Category Archives: Internet threats

SECURE COMMUNICATION INTEROPERABILITY PROTOCOL (SCIP) by NSA-pdf

SECURE COMMUNICATION INTEROPERABILITY PROTOCOL (SCIP)
The Secure Communication Interoperability Protocol (SCIP) is a communications standard developed bythe National Security Agency (NSA) to enable interoperable secure communications among allies andpartners around the globe.

The SCIP-210 Signaling Plan is the specification that defines the application layer signaling used tonegotiate a secure end-to-end session between two communication devices, independent of networktransport. SCIP negotiates the operational mode (e.g., voice, data, etc.), the cryptographic algorithmsuite (e.g., Suite A, Suite B, etc), and the traffic encryption key used for each secure session. It alsoprovides capabilities for cryptographic synchronization and operational mode control betweencommunicating end-point devices. SCIP is designed to operate over any network and is currently utilizedin devices operating on a wide variety of networks including PSTN, ISDN, CDMA, GSM, IP, and satellite.Potential developers of SCIP devices may contact the NSA SCIP Program Office atSCIP_POC@missi.ncsc.mil for further information. The SCIP-210 Signaling Plan is available withoutrestrictions on its use for the development, manufacture, and sale of SCIP products. Compliance andinteroperability testing will be necessary to ensure secure interoperability between the wide variety of current and future SCIP products

SCIP-210Revision 3.219 December 2007vii

LIST OF FIGURES
Figure 1.6-1 SCIP Application State Diagram – Point-to-Point…………………………………………..11 Figure 1.6-2 SCIP Protocol Layer Diagram – Point-to-Point………………………………………………12 Figure 1.7-1 Process Diagram Symbols……………………………………………………………………………13 Figure 2.1-1(a) Transport Layer Signaling Time Line (Framed)…………………………………………17 Figure 2.1-1(b) Transport Layer Signaling Time Line (Full bandwidth-to-Framed)………………18 Figure 2.1-1(c) Transport Layer Signaling Time Line (Full bandwidth-to-Full bandwidth)……18 Figure 2.1-2 Transmission Frame Group………………………………………………………………………….19 Figure 2.1-3 ESCAPE Processing…………………………………………………………………………………..24 Figure 2.1-4(a) Message Transmission…………………………………………………………………………….31 Figure 2.1-4(b) Message Transmission (Cont.)…………………………………………………………………32 Figure 2.1-5(a) Message Reception…………………………………………………………………………………35 Figure 2.1-5(b) Message Reception (Cont.)……………………………………………………………………..36 Figure 2.2-1(a) FIREFLY Secure Call Setup Signaling Time Line……………………………………..39 Figure 2.2-1(b) PPK Secure Call Setup Signaling Time Line……………………………………………..41 Figure 2.2-2 Capabilities Message Transmission………………………………………………………………57 Figure 2.2-3 Capabilities Message Reception Unique Processing……………………………………….60 Figure 2.2-4 Common Capabilities Message Processing……………………………………………………62 Figure 2.2-5 Parameters/Certificate Message Transmission……………………………………………….70 Figure 2.2-6(a) Parameters/Certificate Message Reception………………………………………………..72 Figure 2.2-6(b) Parameters/Certificate Message Reception (Cont.)…………………………………….73 Figure 2.2-6(c) Parameters/Certificate Message Reception (Cont.)……………………………………..74 Figure 2.2-7 F(R) Message Transmission…………………………………………………………………………79 Figure 2.2-8 F(R) Message Reception……………………………………………………………………………..81 Figure 2.2-9 Cryptosync Message Transmission……………………………………………………………….84 Figure 2.2-10 Cryptosync Message Reception………………………………………………………………….86 Figure 2.3-1(a) Notification Message Signaling Time Line (Full Bandwidth to Framed)……..107 Figure 2.3-1(b) Notification Message Signaling Time Line (Framed to Framed)………………..107 Figure 2.3-1(c) Notification Message Signaling Time Line (Full Bandwidth to FullBandwidth)…………………………………………………………………………………………..107 Figure 2.3-1(d) Mode Change Signaling Time Line………………………………………………………..108 Figure 2.3-1(e) Two-Way Resync Signaling Time Line…………………………………………………..108 Figure 2.3-2 Notification Message Processing (Connection Terminate)…………………………….115 Figure 2.3-3(a) Notification Message Processing (Native Clear Voice/Connection Idle)……..117 Figure 2.3-3(b) Notification Message Processing (Native Clear Voice/Connection Idle)(Cont.)…………………………………………………………………………………………………118 Figure 2.3-4 Notification Message Receive Processing (CKL Transfer)…………………………….124 Figure 2.3-5 Notification Message Processing (Secure Dial)……………………………………………126 Figure 2.3-6 Notification Message Processing (Attention)……………………………………………….130 Figure 2.3-7 Notification Message Processing (Secure Update)………………………………………..133 Figure 2.3-8 Mode Change Processing…………………………………………………………………………..135 Figure 2.3-9 Two-Way Resync Processing…………………………………………………………………….140 Figure 3.2-1 Application Timeout Processing…………………………………………………………………151 Figure 3.3-1 Secure MELP Voice Transmission Format – Blank and Burst……………………….154 Figure 3.3-2 Sync Management Frame Format – Blank and Burst…………………………………….154

