This month we raise our voices once again in opposition to Bill C-51, C-44, and the whole cacophony of other charter violating bills that have been released recently. This month we take to the streets with the following objectives in mind;
1. To repeal unconstitutional legislature that violates our charter of rights and freedoms.
2. Demonstrate that we will maintain our rights by gathering publicly to speak out as per our constitutional rights.
3. Make sure that the indigenous people of Canada have their voices heard and that their right to consultation without being discriminated against is maintained and demonstrated
4. Stop any fear mongering legislation that may be put in place in the future by showing its not wanted, and not needed.
Thank you, together lets kill these bills!
During this entire time a standing request for pro-C-51 comments has been floating around the pages of both the ConservativeParty of Canada and the Liberal Partyof Canada and various articles concerning the passing of C-51. (The CPC had at least double the time of the LPC, I wasnt seeking any specific ‘official’ supporters – Literally ANY Canadian)
The response? Silence. Absolute crickets.
Looks like I’ll have to resort to social media comments, of which there is only a few and they are all quite similar and very weak, What makes them so weak? Well, for starters, anytime you parrot the ideology of Nazi Germany Propagandists as a defense for actions or beliefs … You lose the argument.
Can you tell the difference between a 2015 Canadian C-51 Supporter and a 1940’s Germany Nazi Propagandist? Let’s find out.
“If your not doing anything wrong than you have nothing to worry about”
“If you’ve nothing to hide, You’ve nothing to worry about”
“People must have something to hide not liking this law”
“Unless you are a _____ist you have nothing to worry about”
“Thank God. It’s amazing how people get angry at this when the Government is actually doing something to stand up against people who are bent on destroying anyone who doesn’t think and believe like them. We have been tolerant long enough. I’m thankful that H__er is working at protecting our border.”
Plot twist. None of these are quotes of German Propagandists. They are all Canadian supporters of C-51. It’s pretty tough to tell the difference isnt it? In that last one, Just replace Heil with ‘Go’ and fill in the blank with Harper. You can find the original comments here
Believe me, I would have much rather written this article poking holes in any reasoned, logical argument in favor of C-51. Instead, We have this. (I dont really need to poke holes in these arguments do I? … I thought we did that in World War II)
This is what Hitlers Minister of Propaganda said after the “passing of the authorization bill in the Reichstag by an overwhelming majority of two thirds” that “clearly prove the legality of our action”
To critics of the bill, He said “I have nothing to hide and nothing to colour, for this young Germany has no reason to fear”.
It just sends chills down your spine doesnt it? That here and now, Today in Canada we have citizens proudly echoing such sentiments?
Bill C-51 passed the Senate by a vote of 44 to 28, Coincidentally, the same ratio as the Reichstag authorization bill. This, In spite of the quarter of a million plus (268,353 at the time of writing) Canadians that spoke out very vocally against the bill. Join the rest of Canada here
It shames me as a Canadian that current events bear so many parallels to one of the darkest times in recent human history. It disturbs me how little I had to work to make these so readily apparent comparisons. Indeed I’m not the only one making them. In my search for C-51 supporters I saw at least a dozen people took the time to take some of these Canadians aside and say ‘Hey listen, You know who you sound like right?’
“An original source for the quote comes from a premise presented in the book written by Franz Kafka’s, The Trial. It was turned into a play many times since and in one of those play, unknown as to which one, the phrase was stated as “you have nothing to fear if you have nothing to hide” being a statement made by the prosecutor.
It is believed that Joseph Goebbels picked up the phrase from that play and used it skillfully numerous times in many of his local speeches. I have researched it and found that he made several such speeches and one of them occurred in the beginning of the Nazi propaganda efforts to root out the Jews within Germany, “admit you are Jewish and we will take care of you” was another such quote used in the propaganda.”
