Tuesday, February 22, 2011

Beware the government's avatars, especially fear your own


The Department of Homeland Security is conducting massive spying on Internet users through a program called "Avatar Identity." The existence of the program was disclosed to WMR by a source who stated that the development of avatars for every user of the Internet had its beginnings with the U.S. Air Force and the Advance Research Projects Agency (ARPANET) at the outset of the fielding of World Wide Web (WWW) technology in the early 1990s.

At the core of Homeland Security's Avatar Identity Program is the reliance on genetic algorithms developed for the analysis of the stock market to come up with prime investment strategies. The program was developed through the aegis of the Homeland Security Advanced Research Projects Agency (HSARPA), which inherited many of the invasive Internet surveillance programs from its Pentagon cousin, the Defense Advanced Research Projects Agency
(DARPA), after its programs, including the proposed Total Information Awareness program, were defunded by Congress
The Avatar Identity Program appears to coincide with another Air Force project to solicit "persona management software" to create virtual users on the Internet in order to conduct perception management campaigns to inundate chat rooms, letter to the editor, and on-line polls to sway public opinion on key issues.

It was also recently revealed that the computer security firm HB Gary Federal worked in a program to create and manage "sock puppet" Internet users to infiltrate websites to create confusion and propagate disinformation. The program was to be used to attack WikiLeaks and apparently was linked to the US Chamber of Commerce, the Bank of America, the bank's chief law firm Hunton & Williams, and two other technology firms that later withdrew from participation: Palantir Technologies and Berico Technologies. More ominous is the report that it was the Department of Justice recommended the use of HB Gary Federal, Palantir, and Berico (known as Team Themis, which would operate a Corporate Information Reconnaissance Cell [CIRC]
) to the Chamber, the Bank of America, and Hunton & Williams to engage in the sock puppet management operation. The program matches recommendations from White House Office of Information Regulatory Affairs chief Dr. Cass Sunstein, who has referred to such operations as "cognitive infiltration."

However, Homeland Security's Avatar Identity program involves the creation of an avatar for every Internet user that pulls information from the actual user's Google searches, Twitter messages, Facebook postings, on-line commerce activities, and other web interactions and feeds the transactions to the avatar program. Intelligence analysts then query the avatar for details of the user's activities.

Your Internet avatar is watching you and snitching on you.
WMR was informed that the Avatar Identity Program was first developed for every known terrorist in the world. However, it has now expanded to include every Internet user and it is being aggressively used to identify and track down members of the hacktivist group "Anonymous," which has attacked the computer systems of HB Gary Federal, Bank of America, and other firms seen as waging a war against Internet freedom.

As an example of its practical use, the Avatar Identity Program records all on-line letters to President Obama sent via the White House web site, as well as any searches for Obama on the Internet.

Our source explained the avatar program by saying, "Every Internet user has a life on the Internet," adding, "but with the avatar, every user has a second life on the web." In the case of the avatar, every Internet user has a virtual "snitch" that reports their every action and movement on the web to the government.

=======
The solicitation for the Air Force's Persona Management program:


:
RTB220610
:
Sources Sought
:
Added: Jun 22, 2010 1:42 pm Modified: Jun 22, 2010 2:07 pmTrack Changes
0001- Online Persona Management Service. 50 User Licenses, 10 Personas per user.

Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user's situational awareness by displaying real-time local information.
0002- Secure Virtual Private Network (VPN). 1 each
VPN provides the ability for users to daily and automatically obtain randomly selected IP addresses through which they can access the internet. The daily rotation of the user s IP address prevents compromise during observation of likely or targeted web sites or services, while hiding the existence of the operation. In addition, may provide traffic mixing, blending the user s traffic with traffic from multitudes of users from outside the organization. This traffic blending provides excellent cover and powerful deniability. Anonymizer Enterprise Chameleon or equal
0003- Static IP Address Management. 50 eachLicence protects the identity of government agencies and enterprise organizations. Enables organizations to manage their persistent online personas by assigning static IP addresses to each persona. Individuals can perform static impersonations, which allow them to look like the same person over time. Also allows organizations that frequent same site/service often to easily switch IP addresses to look like ordinary users as opposed to one organization. Anonymizer IP Mapper License or equal
0004- Virtual Private Servers, CONUS. 1 each
Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated CONUS Light Geosite or equal
0005- Virtual Private Servers, OCONUS. 8 Each
Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network andintegrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated OCONUS Light Geosite or equal
0006- Remote Access Secure Virtual Private Network. 1 each

Secure Operating Environment provides a reliable and protected computing environment from which to stage and conduct operations. Every session uses a clean Virtual Machine (VM) image. The solution is accessed through sets of Virtual Private Network (VPN) devices located at each Customer facility. The fully-managed VDI (Virtual Desktop Infrastructure) is an environment that allows users remote access from their desktop into a VM. Upon session termination,
the VM is deleted and any virus, worm, or malicious software that the user inadvertently downloaded is destroyed. Anonymizer Virtual Desktop Infrastructure (VDI) Solution or equal.
2606 Brown Pelican Ave.
MacDill AFB, Florida 33621-5000
United States
:
Performance will be at MacDIll AFB, Kabul, Afghanistan and Baghdad, Iraq.
MacDill AFB , Florida 33679
United States
:
Russell Beasley,
Contracting Officer
russell.beasley-02@macdill.af.mil
Phone: (813) 828-4729
Fax: (813) 828-5111