SCIP-210Revision 3.219 December 2007vii

LIST OF FIGURES
Figure 1.6-1 SCIP Application State Diagram – Point-to-Point…………………………………………..11 Figure 1.6-2 SCIP Protocol Layer Diagram – Point-to-Point………………………………………………12 Figure 1.7-1 Process Diagram Symbols……………………………………………………………………………13 Figure 2.1-1(a) Transport Layer Signaling Time Line (Framed)…………………………………………17 Figure 2.1-1(b) Transport Layer Signaling Time Line (Full bandwidth-to-Framed)………………18 Figure 2.1-1(c) Transport Layer Signaling Time Line (Full bandwidth-to-Full bandwidth)……18 Figure 2.1-2 Transmission Frame Group………………………………………………………………………….19 Figure 2.1-3 ESCAPE Processing…………………………………………………………………………………..24 Figure 2.1-4(a) Message Transmission…………………………………………………………………………….31 Figure 2.1-4(b) Message Transmission (Cont.)…………………………………………………………………32 Figure 2.1-5(a) Message Reception…………………………………………………………………………………35 Figure 2.1-5(b) Message Reception (Cont.)……………………………………………………………………..36 Figure 2.2-1(a) FIREFLY Secure Call Setup Signaling Time Line……………………………………..39 Figure 2.2-1(b) PPK Secure Call Setup Signaling Time Line……………………………………………..41 Figure 2.2-2 Capabilities Message Transmission………………………………………………………………57 Figure 2.2-3 Capabilities Message Reception Unique Processing……………………………………….60 Figure 2.2-4 Common Capabilities Message Processing……………………………………………………62 Figure 2.2-5 Parameters/Certificate Message Transmission……………………………………………….70 Figure 2.2-6(a) Parameters/Certificate Message Reception………………………………………………..72 Figure 2.2-6(b) Parameters/Certificate Message Reception (Cont.)…………………………………….73 Figure 2.2-6(c) Parameters/Certificate Message Reception (Cont.)……………………………………..74 Figure 2.2-7 F(R) Message Transmission…………………………………………………………………………79 Figure 2.2-8 F(R) Message Reception……………………………………………………………………………..81 Figure 2.2-9 Cryptosync Message Transmission……………………………………………………………….84 Figure 2.2-10 Cryptosync Message Reception………………………………………………………………….86 Figure 2.3-1(a) Notification Message Signaling Time Line (Full Bandwidth to Framed)……..107 Figure 2.3-1(b) Notification Message Signaling Time Line (Framed to Framed)………………..107 Figure 2.3-1(c) Notification Message Signaling Time Line (Full Bandwidth to FullBandwidth)…………………………………………………………………………………………..107 Figure 2.3-1(d) Mode Change Signaling Time Line………………………………………………………..108 Figure 2.3-1(e) Two-Way Resync Signaling Time Line…………………………………………………..108 Figure 2.3-2 Notification Message Processing (Connection Terminate)…………………………….115 Figure 2.3-3(a) Notification Message Processing (Native Clear Voice/Connection Idle)……..117 Figure 2.3-3(b) Notification Message Processing (Native Clear Voice/Connection Idle)(Cont.)…………………………………………………………………………………………………118 Figure 2.3-4 Notification Message Receive Processing (CKL Transfer)…………………………….124 Figure 2.3-5 Notification Message Processing (Secure Dial)……………………………………………126 Figure 2.3-6 Notification Message Processing (Attention)……………………………………………….130 Figure 2.3-7 Notification Message Processing (Secure Update)………………………………………..133 Figure 2.3-8 Mode Change Processing…………………………………………………………………………..135 Figure 2.3-9 Two-Way Resync Processing…………………………………………………………………….140 Figure 3.2-1 Application Timeout Processing…………………………………………………………………151 Figure 3.3-1 Secure MELP Voice Transmission Format – Blank and Burst……………………….154 Figure 3.3-2 Sync Management Frame Format – Blank and Burst…………………………………….154

SCIP-210Revision 3.219 December 2007vii

LIST OF FIGURES
Figure 1.6-1 SCIP Application State Diagram – Point-to-Point…………………………………………..11 Figure 1.6-2 SCIP Protocol Layer Diagram – Point-to-Point………………………………………………12 Figure 1.7-1 Process Diagram Symbols……………………………………………………………………………13 Figure 2.1-1(a) Transport Layer Signaling Time Line (Framed)…………………………………………17 Figure 2.1-1(b) Transport Layer Signaling Time Line (Full bandwidth-to-Framed)………………18 Figure 2.1-1(c) Transport Layer Signaling Time Line (Full bandwidth-to-Full bandwidth)……18 Figure 2.1-2 Transmission Frame Group………………………………………………………………………….19 Figure 2.1-3 ESCAPE Processing…………………………………………………………………………………..24 Figure 2.1-4(a) Message Transmission…………………………………………………………………………….31 Figure 2.1-4(b) Message Transmission (Cont.)…………………………………………………………………32 Figure 2.1-5(a) Message Reception…………………………………………………………………………………35 Figure 2.1-5(b) Message Reception (Cont.)……………………………………………………………………..36 Figure 2.2-1(a) FIREFLY Secure Call Setup Signaling Time Line……………………………………..39 Figure 2.2-1(b) PPK Secure Call Setup Signaling Time Line……………………………………………..41 Figure 2.2-2 Capabilities Message Transmission………………………………………………………………57 Figure 2.2-3 Capabilities Message Reception Unique Processing……………………………………….60 Figure 2.2-4 Common Capabilities Message Processing……………………………………………………62 Figure 2.2-5 Parameters/Certificate Message Transmission……………………………………………….70 Figure 2.2-6(a) Parameters/Certificate Message Reception………………………………………………..72 Figure 2.2-6(b) Parameters/Certificate Message Reception (Cont.)…………………………………….73 Figure 2.2-6(c) Parameters/Certificate Message Reception (Cont.)……………………………………..74 Figure 2.2-7 F(R) Message Transmission…………………………………………………………………………79 Figure 2.2-8 F(R) Message Reception……………………………………………………………………………..81 Figure 2.2-9 Cryptosync Message Transmission……………………………………………………………….84 Figure 2.2-10 Cryptosync Message Reception………………………………………………………………….86 Figure 2.3-1(a) Notification Message Signaling Time Line (Full Bandwidth to Framed)……..107 Figure 2.3-1(b) Notification Message Signaling Time Line (Framed to Framed)………………..107 Figure 2.3-1(c) Notification Message Signaling Time Line (Full Bandwidth to FullBandwidth)…………………………………………………………………………………………..107 Figure 2.3-1(d) Mode Change Signaling Time Line………………………………………………………..108 Figure 2.3-1(e) Two-Way Resync Signaling Time Line…………………………………………………..108 Figure 2.3-2 Notification Message Processing (Connection Terminate)…………………………….115 Figure 2.3-3(a) Notification Message Processing (Native Clear Voice/Connection Idle)……..117 Figure 2.3-3(b) Notification Message Processing (Native Clear Voice/Connection Idle)(Cont.)…………………………………………………………………………………………………118 Figure 2.3-4 Notification Message Receive Processing (CKL Transfer)…………………………….124 Figure 2.3-5 Notification Message Processing (Secure Dial)……………………………………………126 Figure 2.3-6 Notification Message Processing (Attention)……………………………………………….130 Figure 2.3-7 Notification Message Processing (Secure Update)………………………………………..133 Figure 2.3-8 Mode Change Processing…………………………………………………………………………..135 Figure 2.3-9 Two-Way Resync Processing…………………………………………………………………….140 Figure 3.2-1 Application Timeout Processing…………………………………………………………………151 Figure 3.3-1 Secure MELP Voice Transmission Format – Blank and Burst……………………….154 Figure 3.3-2 Sync Management Frame Format – Blank and Burst…………………………………….154

