Is Project Vigilant A Hoax?

from the looking-questionable dept

Tue, Aug 3rd 2010 1:52pm — Mike Masnick

We just wrote about the new publicity campaign from a group called Project Vigilant, linking to three separate articles discussing how it was a private organization monitoring internet traffic and providing it to the US government. The whole thing seemed dubious on a legal basis, and now plenty of people are questioning whether or not the whole thing is real or some sort of hoax or publicity stunt. Julian Sanchez points out that the "parent company" behind the Project, one "BBHC Global" looks painfully amateurish (and right now appears down). Then, a bunch of security experts are skeptical of the whole concept, noting that if it's been around for 14 years, how come no one's heard of it, and it hasn't participated in any serious security efforts. Others point out that it's almost certainly a publicity stunt of some kind, pointing out that the website was registered just last year. The suggestion there is it's an attempt to jumpstart a new security company. I'm guessing it's more of a hoax to try to show how gullible some people are.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: hoax, monitoring, project vigilant, security
Companies: project vigilant

18 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Hephaestus (profile), 3 Aug 2010 @ 2:09pm

The Yes Men Strike again!!!
[ link to this | view in chronology ]
weneedhelp (profile), 3 Aug 2010 @ 2:17pm

to try to show how gullible some people are
With the actions of our government over the past 10 years, I would not call them gullible. It sounds exactly like what they would do. Lets hope they don't get any bright ideas.
[ link to this | view in chronology ]
Anonymous Coward, 3 Aug 2010 @ 2:22pm

The SSL cert link on the bottom is an affiliate link, which no serious company would dabble in.

Hoax.
[ link to this | view in chronology ]
- chris (profile), 4 Aug 2010 @ 8:06am
  
  Re:
  The SSL cert link on the bottom is an affiliate link, which no serious company would dabble in.
  
  i found it suspicious that the website for a group that monitors internet traffic is HTTPS (presumably to prevent monitoring/sniffing) and that you have to sign up for an account to read anything other than their PR stuff.
  [ link to this | view in chronology ]
Kevin (profile), 3 Aug 2010 @ 2:29pm

Just a thought.
Would it really make that much sense for a startup security company to come out and draw attention to itself via a hoax? I really do not see that as the wisest way to attract potential customers. Though I could see AT&T being interested, but that is a personal opinion as I see them as evil.
[ link to this | view in chronology ]
cc (profile), 3 Aug 2010 @ 2:34pm

This is positively a publicity stunt of some sort, though I'm confused as to what snitch/"hacker" Adrian Lamo's role is in all this.

Is he really prepared to lie in court to promote this fake organisation? If yes, what's in it for him? Who is the mastermind behind this hoax? Is the US government involved in any way?
[ link to this | view in chronology ]
Malodorous Intent (profile), 3 Aug 2010 @ 2:49pm

They're trying to trick us into reading and comparing our EULAs. The telcos need to quash this rumor quick before we actually do it.
[ link to this | view in chronology ]
out_of_the_blue, 3 Aug 2010 @ 3:01pm

Well, Glenn Greenwald sounds serious:
http://www.salon.com/news/opinion/glenn_greenwald/2010/08/02/privacy/index.html

"In case you doubt the seriousness of this group, consider the list of its officials, which includes Mark Rasch, who headed the DOJ's Internet Crime Unit for 9 years; Kevin Manson, a retired Homeland Security official; George Johnson, who "develop[ed] secure tools for the exchange of sensitive information between federal agencies" for the Pentagon; Ira Winkler, a former NSA official; and Suzanne Gorman, former security chief of the New York Stock Exchange. These are people with extensive, sophisticated expertise in compiling highly invasive data about individuals' Internet activities, and more so -- given their background -- how to package it in a way that can be used by federal agencies."

I wish that *you'd* come to some conclusions, Mike. Just over two hours between contradictory posts.

Anyhoo, I'm inclined to the Greenwald take. The wackiness put out isn't a severe problem, because real spooks are *all* wacky, many dangerously so. The "volunteer" bit still intrigues me for unique, but there are many wannabes, presumably even in spying.
[ link to this | view in chronology ]
- Mike Masnick (profile), 3 Aug 2010 @ 3:05pm
  
  Re: Well, Glenn Greenwald sounds serious:
  I wish that *you'd* come to some conclusions, Mike. Just over two hours between contradictory posts.
  
  I linked to the Greenwald piece, but I find the other reports much more convincing. It could be that those folks are involved in the hoax, but I don't see any evidence that this organization has really been around for 14 years or that it's done anything like what it claims to do.
  [ link to this | view in chronology ]
  - out_of_the_blue, 4 Aug 2010 @ 10:45am
    
    But the "other reports" are speculative chatter.
    Sure it's possible that Greenwald and I are taken in by a hoax -- but I don't see the purpose on any hoax, and travel to an actual event for "recruiting" is putting some serious money into it, which seems unlikely. IF the people named in the section I quoted are actually in a group, then it's far from a bunch of hicks and nuts, for a start. (Regardless that one or more have *visible* nuttiness: incompetence and nuttiness can be contrived cover, besides excuse if needed.)
    
    Hope you'll keep on this. There are many *good* questions left, such as: How exactly do "volunteers" get ISPs to turn over data? I'd think at the least there'd be a charge for it, and who pays that?
    
