthless methods how unwelcome people can be kept away from the internet. Once upon a day our internet connection did fail once again. After our telecom agency had checked for our cable the umpteenth time the technition from Telekom Austria insisted in the claim that the error could only be on our side. We would need to pay for someone to come and resolve the issue. We did finally consent. However the repsonsible technition could not find any error on our side (he tried it with his own machine.). A few days later we received a telephone call and the problem was resolved: An error had crept into our customer record. Possibly the error would have been caused by an update though he could not explain either why we were the only affected customer. That was all the details we could elicit.
There are countless possibilities for technical defects. Unfortunately it can often be hard to say whether something is a technical defect or the result of sabotage or a well targeted manipulation. Likewise we were not able to contact an important server of elstel.org from time to time. Any other peer or server could be contacted without any problem. In response to our question whether there was a problem with this server we were said that the server would be reachable from any tested subnet without problems. Finally we could resolve the problem by connecting to this server via VPN or Tor. Once another time people whom we knew told us that it was not possible to open a certain link on our page. We have tested it from our net and the server (from Russia) was reachable without any problem. It is consequently very plausible to suppose that there does not just exist the possibility to replace a known server by another (as done in the Hypo Alpe Adria / Schoellerbank attack) with regards to a certain internet user but that it is also possible to selectively block the access to certain servers in the net (when no faked mirror is put in place).
As a consequence of all these incidents the only feasible decision was to write all new articles on a computer which is permanently offline. Therefore we do not use a content management system either. We do also strive to provide good security for our users as far as we have the technical opportunity to do so. That is also the reason why we have changed to a hosting provider that supports DNSSEC/DANE (dotplex.de). With DANE the domain name servers return a signature for the security certificate of the site you wanna visit. That way you can be certain that the certificate does really belong to the site (or the domain) you wanna visit and that you do not connect to a mirror server installed by intelligence services which may compromise your computer.
‘Those who fell asleep in a democracy may wake up in a totalitarian nightmare soon.’ As it seems citizens pursuing their deomcratic rights pose a thorn in the side of “corporocracy” (or however we wanna call the powerful). It is far about more than just spying. We do think of the creation of broadly applicable “offenses of opinion” like already pursued in many European countries as very alarming. This should lay a base for proceedings put under public law which would otherwise be illegal and unlawful. Increasing infringements of the freedom to demonstrate need to alarm all of us. Isn`t it infamous when direct democracy is depreciated by state television? Fend against the beginnings or that is to say the scandals which have already become public!
It is very difficult if not impossible to secure a computer that far that western intelligence services do not have full-fledged access to it. Your computer may already become cracked by visiting a compromized internet site with your browser. Sites often used by admins and other users are mirrored by intelligence services in order to redirect users to the mirrored site. If DNSSEC/DANE was sufficiently implemented as part of modern browsers and if enough servers on the internet supported DANE so that you may restrict your browser to only visit sites secured by DANE then this security leak was fixed. There is a similar problem with your email program. Unfortunately only a few emails restrict themselves to plain text while HTML mails or mails with pictures pose a security risk.
Nonetheless things have even become worse. Since about 2008 all modern PCs have a component called Intel ME (Management Extension). This component was virtually designed to allow remote maintenance for your PC. However intelligence services may exploit security vulnerabilities of this component in order to log into any computer they want to. The Intel ME contains signed code which can not simply be exchanged, fixed or switched off. It is executed by a second independent processor on its own in parallel to the main CPU. With newer computers the main CPU shuts down immediately after boot if the Intel ME is not running.
In spite of these restrictions some companies have succeeded to offer computers with disabled Intel ME: System76 und Purism. On elder copmuters (fromafter 2008; i.e. on Core 2 systems) it may still be possible to switch off the Intel ME by hand. You may try to do so with mecleaner. You may also ask about the Intel ME on IRC (Internet Relay Chat) of freenode.net at #coreboot and #flashrom.