SCIP-210Revision 3.219 December 2007viii
LIST OF FIGURES (Cont.)
Figure 3.3-3 Secure MELP Voice Transmission Format – Burst w/o Blank……………………….159 Figure 3.3-4 Sync Management Frame Format – Burst w/o Blank…………………………………….159 Figure 3.3-5 Clear MELP Voice Transmission Format…………………………………………………….163 Figure 3.3-6 Clear MELP Voice Sync Management Frame Format…………………………………..163 Figure 3.3-7 Secure G.729D Voice Transmission……………………………………………………………166 Figure 3.3-8 Secure G.729D Voice Superframe Details…………………………………………………..167 Figure 3.3-9 Secure G.729D Voice Escape and Return Example (No Cryptosync)……………..167 Figure 3.3-10 Secure G.729D Voice Sync Management Frame Format……………………………..169 Figure 3.3-11 Secure G.729D Voice Encrypted Speech Frame Header………………………………170 Figure 3.4-1 Secure RT Asynchronous Data Message Preparation…………………………………….174 Figure 3.4-2 V.14 Asynchronous Data Input Ordering…………………………………………………….175 Figure 3.4-3 Secure BET Asynchronous Data Transmission Format…………………………………178 Figure 3.4-4 Secure BET Asynchronous Data Superframe Structure…………………………………179 Figure 3.4-5 Sync Management Frame Format……………………………………………………………….180 Figure 3.4-6 V.14 Asynchronous Data Input Ordering…………………………………………………….180 Figure 4.1-1 Rekey Protocol Conversion Using the GRFE……………………………………………….184 Figure 4.1-2 Electronic Rekey System Infrastructure………………………………………………………185 Figure 4.2-1 SCIP Rekey Message Preparation……………………………………………………………….186 Figure 5.1-1 Multipoint Transport Signaling Timeline…………………………………………………….191 Figure 5.1-2 Multiple Multipoint Cryptosync Message Transmissions………………………………192 Figure 5.2-1 SCIP Multipoint State Diagram………………………………………………………………….197 Figure 5.2-2 Multipoint Secure Voice Transmit Signaling Time Line………………………………..198 Figure 5.2-3 Multipoint Cryptosync Message Transmission……………………………………………..200 Figure 5.2-4 Multipoint MELP Voice Transmission Format – Blank and Burst………………….202 Figure 5.2-5 End of Multipoint Secure Traffic Transmission……………………………………………203 Figure 5.2-6 Multipoint Cryptosync Message Reception………………………………………………….205 Figure 5.2-7 Multipoint Secure Voice Traffic Reception………………………………………………….206 Figure 5.2-8 Multipoint Late Entry Cryptographic Synchronization………………………………….208 Figure 5.2-9 End of Multipoint Secure Traffic Reception…………………………………………………209 Figure B-1 DTX Voice………………………………………………………………………………………………..B-1


Newest U.S. Counterterrorism Strategy: Trolling

In the decade since 9/11, the U.S. government has used a wide variety of tactics against terrorists. It’s invaded countries where they operated (and ones where they didn’t). It’s tried to win the backing of foreign populations in which the terrorists hide. And it’s sent commandos and deadly flying robots to kill them one by one.

One thing it hasn’t done, until now: troll them.

Within the State Department, a Silicon Valley veteran has quietly launched an improbable new initiative to annoy, frustrate and humiliate denizens of online extremist forums. It’s so new that it hasn’t fully taken shape: Even its architects concede it hasn’t fleshed out an actual strategy yet, and accordingly can’t point to any results it’s yielded. Its annual budget is a rounding error. The Pentagon will spend more in Afghanistan in the time it takes you to finish reading this sentence.

But it also represents, in the mind of its creator, a chance to discourage impressionable youth from becoming terrorists — all in an idiom they firmly understand. And if it actually works, it might stand a chance of cutting off al-Qaida’s ability to replenish its ranks at a time when it looks to be reeling.

The program, called Viral Peace, seeks to occupy the virtual space that extremists fill, one thread or Twitter exchange at a time. Shahed Amanullah, a senior technology adviser to the State Department and Viral Peace’s creator, tells Danger Room he wants to use “logic, humor, satire, [and] religious arguments, not just to confront [extremists], but to undermine and demoralize them.” Think of it as strategic trolling, in pursuit of geopolitical pwnage.

Outside the first Viral Peace/Generation Change seminar in Davao City, Philippines, April 2012. Photo: Crishyl Ann/Facebook

Al-Qaida’s influence has waxed and waned during the past decade, but its adherents, both current and potential, have gradually drifted online. Forums like the password-protected Shumukh site host extremist bulletin boards, where regulars debate the finer points of jihadist theory and boast of grandiose plans to assassinate senior U.S. officials.

The denizens of those forums might be scrubs. But the online havens are, increasingly, the town square for extremism, especially as drones and commandos batter the terrorists’ physical sanctuaries. Al-Qaida’s Yemen branch publishes an English-language web magazine; its Somali branch recently joined Twitter.

The U.S. has thought of several strategies for confronting the not-so-new wave of online extremism, from apparent DDoS attacks on extremist websites to infiltrating them using fake jihadi personas. The White House’s broad counterterrorism strategy, meanwhile, all but ignores the internet.

Amanullah has a different view. You don’t necessarily need to deface the forums if you can troll them to the point where their most malign influences are neutralized.

In an interview at a Washington coffee shop near his State Department office, Amanullah explains that online extremists have “an energy, they’ve got a vitality that frankly attracts some of these at-risk people,” Amanullah says. “It appeals to macho, it appeals to people’s rebellious nature, it appeals to people who feel downtrodden.” Creating a comparable passion on the other side is difficult. But it’s easier if the average online would-be jihadi has his mystique challenged through the trial by fire that is online ridicule.

To Jarret Brachman, it’s an idea with promise. Brachman is one of the leading researchers of online jihadism. The people who post to the forums are “are massive narcissists [who] need constant ego boosts,” Brachman says — and, like other online blowhards, they tend to talk outside their areas of presumed expertise. Omar Farouk Abdulmutallab, the would-be Christmas bomber, used to bloviate on an Islamic forum about “love and marriage” while simultaneously complaining about his moribund love life.

And that makes Abdulmutallab’s virtual contemporaries vulnerable to trolling — hopefully, before they can command attract an audience. The jihadi braggarts “keep the momentum, the anger and the virulence going in forums, and they have a disproportionate impact, so if you can get rid of them, it’ll pay dividends,” Brachman says.