Canadians are speaking out as loudly as possible against Bill C-51 with yetanotherNational Day of Action to #StopC51. The main focus of the protest is to highlight some very simple demands and gather/march in Ottawa. It is surprising we need to demand our Government do something as basic as affirm and uphold the Charter, And yet here we are. Those very simple demands are as follows:
Honour the Treaties with First Nations and the Rights of Indigenous People
Honour First Nations Right to be Consulted (Section 35)
Stop racist legislation and fear mongering
A GoFundMe has been setup to assist with transportation costs from surrounding areas. At the time of writing it has reached $1,718 of its $2,000 goal. Donated funds will be used for: “Printing costs for posters and flyers, Equipment and art supplies for demonstrations, Secure travel”
An excerpt from the widely circulated Call to Action is as follows:
Enough is enough! Bill C-51 is part of a long string of initiatives to expand the government’s security powers and signals a dramatic new direction for Canadian security. Presented as anti-terror legislation, Bill C-51 creates excessive over reaching powers for security agencies, that will harm online innovation, political discourse, and our civil liberties.
The Conservative Government is rushing this bill through parliament without responsible parliamentary process. The actions of the government are degrading our democracy and our international reputation.
This bill disproportionately targets indigenous communities, environmental activists, dissidents, and Muslims, many of whom are already subjected to questionable and overreaching powers by security officials. Bill C-51 will make it easier and ostensibly lawful for government to continue infringing upon the rights of peaceful people.
“Bill C-51… is a dangerous piece of legislation in terms of its potential impacts on the rule of law, on constitutionally and internationally protected rights, and on the health of Canada’s democracy”
-106 Law professors from across Canada in and Open
Letter to the Government criticizing Bill C-51
Any government that would propose legislation that is unconstitutional and undemocratic does not have the moral authority to maintain power in a true democracy. Generations before us have defended the rights and freedoms that are now in jeopardy.
In response people from the four directions will march in solidarity on Parliament Hill on May 30th to #RejectFear and call on Members of Parliament to;
-Withdraw / Repeal Bill C-51
-Affirm and Uphold the Canadian Charter of Rights and Freedoms
-Honour the Treaties with First Nations and the Rights of Indigenous People
-Honour First Nations Right to be Consulted (Section 35)
-Stop racist legislation and fear mongering
Our security lives in our solidarity, standing together for our rights and civil liberties, not in legislation that creates secret police and secret courts. Bill C-51 does nothing to protect Canadians, it actually will make us less safe.
“The powers of CSIS have always depended on how a ‘threat to the security of Canada’ is defined, and section 2 of the CSIS Act already has an extremely broad definition. This has been interpreted to include environmental activists, indigenous groups, and other social or political activists. Concerns are heightened with the proposal to grant CSIS a ‘disruptive’ kinetic role.”
-Canadian Bar Association
#RejectFear and let’s stand together for the well-being of all the people on this land.
I have recently switched hosting providers. Users of a certain popular antivirus solution were erroneously blocked from this site. Users of that very same antivirus solution should notice this site loads just fine and is, in fact, virus free. Always has been. Always will be. It’s one of my many quirks.
It’s a shame us white hat professionals cant just get along and not block each others sites…
When I contacted the antivirus vendor they stated that the block wasnt due to any content on my website or even to my domain at all. NigelTodman.com, at the time, happened to reside on the same server as thousands of other websites. Much like it does again now, just on a different server. The ‘issue’ was a domain completely unrelated to my own, happens to use the same server/company that I used for my hosting, was at one time sending spam. As a result of this the antivirus vendor took it upon itself to block not just the offending website .. but every client on every server owned by that entire company and its resellers! I would figure at least a quarter of a million websites are blocked erroneously from the practices employed by this vendor, and thats just a very rough estimate.
I’ve since parted ways with the former hosting provider and this new provider thus far does not seem to suffer from the false positive fiasco. I think I will follow up with the former hosting provider and the antivirus vendor. Will be interesting to see If I can get some figures on how many domains they manage and how many abuse complaints they’ve received, I’m assuming domains that have never ever received a complaint (like this one for example) to be legitimate content and not malicious or spam.
Maybe if I inform said antivirus vendor that they are erroneously blocking and falsely stating websites are ‘dangerous’, Impacting millions of users and hundreds of thousands of administrators, webmasters and content creators, They would resort to more accurate practices.
