funsec mailing list archives
Re: WikiLeaks and metadata (or who is Mike Kogut?)
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Wed, 19 Mar 2008 16:53:10 -0400
Nobody can hide from Google: FBI says it needs packet-network surveillance. RCR Wireless News, January, 2003 by Weaver, Heather Forsgren http://findarticles.com/p/articles/mi_hb4962/is_200301/ai_n18159272 "The purpose [of the document] is to result in a cost-effective solution that balances the privacy of the user and national security," said Mike Kogut of Telecordia Technologies and author of the ... Richard -----Original Message----- From: Dr. Neal Krawetz [mailto:hf () hackerfactor com] Sent: Wednesday, March 19, 2008 2:39 PM To: coderman Cc: Richard M. Smith; funsec () linuxbox org Subject: Re: [funsec] WikiLeaks and metadata (or who is Mike Kogut?) On Wed Mar 19 04:20:33 2008, coderman wrote:
On Sat, Mar 15, 2008 at 4:25 PM, Richard M. Smith <rms () computerbytesman com> wrote:...
http://wikileaks.org/wiki/FBI_-_Electronic_Surveillance_Needs_for_Carrier-Gr ade_Voice_over_Packet_Service
According to the document properties for the file, "Mike Kogut" is the author of the document (See the attached screen shot). So who is Mike Kogut?probably Michael Kogut, Independent Security and Investigations Professional, Tampa/St. Petersburg, Florida
According to the meta data: 0) Size = 636 1) Info (SubDirectory) --> + [Info directory with 6 entries] | 0) Producer = Acrobat Distiller 4.05 for Windows | 1) Creator = Microsoft Word 9.0 | 2) ModifyDate = D:20030129163013-05'00' | 3) Author = Mike Kogut | 4) Title = Electronic Surveillance for CGVoP Service | 5) CreateDate = D:20030129161752 "Mike Kogut" is the name registered to the Microsoft Word installation that was used to generate the PDF, and it was generated back in 2003. This does not mean that Mike Kogut authored the document. For example, someone else could have authored it and then Mike converted it to PDF. In fact, Mike may not have even converted it to PDF. This only shows that the registration on the Windows installation was for "Mike Kogut", but it does not identify the user sitting at the computer. Finally, since the PDF was generated in 2003, we cannot even assume that "Mike Kogut" leaked the document. (In all likelihood, he probably didn't.) (In fact, we cannot even prove that the meta data was not tampered with and someone inserted his name. Although it probably was not tampered...) Since we don't know his role in all of this, providing his home address -- even in part -- seems irresponsible. (And since I'm including the offending text, I guess I am irresponsible too.)
previously at 10XXX Brigantine Blvd Tampa, FL 33615-3639 Phone: (813) 814-9XXX moved to zip 33602 october 2007 [sorry, just not feeling like a jerk tonight, even if FBI respect for privacy is near zero these days] member of the Suncoast Chapter Society of Former Special Agents of the Federal Bureau of Investigation
[snip]
Also how common is it for Wikileaks to leave metadata in document files
they
published?very. my favorite are the adobe acrobat redactions of confidential / proprietary information in court transcripts, legal documents/filings, etc. extract the text for redacted content.
Agreed. :-) I also like the ones where they draw the rectangles in pen and scan it in a high quality scanner, only to have slightly different black-levels that allow reading the redacted areas. And I like it when they "merge" or blend the black rather than doing a flat overwrite. -Neal -- Neal Krawetz, Ph.D. Hacker Factor Solutions http://www.hackerfactor.com/ Author of "Introduction to Network Security" (Charles River Media, 2006) and "Hacking Ubuntu" (Wiley, 2007) _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- WikiLeaks and metadata (or who is Mike Kogut?) Richard M. Smith (Mar 19)
- Re: WikiLeaks and metadata (or who is Mike Kogut?) coderman (Mar 19)
- <Possible follow-ups>
- Re: WikiLeaks and metadata (or who is Mike Kogut?) Dr. Neal Krawetz (Mar 19)
- Re: WikiLeaks and metadata (or who is Mike Kogut?) coderman (Mar 19)
- Re: WikiLeaks and metadata (or who is Mike Kogut?) Richard M. Smith (Mar 19)
- Re: WikiLeaks and metadata (or who is Mike Kogut?) Paul Ferguson (Mar 19)