But not every extremist forum is alike. Will McCants, a former State Department official now at the CNA think tank and another scholar of online jihadism, argues Amanullah’s pupils can’t focus on the hardcore extremist forums like Shumukh. “The admins will immediately take down” posts that challenge the jihadi narrative, McCants tells Danger Room. “For something like that to work, it would have to be in more mainstream fora where extremists are trying to recruit,” like the conservative muslm.net, where “you can engage and the admins wouldn’t necessarily take you offline.”

But all that is several steps ahead of Viral Peace at the moment. Viral Peace doesn’t have a strategy yet. And to hear Amanullah and his colleagues tell it, the State Department won’t be the ones who come up with one. It’s better, they argue, to let Muslims in various foreign countries figure out which message boards to troll and how to properly troll them. Americans won’t know, say, the Tagalog-language Internet better than Filipinos; and as outsiders, they won’t have the credibility necessary to actually make an impact. The best the State Department can do is train good trolls — which Amanullah began to do this spring.

That means taking a big risk. If Viral Peace works as intended, with the trainees taking control of the program, Amanullah and the State Department will have little control over how the program actually trolls the terrorists. And the first wave of meetings in Muslim countries shows how far the program has to go.

Inside a Viral Peace meeting in the Philippines, April 2012. Photo courtesy of Humera Khan.

It makes sense that someone like Amanullah would think about pwning terrorists. A 44-year old proud Muslim and proud California geek, he was the editor-in-chief of the web magazine Altmuslim; started an online restaurant-rating service called Zabihah that’s like a Halal version of Yelp; and launched a business service called Halalfire to drive advertising to the Muslim consumer market. Long before he arrived at the State Department in October 2010, he was profiled in Newsweek, which described the bookshelves at his El Cerrito home as “lined with copies of Wired magazine and Jack Kerouac novels.”

In April, Amanullah dispatched two young associates, Humera Khan of the U.S.-based counter-radicalization think tank Muflehun and the playwright and essayist Wajahat Ali, to set the idea into practice. They took a quickie tour of Muslim nations to meet young local leaders who might be interested in confronting extremism. It was a pilot program for Viral Peace and a related program of Amanullah’s called Generation Change. The idea was to connect notable people — rising stars in the arts, business and culture fields, who had an online following — with one another and to people who focused on counterterrorism.

“You don’t need to teach this generation how to use social media. They know how to use Twitter. They know how to use Facebook,” says Khan, who participated in Viral Peace in her individual capacity. “The whole [Viral Peace] curriculum is about learning what strategy is.”

Except that the first wave of Viral Peace didn’t yield a strategy. In Singapore, Malaysia, the Philippines and Indonesia — Ali went to Pakistan as well — the opening meetings brought together about 30 people per country, selected by the State Department and Amanullah’s own social networks, for sprawling brainstorming sessions. Some of them were just about how Muslim communities are perceived in their own countries. And some participants didn’t place counterterrorism at the top of their agendas.

“Yes, there were issues of extremism” discussed, Khan says. “But by and large, the people felt that if you could deal with economics, education, making sure the rights of the underprivileged were maintained, it would take care of a lot of the other problems.”

That may be, but it’s also far afield from trolling the trolls. Amanullah accepts that mission creep is a risk. But, he contends, if you want to get the most effective people denouncing jihadis online, it’s a risk worth accepting. And unlike the U.S. government, they stand the better chance of getting lurkers to think of them as “actually a cool group of people to be in,” as Amanullah puts it.

What’s more, Amanullah has basically no budget. Viral Peace, a global program, has mere thousands of dollars in annual seed money so far; the Obama administration is asking for about $85 billion for the Afghanistan war next year. Participants are staying connected via Facebook, with minimal U.S. government presence as a middleman; Amanullah wants to expand to more countries soon. But it’s not clear where Viral Peace fits in Obama’s broader counterterrorism strategy: White House officials declined repeated requests to comment for this story. Amanullah sees it as a supplement to existing counterterrorism efforts — not a replacement for, say, drone strikes in Yemen — and he also concedes that his project will take a long time before it starts to pay counterterrorism dividends.

But Amanullah doesn’t view that as an unconquerable obstacle. He thinks of counterterrorism like a venture capitalist might.

“I come from Silicon Valley, from the start-up environment. I want to prove you can do small, inexpensive, high-impact projects that don’t just talk about the problem but solve the problem,” he says. “And solve it the right way: not with the government’s heavy hand but by empowering local people to do what they already know to do but don’t know how.”Source


U.S. Government Accountability Office:Fiscal Year 2013 Budget Request -pdf

 

This testimony discusses the U.S. Government Accountability Office’s (GAO) budget request for fiscal year (FY) 2013. GAO very much appreciates the confidence Congress has shown in the efforts to help support the Congress in carrying out its constitutional responsibilities and to help improve government performance and accountability for the benefit of the American people.

GAO is requesting an appropriation of $526.2 million for FY 2013 to support a staffing level of 3,100. This funding level represents a modest increase of 2.9 percent over FY 2012, and is 5.4 percent below our FY 2010 level. The majority of the requested increase represents the first step in rebuilding our staff capacity to a level that will enable us to optimize the benefits we yield for the Congress and the nation.


We have carefully reviewed every aspect of our operations from a zero base to identify opportunities to reduce costs without sacrificing the quality of our work and preserving our ability to assist the Congress in addressing the most important priorities facing the nation. However, given that staff costs now represent about 81 percent of our budget and the deep reductions already taken in our infrastructure programs, reducing the size of our workforce could not be avoided. By the end of FY 2012, for the first time in over 75 years, GAO’s staffing level will drop below 3,000 staff, resulting in a net reduction of 11 percent in our staff capacity, or 365 people, in only a 2-year period.

GAO’s work directly contributes to improvements in a broad array of federal programs affecting Americans everywhere and remains one of the best investments across the federal government. With this committee’s support, in FY 2011, GAO provided assistance to every standing congressional committee and about 70 percent of their subcommittees. GAO issues hundreds of products annually in response to congressional requests and mandates. Our work yielded significant results across the government, including financial benefits of $45.7 billion—a return on investment of $81 for every dollar invested in GAO. Our findings and recommendations produce measurable financial benefits for the federal government, enabled through the actions of Congress and Executive Branch agencies, ultimately making funds available to reduce government expenditures, reallocate funds to more productive areas, or increase revenues.

 


Case title: USA v. O'Dwyer but the filing was not available on July 13, 2012!