The Thunderclap will post a message on your feed along with other supporters on
May 01 at 10:30AM EDT. All credit goes to Organizers: Redditors For Basic Income (/r/BasicIncome) & @2noame. The full text of the Basic Income Thunderclap Campaign follows:
What would you do with a monthly paycheck, separate and in addition to any other paycheck, earned for nothing other than citizenship and sufficient to cover your most basic needs? That’s basic income, and that’s what today should be about.
As automation of the workplace continues to the
tune of potentially eliminating half of all current jobs in the next 20 years,
and in addition eroding any sense of financial security or consumer buying power through the growth of part-time jobs, low-paid jobs, freelancing, and zero-hour contracts, unconditional basic income represents the ability to empower labor on
an individual basis. A newly gained ability to say “No” to employers
would have an undeniable effect on employee bargaining power for greater sharing of profits and better
wages, job conditions, hours, benefits, etc.
The achievement of basic
income would be the achievement of a new voluntary contract between employer and
employee, including the empowerment of the employee to become their own
employer by functioning as venture capital for the people. It would mean a new age of greater innovation, productivity, and entrepreneurship,
where all are finally free to pursue the goals they wish to pursue, and all work
could be recognized for its societal value, instead of only paid work
as it stands now. Isn’t it time we started recognizing all the important labor going unpaid?
(All links are safe to click, Everything not safe is purposely broken and unclickable)
UPDATE: I’ve ran the code inside a VM now
The original message had a filename of ‘video.html’ and was hosted at AmazonAWS.com – do not click on anything that is that if you receive such a message.
Inside the code there is a leak to a goo.gl shortened URL, This URL was created 10 days ago and at time of writing has 462,570 clicks. The URL redirects to http://facebook.com/profile.php?id= which will bring up the currently logged in users Facebook profile. You can view those statistics here
The virus first determines if you’re on mobile or not, then from there redirects to one of two pages, encrypted of course. I’ve unencrypted them for you here
The video.html sends the victim to tesirmt2 [dot] com/mobil.html on Android/Blackberry or anything that isnt Windows (or isnt able to run and is Windows)
That URL then forcefully sends the victim to the following site: mobile [dot] dollars4ads [dot] com/directclick/?&odata=YWlkPTMxNTQ0JnVpZD0xMzg4
Which in turn sends you into a blackhole of porn site redirects, First using a redirect script at the domain DateForSexyMoments [dot] com which loads what appears to be a landing page url at InstaBang [dot] com with the filename enter.php
This part appears to be solely for revenue generation, no exploit yet.
If on Windows and not blocked, A mockup of the YouTube Facebook page is then displayed.
Also on this page is a small.js …
I’ve been using FireFox w\ NoScript allowing the sites one by one, No exploit has triggered as of yet. Installing Chrome now.
What I’m trying to do currently is get the Video Controller request to fire, It looks like that is when the payload is dropped.
Of course on Chrome it fires right away.
Poorly worded broken english, Now we’re getting somewhere!
Cancelling the request puts us back to the start. And the background changes red as if to tell us we’ve done something wrong — Facebook does this all the time right?
Time to take the plunge, Installing malware… Now we get Green, Green means good.
It appears as if I’ve found the ‘Malware Campaign Control Center’ full of scripts and logs. Different loaders for different environments. Different campaigns and phishing attacks.
I’m going to contact a few people and hand this off now. I’ll add my passive analysis below.
From what I’ve been able to gather from my passive analysis prior to running in VM …
The exploit appears to target the Chrome Web Store, The clicks are entirely from systems using Google’s Chrome Web browser. The following unique string is passed in a webstore URL
This appears to be the Chrome Developer ‘ItemID’, This is stored in the variable ‘okkkkk’ and is called with the chrome.webstore.install() function.
That ItemID has been removed since it was discovered, A second message almost identical was sent about an hour later, Following the same methods a new ItemID has been discovered. (I’ve just reported it for abuse.)
Whether the victim is on a mobile device or not, The victim will be on Facebook (The link is sent over the Facebook service), in the body tag the function chromex(); is called which in turn calls chrome.webstore.install(), It appears as if a request to install a ‘Video Controller’ relies on social engineering inside the chromex() function. chromex() is called at every possible opportunity to do so.