    Until evidence comes out, my conclusion is that this *is* a bunch of *nuts*, but ones with actual ties to "three-letter agencies". They made a mistake of not grasping -- probably not able to -- how they'd come across to *normal* people, and got more exposure than wished.
    [ link to this | view in chronology ]
Anonymous Coward, 3 Aug 2010 @ 4:45pm

This reminds me of the guy that signed to Facebook or something like that as a gorgeous hacker girl, befriended every security expert out there and got Job offers from spooks LoL

Then he published his paper on social engineering and how vulnerable the system is.

I bet some where a bit shocked.

Sorry I don't remember the name of the guy.
[ link to this | view in chronology ]
Anonymous Coward, 3 Aug 2010 @ 5:07pm

shrug either way, think ill reread that eula a bit more diligently this time..
[ link to this | view in chronology ]
Anonymous Coward, 3 Aug 2010 @ 5:26pm

SE i.e. Social Engineering i.e. Lying is a powerful thing.
[ link to this | view in chronology ]
DerekCurrie (profile), 4 Aug 2010 @ 7:08am

The NSA Already Has That Job. Thank You For Applying.
Apparently the people at 'Project Vigilant' are a bit dim and gullible themselves. It is already well known that the NSA (National 'Security' Agency) has several sites around the country where they monitor all phone and Internet conversations and data. It was unconstitutionally set up by the Bush administration in coordination with their bogus war on Iraq. So who needs 'Project Vigilant' with the NSA around?

http://www.spamdailynews.com/publish/ATT_tech_outs_NSA_spy_room.shtml

http://en.wikipe dia.org/wiki/NSA_warrantless_surveillance_controversy

http://kennysideshow.blogspot.com/2009/07/n sas-internet-surveillance-program.html
[ link to this | view in chronology ]
out_of_the_blue, 5 Aug 2010 @ 5:06pm

Greenwald now says, "Uh... Probably just a bunch of nuts."
Ahah. Now comes the interesting phase. I stick with the guess of my last paragraph above: a bunch of nuts with actual connections, and add a guess at purpose, it's for pooh-poohing further disclosures in this area: "Oh, yeah. Bet you believe in Project Vigilance too. Totally debunked. Get a life, conspiracy theorist." -- From Ayn Rand (I'm widely read) an apt quote is: "Don't ask the meaning of a folly, ask only what it accomplishes."

The interesting part is what if anything will emerge. Does this just fade away with no follow up on WHY? Are you enough peeved at being taken in to pursue it?
[ link to this | view in chronology ]
roustabout, 7 Aug 2010 @ 12:27am

It was designed to make Lamo look better
A few points: A trip to Defcon costs you the airfare, the hotel room, and 140 dollars. Lots of security people and scenesters go because it's fun.

The security community includes a boatload of military groupies. People who think Lamo did the right thing and hate the way a lot of the hacking community have written him off as a selfrighteous d-bag.

Screwing with the press is a sport at Defcon. Look for the youtube video of a Dateline reporter being chased out of the con a couple of years back.

I think PV is some cop groupies who wanted to give Lamo cover. I don't think they expected it to fall apart as fast as it did, and I don't think they expected their comically overblown org chart to land on Cryptome.

The original reports were in terrible outlets, followed by a Forbes reporter being told "yeah, we know him" by a bunch of anonymous folks at Defcon. They might have been wearing red shirts, hence his saying they were 'organizers.'

Greenwald picked up the tale and ran with it, because he had a different point to make. I'm sorry he didn't look harder at the sourcing, since he relied so heavily on very few articles.

His point would be better illustrated by the once Federally funded Matrix project in Florida - the core of that project was a private company interfacing databases for law enforcement in ways that law enforcement can't legally do without a warrant. Even though the Federal funding is gone, the principals are around and the project seems to be a subsidiary of Lexis-Nexis now. Other states are setting up their own private-public fascia or buying access to the existing multistate databases.

However, the project has blown a lot of ink around itself after it was exposed and lost its Federal funding; you'd need real reporting to dig in and see where it is now. Greenwald doesn't have time to do extended reporting very often, and the Forbes blogger is tasked with a blog, not an investigative slot, so he's largely out - but he, too, has now admitted to Very Large Credibility Issues in his original report.
[ link to this | view in chronology ]
Jim Lippard, 8 Aug 2010 @ 9:19am

not even any real ties to 3-letter agencies, so far as I can see
out_of_the_blue wrote: "ones with actual ties to 'three-letter agencies'" -- your listed evidence is itself pretty weak. None of those people are presently working at government agencies, and look at what their roles actually were. Winkler was never an "NSA official," he was an entry level crypto analyst as his first job out of college. Rasch is an attorney who headed the DOJ group that prosecutes computer crime. Manson was a trainer on financial fraud. And where's the evidence that any of them actually have anything to do with Uber's alleged project?

Seems to me the "why" is that Uber is a wannabe with some issues, who wants to show how important he is by dropping names and creating a delusional structure of a massive operation that he leads.
[ link to this | view in chronology ]
Anonymous Coward, 12 Apr 2012 @ 9:18pm

Yes, it's real. They are a--holes. I think a bunch of them went to the mountain view public library last year and sat there all day spying on the patrons Internet activity. Then they set up Internet games for illegals to play along with in real life scenario in order to harass certain targets. These are the lone wolfs types and jet blue pilots that Janet napolitano warned us about. They are cracking because mexicans and east indians have been sticking greasy food in the engines of their cars for the last 2 years.
[ link to this | view in chronology ]