New York Times, July 13, 2012:

http://www.nytimes.com/2012/07/13/technology/us-pursues-richard-odwyer-as-intermediary-in-online-piracy.html

U.S. Pursuing a Middleman in Web Piracy

Published: July 12, 2012

Richard O’Dwyer, an enterprising 24-year-old college student from northern England, has found himself in the middle of a fierce battle between two of America’s great exports: Hollywood and the Internet.

At issue is a Web site he started that helped visitors find American movies and television shows online. Although the site did not serve up pirated content, American authorities say it provided links to sites that did. The Obama administration is seeking to extradite Mr. O’Dwyer from Britain on criminal charges of copyright infringement. The possible punishment: 10 years in a United States prison.

The case is the government’s most far-reaching effort so far to crack down on foreigners suspected of breaking American laws. It is unusual because it goes after a middleman, who the authorities say made a fair amount of money by pointing people to pirated content. Mr. O’Dwyer’s backers say the prosecution goes too far, squelching his free-speech right to publish links to other Web sites. …

The extradition case against Mr. O’Dwyer has turned him into something of a cause célèbre. Wikipedia’s founder, Jimmy Wales, is leading a crusade to save him, with an online petition that has gathered over 225,000 signatures worldwide in two weeks.

Still, the British home secretary, Theresa May, approved the extradition order in March and said Monday that she would let the order stand. Mr. O’Dwyer has appealed; a hearing in Britain is expected this fall. …

“America? They have nothing to do with me,” Mr. O’Dwyer’s mother said he had told her. He reopened his site as TVShack.cc, which he reckoned was beyond the reach of the United States.

A few months later came a knock on the door from the British police. A judge ruled that Mr. O’Dwyer would not be prosecuted in Britain. Instead, the United States would seek to extradite him.

His mother was stunned. “This is for fugitives and murderers and terrorists,” she recalled thinking. “Richard has never fled the scene of a crime. He has never left the U.K.!” …

__________

U.S. District Court
Southern District of New York (Foley Square)
CRIMINAL DOCKET FOR CASE #: 1:10-mj-02471-UA-1

Case title: USA v. O’Dwyer
Date Filed: 11/05/2010

Assigned to: Judge Unassigned

Defendant (1)
Richard J. O’Dwyer
also known as
Duffman

Pending Counts
Disposition
None

Highest Offense Level (Opening)
None

Terminated Counts
Disposition
None

Highest Offense Level (Terminated)
None

Complaints
Disposition
18:2319:COPYRIGHT INFRINGEMENT AND REMEDIES;, 18:371:CONSPIRACY TO INFRINGE A COPYRIGHT;, 17:506:CRIMINAL INFRINGEMENT OF A COPYRIGHT.

Plaintiff
USA represented by David Miller
United States Attorney Office, SDNY
One Saint Andrew’s Plaza
New York, NY 10007
(212) 637-2484
Fax: (212) 637-2937
Email: David.Miller@usdoj.gov

John Michael Reh
U.S. Attorney’s Office, SDNY
One St. Andrew’s Plaza
New York, NY 10007
(212)-637-2306
Fax: (212)-637-2937
Email: john.reh@usdoj.gov

Sarah Y. Lai
U.S. Attorney’s Office, SDNY (St Andw’s)
One St. Andrew’s Plaza
New York, NY 10007
(212) 637-1944
Fax: (212) 637-2527
Email: sarah.lai@usdoj.gov

Date Filed # Docket Text
11/05/2010 1 SEALED COMPLAINT as to Richard J. O’Dwyer (1) in violation of 18 U.S.C. 2319 and 371, 17 U.S.C. 506.. (Signed by Magistrate Judge James L. Cott) (gq). (Entered: 01/24/2012)
01/24/2011 3 SEALED AFFIRMATION AND APPLICATION of AUSA Sarah Y. Lai in Support by USA for an order unsealing the Complaint and the corresponding arrest warrant for the deft, for the limited purpose of allowing them to be attached to an extradition request and directing that the Complaint and all related documents, including this application and Order, remain sealed for all other purposes, as to Richard J. O’Dwyer. (gq) (Entered: 01/24/2012)
01/24/2011 4 SEALED ORDER as to Richard J. O’Dwyer…that Complaint No. 10 Mag. 2471, and the corresponding arrest warrant for the deft, be unsealed for the limited purpose of making copies available for an extradition request…that Complaint No. 10 Mag. 2471, the corresponding arrest warrant, and all other documents relating to the Complaint, including this Order and the accompanying application and affirmation of AUSA Lai, shall remain sealed for all other purposes until further order of this Court. (Signed by Magistrate Judge Gabriel W. Gorenstein on 1/24/2011)(gq) (Entered: 01/24/2012)
02/23/2011 5 AFFIDAVIT of AUSA John M. Reh in Support by USA of Request for Extradition as to Richard J. O’Dwyer. (Signed by USMJ Henry Pitman). (gq) (Entered: 01/25/2012)
09/12/2011 6 SEALED AFFIRMATION AND APPLICATION of AUSA John M. Reh in Support by USA of a request that the Court unseal the Complaint and Warrant in the above-captioned action, as to Richard J. O’Dwyer. (gq) (Entered: 01/25/2012)
09/13/2011 7 SEALED ORDER as to Richard J. O’Dwyer…that Complaint No. 10 Mag. 2471, and the corresponding arrest warrant for the deft, be unsealed, which will enable the Government to respond to press inquiries regarding the extradition of Richard J. O’Dwyer, a/k/a “Duffman,” the deft. (Signed by Magistrate Judge Gabriel W. Gorenstein on 9/13/2011)(gq) (Entered: 01/25/2012)
01/24/2012 8 SEALED AFFIRMATION AND APPLICATION of AUSA John M. Reh in Support by USA of a request that the Court unseal the Complaint and Warrant in the above captioned action, as to Richard J. O’Dwyer. (gq) (Entered: 01/25/2012)
01/24/2012 9 SEALED ORDER as to Richard J. O’Dwyer…that Complaint No. 10 Mag. 2471, and the corresponding arrest warrant for the deft, be unsealed, which will enable the Government to respond to press inquiries regarding the extradition of Richard J. O’Dwyer, a/k/a “Duffman,” the deft. (Signed by Magistrate Judge Michael H. Dolinger on 1/24/2012)(gq) (Entered: 01/25/2012)


26 June 2012 WikiLeaks Setting Another Trap for Journalists, NGOs

2012-00414 WikiLeaks Partner for Global Intelligence Files June 26, 2012 (copy below) via Google Search

 

Cryptome rejects this proprietary publishing manipulation. Again, WikiLeaks is inducing participation in a crime covered with pseudo-journalistic exculpation. Again excluding open public access in favor of contractual marketing of stolen material and aiding its profitable commercialization.