Still have yet to find the code that causes it to propagate to other users on Facebook, Been using strictly passive code analysis so far. Might jump inside VM and allow an infection and examine some binaries and what I’m assuming will be an interesting Chrome extension.
The only reason why mass surveillance works is because most of our communications are being sent in plain text, as easily read as you are reading this very article. Whether this is done willingly by the service provider or maliciously by the Government using devices and exploits without their knowledge, Encryption will keep (some of) your rights in tact, for now.
While I do admit there is a modest barrier to entry into the realm of secure communications, there is a number of ‘Out of the Box’ solutions emerging to attempt to reduce this barrier. I will detail these still in development solutions in the footer, and cover some of the more established solutions that require a small amount of setup next. (With a pictorial guide)
Using Tor outside of a browser and not on the Darknet/.onion network will defeat this attack. Me personally, when I use Tor. I exclude all nodes that reside in a FVEY (Five Eyes) Member country. That is US, CA, AU, UK and NZ. I use an open source project called AdvTor to do this.
Pidgin is a messaging client that supports numerous protocols. The one I will focus on is XMPP, previously known as Jabber. The XMPP server I use is creep.im, You can add me using [email protected]. Here is a list of many XMPP servers.
There is no reason Pidgin shouldn’t be the MSN or ICQ of this decade. Most people have resigned to using Facebook for their messaging needs, But this is a horribly insecure centralized target for … pretty much everyone. XMPP allows you to use any number of servers in any number of countries to route your conversations thru, all with full encryption.
Fill out the form as shown below, using your own username and password.
I am using Tor in this example. Simply Install Tor and run it, The defaults will work. If you don’t want to do this, select ‘No Proxy’. The main benefit here with Tor (or any proxy) is maintaining your location security from whomever you selected to handle your chat (creep.im in the example).
If all goes well you will get this screen. This is your actual registration so remember your password.
When someone adds you, This is what it will look like.
The OTR plugin gives further security by providing even more encryption and buddy authentication via secret phrases and questions. But even just using Pidgin over say regular Facebook is a huge improvement.
With the OTR plugin installed, Go to Tools -> Plugins in Pidgin, Select ‘Off the Record Messaging and hit ‘Configure Plugin’ – Now press ‘Generate’
If all goes well.
Now you will notice a new menu when chatting with Buddies and some new notices
There are a variety of methods of ‘authenticating’ a buddy. The simplest is ‘Manual Fingerprint Verification’ – For your first time encountering people, this is good. It will ensure that your communicating with the same person on the same machine you originally added.
Alternatively there is a secret question and answer. This is good for people you know well. If you know them well enough you won’t even need to tell them the answer
And thats all there is to getting started with Pidgin.
A project that is currently in development I’ve been keeping an eye on is uTox. It allows for sharing of your desktop, a webcam, pictures, or just regular chat. All securely with encryption by design. Even better is that it is ‘zero configuration’ – You open it and you start chatting. No account or signup or registration.
“With the rise of governmental monitoring programs, Tox, a FOSS initiative, aims to be an easy to use, all-in-one communication platform that ensures their users full privacy and secure message delivery.
The goal of this project is to create a configuration-free P2P Skype replacement. “Configuration-free” means that the user will simply have to open the program and will be capable of adding people and communicating with them without having to set up an account. There are many so-called Skype replacements, but all of them are either hard to configure for the normal user or suffer from being way too centralized.”
You will end up with a ridiculously long ‘Tox ID’ – For example, mine is 1E64DB1DFAEA2DBDE2204826CE649DA8A6BEC90C93BA16B7F557228B48FF234A1CD1876F268C. You can make this more human readable at www.ToxMe.se My human readable Tox ID is [email protected]
Another project worth watching is BitTorrent Inc’s Bleep which is basically the same thing as uTox. Currently Bleep ‘looks’ better, but Tox has many more functions at the moment. Add me on Bleep with this slightly less ridiculously long string: 32969203ae7c11f935ea0b3b561656eed0d891d57da9ecf7641e91a50769cc69
Governments will eventually break these encryptions or make them ‘illegal’ and brand everyone using them a thought criminal and/or terrorist. But until that happens, Any one of these tools are effective ways to thwart mass surveillance and take back at least a little bit of your privacy. For now.