Privacy Advocate Jacob Appelbaum Reports Break-In Of Berlin Apartment 194
Jacob Appelbaum isn't shy about his role as a pro-privacy (and anti-secrecy) activist and hacker. A long-time contributor to the Tor project, and security researcher more generally, Appelbaum stood in for the strategically absent Julian Assange at HOPE in 2010, and more recently delivered Edward Snowden's acceptance speech when Snowden was awarded the Government Accountability Project's Whistleblower Prize. Now, he reports, his Berlin apartment appears to have been burglarized, and his computers tampered with. As reported by Deutsche Welle, "Appelbaum told [newspaper the Berliner Zeitung] that somebody had broken into his apartment and used his computer in his absence. 'When I flew away for an appointment, I installed four alarm systems in my apartment,' Appelbaum told the paper after discussing other situations which he said made him feel uneasy. 'When I returned, three of them had been turned off. The fourth, however, had registered that somebody was in my flat - although I'm the only one with a key. And some of my effects, whose positions I carefully note, were indeed askew. My computers had been turned on and off.'" It's not the first time by any means that Appelbaum's technical and political pursuits have drawn attention of the unpleasant variety.
Paranoia (Score:5, Insightful)
It's not paranoia when they really are out to get you.
What an idiot... (Score:2, Insightful)
Seriously, if you don't want the American secret police to dig around through your shit, kidnap, torture, and possibly kill you (while making your body disappear), don't piss off anyone in the American government.
I'm not being sarcastic.
Four alarm systems and not a single camera? (Score:5, Insightful)
Come on, he installed four alarm system and didn't bother with a single surveillance camera? I am not saying that there wasn't somebody in his apartment, but it's hard not to think this might have just been a case of a malfunctioning alarm system and a whole bunch of paranoia on top. If the government is after you, at least make sure you get some pretty pictures of them, cams are cheap these days.
Re:Paranoia (Score:5, Insightful)
It's not paranoia when they really are out to get you.
The distance between paranoia and reality has narrowed considerably.
Re:Paranoia (Score:5, Insightful)
It is always an interesting question though as to which "they" it is. Appelbaum has access to documents that Snowden leaked. Is it the Russian government trying to get their hands on the full cache of documents that Snowden leaked, assuming they don't have it already? Germany is crawling with Russian spies. Is it the German government looking for more information on US and British activity? Chancellor Merkel brought a former intelligence officer into her government recently. Is it the US government? Is it the Iranian government looking for ways to avoid detection of its agents? Is it another nation, impatient to see if there are any revelations about intelligence involving it but not wanting to wait for newspaper publication that may never come? Is it another advocacy group looking for information to share in the limelight? Is it another hacker group looking for clues as to how to avoid government surveillance of their activities, or for information they can crib into attacks? It is criminal gangs looking for information that can be exploited in many ways - making a profit and avoiding police surveillance? Is it a former lover looking for revenge? All that can be said is that he claims that something happened, but what it means is very much an open question. Various people will claim to know that it was this, or that, but Appelbaum doesn't know exactly what, how could anyone else but the perpetrators.... if they exist?
Re:seems a little bit sloppy (Score:5, Insightful)
You can't overlook the possibility that they were leaving a message, whoever it was.
Re:Perceptions (Score:4, Insightful)
It's surprising that there are still some people in the USA who are surprised that your spooks are generally perceived, all over the world, to be criminals.
It is surprising that some people are unable to conceive of the idea that many nations would like to get their hands on the information that Snowden took, and which Appelbaum has access to. For all you know it could be Russians, Chinese, Iranians, Germans, French, Israelis, Swedes, or just about any other country's agents. That is before you consider criminal gangs or hacker groups. Your imagination is far too limited to consider the range of possibilities.
Re:seems a little bit sloppy (Score:5, Insightful)
So someone managed to turn off three alarm systems, but didn't think to make sure that the contents of the apartment were all left in the same position that they found them?
Only if your aim was to hide the fact that you were ever there.
Re:Paranoia (Score:3, Insightful)
It's not paranoia when they really are out to get you.
The distance between paranoia and reality has narrowed considerably.
Where's +1 Sad when you need it?
Re:BIOS Attacks (Score:4, Insightful)
And then go over the EFI boot partition, and find some way to compare the firmware with the file from the manufacturer's site. If they have been compromised, don't pass up the chance to document exactly how it was done.