It’s a trap, don’t do it, don’t encourage others to take the bait.

Don’t send anything to me you don’t want published. This note will be published .

_____

At 06:24 PM 6/26/2012, you wrote:

Please Do Not Post, still working on getting us access.

Below if the terms and conditions that WL is sending to everyone.

_Terms and Conditions for access to the Global Intelligence Files

These Terms and Conditions are an agreement between you as an individual (not your organisation) and WikiLeaks with respect to use of the Global Intelligence Files.

1. WikiLeaks will provide access to the data known as Project Rock Guitar through WikiLeaks’ search database. You will use the search database as per instructions on the site and will not use robots on the system.

2. The decision what to publish in news articles and papers will remain at your discretion. You will credit WikiLeaks in the following manner: “investigative partnership organised by WikiLeaks” and refer to the data as having been “obtained by WikiLeaks”.

3. You will refer clearly on your website to the document(s) provided by WikiLeaks that were used in preparation of these news articles or papers and link from your publication to the data on WikiLeaks’ website.

4. You will treat any alleged and/or suspected WikiLeaks sources for the Global Intelligence Files as confidential sources of your own, with all the ethical and legal protections such sources are entitled to. You, in accordance with journalistic and professional ethics, will not speculate as to their identities. In relation to WikiLeaks’ provision of confidential information to you, you will treat WikiLeaks as a confidential journalistic source. Although you will publicly describe the information has having been “obtained by WikiLeaks” you will not, for the protection of WikiLeaks, you and the WikiLeaks sources, say that the information was “given” to you by WikiLeaks.

5. When publishing any story or material based on the Global Intelligence Files you understand that in relation to exclusivity you must inform WikiLeaks of the identification number of the data informing your publication and will submit this number to WikiLeaks’ release platform before the story is to first appear in any of your publishing mediums, so that WikiLeaks can publish the original data at the same time. You will also provide a URL link to where the story or material will appear on your site. Instructions for this release system are on the GI Files site and must be read and followed once you have access to the site. You understand that the release system provided by WikiLeaks must be treated in a reputable manner: there is to be no playing of the system to schedule large quantities of data in advance to reserve them, or using robots on the system. Scheduling must reflect true intentions to publish at the date and time you list on the release system.

6. You will treat each of the documents made available to you by WikiLeaks as confidential unless and until a story based on their content is published. You will exercise care in ensuring that the materials will not be vulnerable to hacking or other efforts to discover their content.

7. WikiLeaks journalists, employees, consultants and infrastructure are the subject of State and private intelligence activity and politicised financial blockades. To protect its continued ability to publish effectively, various WikiLeaks methods, people and locations need to be kept confidential. Unless otherwise stated, these include, but are not limited to: identifying details of all WikiLeaks personnel, security methods, communication systems or methods, locations, strategic plans, information on threats against WikiLeaks, the number of WikiLeaks personnel, the number of WikiLeaks personnel in different areas, usernames, passwords, transportation and financial arrangements including financial transportation methods.

8. Trading, selling, sharing or giving away your account is prohibited, as is trading and selling invites or offering them in public.

9. You understand that any breach of these Terms and Conditions or mismanagement of the search database or release platform will result in your access being withdrawn, along with the access of the anyone that invited you and anyone you invite. You are responsible for your own account and for the people you invite.

By ticking this box you agree to abide by all of the above Terms and Conditions

Your login and password will be sent by mail.

GIFiles Signup Instructions
Becoming a WikiLeaks Partner for the Global Intelligence Files

You have been invited to enter a secret world.

By joining the global WikiLeaks partnership on the Global Intelligence Files (the GI Files) — you will have access to more than five million emails from the Texas-headquartered “global intelligence” company Stratfor. The emails date from between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large organisations, including the US Department of Homeland Security and the US Defense Intelligence Agency. Being part of this international team will allow you to search the emails using the sophisticated search engine designed by WikiLeaks to enable you to research and publish articles and papers using this data.

The purpose of this system is to maximise global impact of the GI Files by restricting supply to those who are most likely to research and publish on them.

We are allowing journalists, academics and human rights organisations to search and publish the GI Files. To enter into this partnership you will need to be given a unique code by one of our existing partners. Users who demonstrate research and publishing ability will be considered as partners for new WikiLeaks publications.

Once you have this code please follow the instructions below to enter the partnership and gain access to the GI Files. These instructions are designed to be idiot-proof. They explain every step of this process, but don’t be scared – for most people this will be quick.

1. Download Tor, a tool for encrypted anonymous web-browsing. Without this you will not be able to access our Terms and Conditions, or the GI Files database.

Tor Instructions:
– To get Tor please go to the following URL to download the “Tor Browser Bundle:” https://www.torproject.org/projects…
– Choose the correct version depending on whether you use Windows, Mac or Linux and download it in the language you want.
– Click on the correct version to download it and then save it – we suggest to your Desktop.
– Once you have saved it you can find the “Tor Browser Bundle” application in the place you saved it.
– You will need to double-click on the Start Tor browser application to run Tor.
– You will need Tor running to access the site to agree to our Terms and Conditions, and then to later access the GI Files site.

2. Start Tor and go to the following site (it will only work using Tor). Wait up to 30 seconds for the site to load for the first time: http://7f4lihm464gdcwfc.onion/invit…

3. Enter your unique invite code to get access to the GI Files partner Terms and Conditions.

4. Enter your name, organisation name, email address and phone number. The email address you give cannot be a personal email address; it must be a work email account.

5. Read all parts of the Terms and Conditions and make sure you understand them. If you have any questions, please email: signup@wikileaks.org

6. Once you understand your responsibilities under the Terms and Conditions tick the check box to confirm your agreement.

7. Within 15 minutes you will receive an email to the email address you supplied giving you login details to the GI Files website.

8. Login to the site at the following URL: http://7f4lihm464gdcwfc.onion/ giving your username and password as supplied in the email. This URL can only be accessed when using Tor.

9. Once you are logged into the site you will see your user page, the search interface and publishing interface. At the top of the page are tabs that explain how these work. On your user page you will have five invite codes for you to give to others so that they can also gain access to the GI Files.

10. If you wish to invite someone to the GI Files then give them a unique invite code, along with the URL to this page of instructions – each person you invite must be a journalist, NGO worker or academic from a different organisation (for complete understanding of who you can invite please see the invite rules below).

11. If you violate any of the Terms and Conditions you risk having your login terminated, along with that of the person that invited you and the people that you invited. If any of the contacts you invited violate the terms of the Terms and Conditions, they risk having their login terminated, your login terminated and the logins of the people they invited terminated.

