31 October 2015
Wikileaks honeypot/SAIC whistlebreaker update
From: nobody
Subject: Wikileaks honeypot/SAIC whistlebreaker update
Date: Fri, 30 Oct 2015 16:56:29 +0100 (CET)
Wikileaks is not offering a search of Cryptome - the files are hosted on
their server as a honeypot for snatching user data for who knows what.
There are subtle sneaky differences that give it away.
Look at the html source code for
https://cryptome.wikileaks.org/frontpage
and
https://cryptome.org.
Why the code changes? What else is different?
Look at the SSL certs, the WL mirror uses its own and its own SSL crypto.
May not even be valid certs.
http://www.computing.co.uk/ctg/news/2430138/fake-banking-websites-issued-with-ssl-certificates-by-symantex-comodo-and-godaddy
and
http://www.pcworld.com/article/2999146/encryption/google-threatens-action-against-symantec-issued-certificates-following-botched-investigation.html
Look at the traceroutes.
traceroute to cryptome.wikileaks.org (195.35.109.44), 20 hops max, 40 byte
packets
1 208.64.252.229.uscolo.com (208.64.252.229) 0.409 ms
0.454 ms 0.545 ms
2 199.197.11.45.uscolo.com (199.197.11.45) 0.550 ms
0.594 ms 0.599 ms
3 199.197.10.25.uscolo.com (199.197.10.25) 1.133 ms
0.889 ms 1.161 ms
4 31.217.128.5 (31.217.128.5) 0.412 ms 0.453 ms
0.456 ms
5 s1.eq1.ams.ixreach.com (91.196.186.78) 66.691 ms
66.711 ms 66.722 ms
6 91.196.187.50 (91.196.187.50) 158.441 ms 158.423
ms 175.391 ms
7 r2.thn.lon.ixreach.com (91.196.184.182) 164.760 ms
164.769 ms 164.755 ms
8 r1.tc2.ams.ixreach.com (91.196.184.138) 169.547 ms
170.111 ms 169.575 ms
9 blix.telecity5.nl-ix.net (193.239.116.75) 195.183 ms
195.550 ms 195.450 ms
10 te-9-1.dig-osl.blix.com (31.169.49.33) 195.238 ms 195.390
ms 195.433 ms
11 po-8.hmg-osl.blix.com (31.169.49.90) 195.161 ms 195.315
ms 195.414 ms
12 po-2.sa-hmg-osl.blix.com (178.255.145.162) 196.934 ms
196.696 ms 195.632 ms
traceroute to cryptome.org (209.17.116.160), 20 hops max, 40 byte packets
1 208.64.252.229.uscolo.com (208.64.252.229) 0.382 ms
0.435 ms 0.480 ms
2 199.197.10.6.uscolo.com (199.197.10.6) 0.743 ms
0.802 ms 0.811 ms
3 199.197.10.25.uscolo.com (199.197.10.25) 0.984 ms
1.026 ms 0.979 ms
4 c-5-144-66-207.lax.ca.wolfe.net (207.66.144.5) 0.904
ms 1.056 ms 1.109 ms
5 ACCRETIVE-T.edge2.Atlanta4.Level3.net (4.53.238.38) 52.495
ms 52.515 ms 52.716 ms
6 xe-9-2-2.edge2.Atlanta4.Level3.net (4.53.238.37) 50.834
ms 50.917 ms 51.021 ms
7 vl-3518.car2.Atlanta1.Level3.net (4.69.206.25) 51.413
ms 51.295 ms 51.472 ms
8 FIDELITY-IN.car2.Atlanta1.Level3.net (4.71.22.42) 52.250
ms 52.286 ms 52.300 ms
9 (209.17.112.46) 51.437 ms (209.17.112.42)
51.840 ms 51.962 ms
10 209.17.116.160 (209.17.116.160) 52.003 ms 52.281 ms
51.944 ms
The fellow that told me about his whistlebreaker project isn't here anymore.
Only a sub-subcontractor here for one phase of a project, paid from a special
fund. Friend says he had no HR records except his checks and security info.
Talk to Wikileaks, find out whos idea it was and who executed it. Snake oilers.
|
![[Image]](cryptome-20.jpg)