Ugh... (Score:5, Insightful)
None of your hardware can be trusted any longer, your apartment is bugged, and man do I feel for you having to clean it up.
Re:BIOS Attacks (Score:5, Insightful)
I'd swap out the keyboards as well. Just sayin'
Re:seems a little bit sloppy (Score:5, Insightful)
Re:Paranoia (Score:2, Insightful)
Trust the Computer. Happiness is mandatory. You are happy, aren't you, Citizen?
This was a message (Score:5, Insightful)
Sure, there are probably some surveillance things tossed in mainly "to be found", but the fact is that a break-in like this - where 3/4 of the systems weren't even turned back on is either a) laughably amateur, or b)(more likely) a deliberate message TELLING him he's under surveillance.
If he's practicing even moderately good security measures, he's likely beyond all but governments' ability to crack. And if they're after him, there are few things that he could do to PREVENT such surveillance.
Re:seems a little bit sloppy (Score:4, Insightful)
So someone managed to turn off three alarm systems, but didn't think to make sure that the contents of the apartment were all left in the same position that they found them?
They might have had no alternative but to turn off the three alarms. After all a loud ringing alarm will soon bring investigators of one sort or another.
Who knows just how persnickety his staged positioning of items in the room might have been. That magazine might overlap that envelope on the table "just so", and he could have had photos on his smartphone that he could match better than even a professional team could restore.
Re:Worry about planted nasties (Score:5, Insightful)
Your web browser will download anything from anywhere the pages you visit tell them to. Even if you browse only encrypted sites the site itself can be trivially exploited via XSS, SQL injection, or the zero-day exploits purchasable on the black market. Now, some of the pages you've been browsing can contain hidden <iframe> tags or if JS is enabled XMLHTTP Requests to download child porn. You'll never see the images, but there it is: an ISP record that your computer regularly made requests to child porn sites and downloaded kiddie porn. The spy agencies can simply put CP on your systems remotely, and give them "probable cause" to search. A physical copy would be quite a nice touch.
This isn't a hypothetical warning. I clean up servers linking to CP about 3 times a year. The government doesn't even have to do anything but make possession of certain strings of 1's and 0's illegal. Then the angsty teen skiddies with a copy of Metasploit inject the illegal pictures to ordinary sites in protest that sexting pics of themselves is illegal. Now, your Internet history clears after a period of time, so if it's not in there right now, it could have been and probably still resides on your drive's free sectors. You should be using whole drive encryption for this reason alone -- Although that doesn't rid the ISP record of your apparent obsession with disgusting perverse illegal imagery.
A police state has two prime tools:
0. Ensure it's impossible to obey every law.
1. Selective enforcement of the law.
Re:Paranoia (Score:5, Insightful)
Even if we stipulate, for the sake of argument, that some criminal did break into his home in this manner, that leaves us the obvious question of why the fuck wasn't anything taken? Thieves takes things, that's pretty much the definition! Whoever broke in could have taken all of his valuables, but didn't. Ergo, he, she or they weren't interested in valuables.
Then there is the fact that it would appear that some care was taken to leave minimal traces of the illicit visit. Again, this is not the behaviour of your typical burglar. B&E guys know that most of the time cops won't bother with the whole forensic fingerprints, DNA analysis etcetera. As long as they don't leave clear prints in obvious places, the cops will usually just file a report and move on. It is just not cost effective to spend tens of thousands of department funds to pursue your typical B&E.
The only logical conclusions we can make here is that:
a) The perpetrator(s) were far more skilled and patient than your average burglar
b) They weren't after fence-able valuables
c) They were interested in something they thought he had that none of his neighbours had.
d) Based on the access to his computers, what they were interested in was electronic data of some sort.
e) Given his long standing political views, he may have been investigated by the German intelligence community on general principles, but given his well known connection to Edward Snowden, it is highly probable that he was being investigated by someone with a strong interest in that situation.
f) Virtually all of the groups with access to people with those skills and with a strong interest in the Snowden case are state actors, mostly in the covert community.
I'll concede that there is a small chance that some private sector group might be involved with this. There may be a group on the scale of Anonymous that also acts on the real world/physical level and is (therefore) more paranoid about associating themselves with any actions. One could hypothesize that such a group was looking for data so that they could reach out and help Snowden with his agenda without leaving any clues for other agencies to follow as to how they found him, but I think that is a very low probability. (it would make for a great plot for some cyberpunk novel though wouldn't it?)