Invite Rules:

Each invite code must be given to a person who:
A. is a real person
B. is either a journalist, Professor or Associate Professor at a University or an employee of a human rights organisation
C. is from a different organisation to you and your other invitees
D. is using an email that is not a personal email
E. is using an email that is from a different domain to your email address and that of the other people you invite
F. is going to use the GI Files search and release site for research, the results of which will be communicated to the public.

For any issues or questions related to this signup process, please email: signup@wikileaks.org


The Assange case back in 1995

 

Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. RADIUS allows a company to maintain user profiles in a central database that all remote servers can share. It provides better security, allowing a company to set up a policy that can be applied at a single administered network point. Having a central service also means that it’s easier to track usage for billing and for keeping network statistics. Created by Livingston (now owned by Lucent), RADIUS is a de facto industry standard used by a number of network product companies and is a proposed IETF standard.

List: best-of-security
Subject: Radius Authetication
From: Julian Assange Date: 1995-07-18 12:50:28
[Download message RAW]

Forwarded message:
>From firewalls-owner@GreatCircle.COM Tue Jul 18 20:53:32 1995
Date: Tue, 18 Jul 1995 03:18:51 -0700
From: Carl Rigney <cdr@livingston.com>
Message-Id: <199507181018.DAA22128@server.livingston.com>
To: paul@hawksbill.sprintmrn.com
Subject: Re: [Q] Radius specs.
Cc: firewalls@GreatCircle.COM
Sender: firewalls-owner@GreatCircle.COM
Precedence: bulk

The current Internet-Draft describing RADIUS (Remote Authentication

[prev in list] [next in list] [prev in thread] [next in thread]

List: best-of-security
Subject: Re: IP fragmentation and firewalls
From: adam () math ! tau ! ac ! il (Adam Morrison)
Date: 1995-07-19 22:53:54
[Download message RAW]

> The destination host receives the packets, and noting that the
> fragmentation offset (see IP header above) is set, reassembles
> the packets. It uses the offset field in the IP header to put
> the packets together in the original order.
> For example, if you were sending a 1600 byte packet over an
> interface with an MTU of 1500, the following packets would be sent
> Packet 1: 20 byte IP header, 8 byte UDP header, 1472 bytes of
> data (frag set)
> Packet 2: 20 byte IP header, 128 bytes of data, frag offset of 1472

The fragment offset refers to 8 octect (byte) units.

> Now comes the interesting part. Since reassembly only takes place at the
> destination host, how can we skirt a filtering router? The routers do know
> reassembly of fragmented packets, so let’s think of a sequence of packets to
> take advantage of this.
> For our target network, let’s say we have an FTP server behind the router.
> The router filters out all packets except those to FTP command (21) and FTP
> data (20). It is running NFS though. That makes it easy. What we’ll do is
> send a packet to the ftp data port, but redirect it to NFS.

This example attack is wrong.

> 1. So, what should the data of packet 2 be? How about a UDP header with a
> port of 2049? The data can be any valid NFS request, including unlink().
> Note that you can only change the TCP or UDP header, not the IP header, since
> fragmentation is a function of IP.

See RFC 791 — fragments are reassembled according to foreign and
local IP addresses, IP ID field, and the IP protocol field.
Which means that there is no way you can send a TCP packet and later
overwrite it to become a UDP packet — the IP stack passes any
packet upwords based on the IP header, and your packet will get
passed to TCP.

> This is the trick: specify a fragmentation offset of 1 in the second
> packet. Suddenly, the data in packet 2 is being written over the
> TCP header of packet

The offset for the beginning of a packet is 0. Let me explain
what the attack is. The *correct* details were already discussed
at length on the Firewalls mailing list, as you pointed out.

If you read the cisco advisory and the discussion on Firewalls, you’ll
see they refer to using the “established” keyword. You’re familiar
with filtering “established” TCP sessions — TCP starts a session
using a packet with only the SYN flag set, and the rest of the
packets have the ACK flag set, so you know that any packet coming
to your net with the ACK flag set is either in response to something
a host sent, or will be dropped by that host.

The problem lies in how the router filters fragmented IP
packets — it only applies filtering rules to the first fragment
(OFFSET=0), assuming that if the first fragment of a packet gets
blocked, the rest of the fragments will eventually timeout on
the destination host’s reassembly queue and will be discarded.
Your attack would fail in any case, because by trying to overwrite
the entire header, you’d need to send a packet with OFFSET=0, which
would get parsed by the router, which would see the destination
port of 2049, which would block you out.

However, you could send a packet (OFFSET=0) with a TCP header to
some “established” protected port. That packet will have a
complete TCP header with the ACK flag set; the router sees
that and lets it go. The next packet will overwrite the ACK
flag to be 0. This works because OFFSET=1 points to 8 bytes
into the TCP header, which is before the TCP flags. So you
can overwrite them. The router ignores that packet and bingo —
the reassembled packet passed to the TCP stack will be a
connect request, and you passed the filter.

> The best way to solve this problem is to have the reassembly algorithm
> only allow offsets greater than or equal to the end of the previous
> packet. I am

This is exactly the point, and why this was a router advisory.
While RFC 791’s reassembly algorithm is broken, the one used
by the host may not be. Take 4.4BSD ip_reass() for example —

/*
* If there is a preceding segment, it may provide some of
* our data already. If so, drop the data from the incoming
* segment. If it provides all of our data, drop us.
*/

There are other issues here, but they are all relevant to the
particular reassembly algorithm of the attacked host.

> pretty sure the interim measure provided by Cisco just reassembles
> fragments at the router and checks the ports. This is bad in that
> the RFC’s say that

It may not be *that* bad. That’s the way screend works.

However, this was posted by Paul Traina to Firewalls, so I *guess*
this is cisco’s fix (and I also think it’s the right one). I’m cutting
some parts, because this is really nothing new; look in the Firewalls
archives.

There is really only one way you can be sure of fixing this,
since you can’t control what algorithm the remote host uses
for fragmentation reassembly.

It *doesn’t* involve checking the length of packets before
examining the flags, hence the comment in the cisco advisory
stating that we think others have a problem too.

If you are doing something that needs to examine tcp flag
bits
and the packet is a tcp packet
and the fragment offset in the IP header is 1
then consider the packet suspect (do whatever you do with evil
stuff)

RFC791 demands that an IP stack must be capable of passing an 8
byte IP data payload without further fragmentation (fragments sit
on 8 byte boundaries). Since an IP header can be up to 60 bytes
long (including options), this means that the minimum MTU on a link
should be 68 bytes.

A typical IP header is only 20 bytes long and can therefore carry
48 bytes of data. No one in the real world should EVER be generating
a TCP packet with FO=1, as it would require both that a previous
system fragmenting IP data down to the 8 byte minimum and a 60 byte
IP header.

The only time you’re ever likely to see a packet with FO=1 is if
a bad guy is knocking at your door.

adam?

[prev in list] [next in list] [prev in thread] [next in thread]
Dial In User Service) is available on
ftp://ftp.livingston.com/pub/radius/draft-ietf-radius-radius-04.txt

The Internet-Draft describing RADIUS Accounting is on
ftp://ftp.livingston.com/pub/radius/draft-ietf-radius-accounting-01.txt

Various other files in that directory may also prove of interest.


Carl Rigney
RADIUS Working Group Document Editor
cdr@livingston.com

[prev in list] [next in list] [prev in thread] [next in thread]

[prev in list] [next in list] [prev in thread] [next in thread]

List: best-of-security
Subject: Security Conference – September 25
From: Julian Assange Date: 1995-07-22 11:35:59
[Download message RAW]

Forwarded message:
>From firewalls-owner@GreatCircle.COM Sat Jul 22 12:37:22 1995
Message-Id: <CORPSB.MSKRAUSE.253215140095202FCORPSB@REMNET.AB.COM>
Date: 21 Jul 1995 10:12:10 CDT
From: “Michaele S. Krause” <mskrause@corpsb.remnet.rockwell.com>
Subject: Security Conference – September 25
To: firewalls@GreatCircle.COM
Comment: MEMO 1995/07/21 10:12:45
Sender: firewalls-owner@GreatCircle.COM
Precedence: bulk

“Protecting the Information Enterprise”
A One Day Information Security Conference
September 25, 1995
Anaheim, California

Today’s INTERNET security challenges are continually
increasing. Threats against organizational information assets come as much
from within the organization as they do from outside the ‘protected’
enterprise-wide network.

Increased use of the Global Internet for electronic commerce, distributed
systems, continued implementation of client-server technologies, open
systems, multi-platform networks, increased desktop workstation
capabilities, wireless communications, increasing need for remote access
for telecommuting or system maintenance, newly identified information
privacy, confidentiality and integrity concerns, disaster recovery….the
list goes on and on and on.

Thankfully, you are not alone in addressing these concerns. Others who
have ‘been there, done that’ are willing to share their perspectives on
these challenges and what options may exist today or in the near future to
address these. Awareness of the issues is important – not only to
information security professionals, but also to CIOs, corporate
management, audit personnel, technical support, and legal staff – so that
appropriate internal decisions are made to knowingly accept the risks or
to implement measures to mitigate them.

The INFORMATION SYSTEMS SECURITY ASSOCIATION (ISSA) is here to help, along
with the NATIONAL COMPUTER SECURITY ASSOCIATION (NCSA). The three Southern
California chapters of the ISSA and the NCSA have joined forces to
co-sponsor the Tenth Annual Southern California One Day Information
Security Conference to help you meet those challenges.

Featured speakers are as follows:

Mr. Winn Schwartau, InterPact, Inc.
“INFORMATION WARFARE”

Dr. Peter Tippett, NCSA
“THE ELECTRONIC UNDERGROUND: TRENDS IN THE COMPUTING AND
INFORMATION MARKETPLACE”

Mr. Bill Willis, Technologic Software, Inc.
“SECURITY ADMINISTRATION ACROSS THE ENTERPRISE”

Mr. Tom Perrine, San Diego SuperComputing Center
“INTERNET SECURITY – ISSUES, CASE HISTORIES AND SOLUTIONS (FIREWALLS)

Mr. Bob Friel, U.S. Secret Service
“UNDERSTANDING FINANCIAL CYBERCRIMES”

Lt. Steve Hattis, Los Angeles County Sheriff’s Department
“MANAGING THE EMERGENCY – PLANNING FOR THE FUTURE”

Please join us at the Anaheim Hilton and Towers, September 25, 1995 for
this event. Registration fee is $95 per person, which includes lunch and
handout materials. Additionally, the Anaheim Hilton is offering a special
sleeping room conference rate of $79 per single room. Hilton reservations
can be reached at 714-750-4321.

For Conference registration information, please call Micki Krause at
310-797-2956.

[prev in list] [next in list] [prev in thread] [next in thread]

 


Corporation Corruption: the documentation (pdf)

Methods of Abuse
Corporations attempt to exert influence at every step of the scientific and policy-making processes, often to shape decisions in their favor or avoid regulation and monitoring of their products and by-products at the public’s expense. In so doing, they often attempt to fundamentally alter the decision-making process and exploit executive branch agencies, Congress,and the courts.


Autism & Oughtisms

Dealing with the endless "oughts" of parenting and autism.

Well Balanced Blog

Take Control of Your Own Health!

Έγκλημα και Τιμωρία/Crime and Punishment/Crime et Châtiment/Delitto e castigo/Преступление и наказание

CRIME DOES NOT PAY... PLUS, THE BUTLER DID IT! AND REMEMBER: WHAT DOESN'T KILL YOU, WILL -MOST LIKELY- TRY AGAIN... AND DON'T FORGET: TODAY IS A GOOD DAY FOR SOMEONE ELSE TO DIE.

BanTheBBC Blog

A constant reminder that life would be so much better without the BBC's TV Licence Gestapo

Healthy At Any Age

Welcome to June Rousso's Blog !

iGlinavos

Thoughts of a recovering leftist

Scottish Gaelic

Word a Day

NEO INKA - ΣΕ ΠΡΟΣΤΑΤΕΥΕΙ, ΔΥΝΑΜΩΣΕ ΤΟ!!!

ΓΙΝΕ Ο ΕΠΟΜΕΝΟΣ ΚΡΙΚΟΣ ΣΤΟ ΔΙΚΤΥΟ.

Talk of the Tail

"Tails" from pets searching for their forever home.

ultimatemindsettoday

A great WordPress.com site

Are You Finished Yet?

Alea Jacta Est

Watts Up With That?

The world's most viewed site on global warming and climate change

Levi Quackenboss

Putting the boss in quack.

I shouldn't have left Wonderland

Ir's diary of deficient years

Unstrange Mind

Remapping My World

psychinfo.gr

ΛΙΝΑ ΨΟΥΝΗ • psouni@gmail.com • www.psychinfo.gr

Wee Ginger Dug

Biting the hand of Project Fear

QUITTRAIN®

Quit Smoking & Take Your Freedom Back!

%d bloggers like this: