> NOTES

Chapter 1: An Evening in San Francisco

On a Tuesday evening”: I attended this fundraising event; quotes and characterizations are from my notes.

Adam wasn’t accustomed to entertaining people”: If I cite someone’s thoughts in this book, I almost certainly got them from that person in a direct interview. I will note when that is not the case. When I cite someone’s actions, it was because I observed them, was told about them by that person later, or, in a few cases, was told about them by multiple witnesses.

they invented the term hacktivism”: A cDc critic using the handle Jericho has written that the word first appeared in an obscure Minnesota print publication, “InfoNation,” in 1995, https://jerichoattrition.wordpress.com/2014/02/17/on-the-origins-of-the-term-hacktivism/. But the dense art review in question uses the word to mean the creation and use of alternative media, not technological support for human rights. Internal emails from cDc’s later Def Con preparations show group members believed they had a new word and worked together to drop it in interviews to push it toward common usage.

dating to the group’s founding in 1984”: This is the beginning year that the founder now gives, but that precedes its first electronic files. A hardcopy cDc zine from 1988 declares the group began in 1986.

Stamos gave a heartfelt talk on ethics”: I attended the speech. All of the conference presentations I cite I either witnessed or watched recordings of. The majority are available on YouTube or other sites, but I am not giving web addresses for most of them because they come and go.

Chapter 2: Texas T-Files

Like many of the internet’s earliest adopters”: The account of Kevin’s youth is primarily from Kevin himself. The same pattern holds true for most of the other principals in the book. The majority of the information comes from in-person interviews with the major figures, supplemented by phone or electronic communication.

We have to make our own and truly be elite”: This is Kevin’s recollection of what he said then. More generally, when I quote someone, in the vast majority of cases the person quoted spoke those words directly to me, usually in person. Sometimes the comments were by phone, email, or other electronic messages. If I came by the comment some other way, I will say so in these notes.

Gerbil Feed Bomb”: Swamp Rat, “Gerbil Feed Bomb,” 1985, www.cult deadcow.com/cDc_files/cDc-0001.html. Most of the text files I cite are still available online via www.cultdeadcow.com or Jason Scott Sadofsky’s www.textfiles.com. The inclusion of a link here, however, is no guarantee it will still be online at publication or thereafter. I will also note that not everything on the cDc site is accurate.

KGB ‘had some nutty retardo sex & violence stuff’”: This is from an email to a friend in cDc.

In our circle”: Interview with Brewer.

Book of Cow”: Franken Gibe, “The Book of Cow,” 1987, http://textfiles.com/groups/CDC/book.of.cow.

I took my stupidity very seriously”: This is from a later text file, Franken Gibe, “Retro Cow,” 1989, www.cultdeadcow.com/cDc_files/cDc-0100.html.

a decent summary of software commands”: Franken Gibe, “Gibe’s UNIX COMMAND Bible,” 1987, http://textfiles.com/groups/CDC/cDc-0014.txt.

telecom as a means, not an end”: This phrase and close variations appeared in cDc files and public statements, including www.cultdeadcow.com/cDc_files/cDc-0100.html.

No longer could this strong desire”: Psychedelic Warlord, “Visions from the Last Crusade,” 1988, www.textfiles.com/groups/CDC/visions/crusade.

The first cDc file Warlord published”: Psychedelic Warlord, “A Feature on MONEY—Today’s Monster,” 1987, http://textfiles.com/groups/CDC/cDc-0031.txt.

interview with a self-proclaimed neo-Nazi”: Psychedelic Warlord, “Interview with Neo-Nazi ‘Ausderau,’” 1988, http://textfiles.com/groups/CDC/cDc-0059.txt.

Chris Tucker, who dialed in from a board in Rhode Island”: Chris Tucker’s history comes from interviews with Osband, Mudge, Kevin, and others in cDc.

In June 1971”: The best account of the Yippie-phreaker coevolution is in Phil Lapsley’s Exploding the Phone (New York: Grove Press, 2013).

Political Rant #1”: Nightstalker, “Political Rant #1,” September 1, 1997, www.cultdeadcow.com/cDc_files/cDc-0339.txt.

Chapter 3: The Cons

Houston-area hacker Jesse Dryden”: I was unable to reach Jesse through close friends, relatives, database searches, or previous email addresses. This account of his career is built on interviews with his mother, former housemates, close friends, and members of cDc.

better living through chemistry”: The comment came in my interview with Mann. She also showed me an advance excerpt from her memoir, The Band’s with Me (self-pub., Big Gorilla Books, 2018), epub.

Jesse strategically leaked word”: Phrack #32, November 17, 1990, www.phrack.org/issues/32/10.html.

LoD began even before cDc, spawned in the early 1980s”: For the history of the two groups and the trial of Neidorf, I am drawing on my own interviews with LoD and MoD members and others at the conferences. I also used Bruce Sterling’s The Hacker Crackdown (New York: Bantam Books, 1992) and Masters of Deception, by Michelle Slatalla and Joshua Quittner (New York: HarperPerennial, 1995).

Attendee Dale Drew of Arizona”: Drew went on to have a serious security career with Tymnet, MCI, and Level 3 Communications, where he was chief security officer. He didn’t respond to my interview request.

Barlow’s fellow acid-taking Deadhead”: For more on Brand and the connections between psychedelics and major technology innovations, see John Markoff’s What the Dormouse Said (New York: Viking, 2005).

I’ve been in redneck bars wearing shoulder-length curls”: John Perry Barlow, “Crime and Puzzlement,” Electronic Frontier Foundation, June 1990, www.eff.org/pages/crime-and-puzzlement. The site has a collection of his other writings as well.

Ladopoulos and Abene were arrested and prosecuted”: One member of MoD who got away, Red Knight, was also in cDc. He later wrote to four cDc old-timers that after the arrests started, he quit hacking and went into the construction business.

We were basically blacklisted”: Goggans gave his account to Gray Areas magazine in 1994. He did not respond to my requests for comment, and neither did Chasin.

At one HoHoCon, Goggans told an audience”: His talk is recorded in a private film with highlights of the conference, which was shown to me by a cDc member.

The reason I put on HoHoCon is”: Jesse said this in a 1994 documentary by a woman using the name Annaliza Savage called Unauthorized Access, available here: https://archive.org/details/Hacker_Documentary_-_1994_-_Unauthorized_Access_by_Annaliza_Savage.

He explained MindVox that year in an epic text file”:Patrick Kroupa, “Voices in My Head,” Excited Delirium, February 14, 1992, http:// exciteddelirium.net/voices-in-my-head-mindvox-overture/.

32 “The general debauchery” was described by multiple eyewitnesses.

already legendary to Moss”: Both Moss and Bednarczyk told me this story.

many of them were not true”: As an example, his friend Angela Dormido told me that Jesse sent her a picture of Marilyn Manson’s group and said he was on tour with Manson guitarist Jeordie White and the others. Dormido was friends with Waylon Jennings’s son Shooter, a musician who eventually wound up on a tour bus with White. Shooter phoned Dormido and handed the phone to White: he had never heard of Jesse.

Chapter 4: Underground Boston

One day in August”: I interviewed a half-dozen attendees. Each detail I used was confirmed by at least two people. That was my general rule for this book, except for childhood memories and minor points.

Brian and I had this vision”: I am drawing on my own interview with John Lester and one he gave to Decipher, a blog hosted by Duo Security that ran a history of the L0pht in 2018. Dennis Fisher, “‘We Got to Be Cool About This’: An Oral History of the L0pht, Part I,” Decipher, March 6, 2018, https://duo.com/decipher/an-oral-history-of-the-l0pht.

Misha had followed the credo laid out by early hacker the Mentor”: The Mentor, “The Conscience of a Hacker,” Phrack #7, January 8, 1986, http://phrack.org/issues/7/3.html#article.

participant Jordan Ritter”: In addition to Ritter and Fanning, others in my Napster book All the Rave who show up in this volume are John Perry Barlow, Yobie Benjamin, Bill Gates, Steve Jobs, Jan Koum, Kevin Mitnick, and Dug Song. Napster cofounder Sean Parker went on to serve as Facebook’s first president, coaching Mark Zuckerberg through dealings with venture capitalists and helping him keep voting control of the company as it moved toward becoming one of the most important in the world.

the Boston Herald identified New Hack City”: Mark Mueller, “Hackers Go into Hiding as FBI Hunts for ‘u4ea,’” Boston Herald, March 10, 1996.

Chapter 5: Back Orifice

Mudge’s list of aliases ran for ten pages”: This is per Mudge, who does at times exaggerate.

Byron York”: York’s history was described by Mudge and MacMillan and in some contemporaneous online reporting. His HoHoCon talk appears in the private film of the event. I was unable to locate him. He is not the older man of the same name who has worked as a conservative writer for the National Review, The Hill, and other publications.

There was one hitch”: This section is based on interviews with multiple people who were there.

Once, a leading security figure came to the L0pht”: The figure was Marcus Ranum, who set up the first White House internet email and invented the modern intrusion-detection system. The anecdote and discussion of Mudge’s dealings with malicious hacking come from my interviews with him in October 2018.

Luke Benfey’s 1994 Dateline interview”: The interview has been transcribed by Misha, who changed Luke’s name. That transcript is available here: www.cultdeadcow.com/oldskool/dateline.html.

A 1996 story in the San Antonio Express-News”: Chris Williams, “Air Force in Dogfight with Hackers,” San Antonio Express-News, August 11, 1996. The same story ran in the Rocky Mountain News a week later under a different headline. Neither version is currently online.

We intend to dominate and subvert the media”: This statement appeared in cDc website updates including this one: www.cultdeadcow.com/news/medialist.htm.

We’re a neo-Marxist, anarcho-socialist guerrilla unit”: Omega, “cDc Response to Newsday Magazine by Omega,” December 1, 1996, https://w3.cultdeadcow.com/cms/1996/12/cdcs-response-t.html.

It’s one thing if you have a state sponsor of disinformation”: This came from hacker Mike Seery, who used the handle Reid Fleming. Seery was an old friend of Misha’s and a longtime active cDc member credited by Misha for the neo-Marxist line.

public spectacle to affect the public debate”: The slogan is from a Yes Men page, http://yeslab.org/theyeslab.

Would I be in trouble if I released a program that others could use to hack people?”: The story comes from my interview with Josh.

returned with an article on Back Orifice alone”: Matt Richtel, “Hacker Group Says Program Can Exploit Microsoft Security Hole,” New York Times, August 4, 1998, https://archive.nytimes.com/www.nytimes.com/library/tech/98/08/cyber/articles/04hacker.html.

Microsoft is fully buzzword-compliant”: The raw footage of this interview was provided to me by a cDc member.

the local Atlanta field office of the FBI”: Various memos and other FBI records were obtained through a Freedom of Information Act request by cDc members, who shared them with me but have not made them public.

a comprehensive set of security features”: Microsoft’s original message is now gone from its site. cDc reposted it, with a point-by-point rebuttal, here: www.cultdeadcow.com/tools/bo_msrebuttal.html.

Chapter 6: One Million Dollars and a Monster Truck

Kevin Wheeler sympathized”: In an email to the group.

Wired and the Washington Post had written about it”: See, among other stories: Austin Bunn, “Beyond HOPE Hacks into Big Time,” Wired, August 11, 1997, www.wired.com/1997/08/beyond-hope-hacks-into-big-time, and Pamela Ferdin, “Into the Breach,” Washington Post, April 4, 1998, www.washingtonpost.com/archive/politics/1998/04/04/into-the-breach/8ae3cf86-fbd7-4037-a1b6-842df39d9db7.

The success of Eligible Receiver”: For more on Eligible Receiver and Moonlight Maze, see Fred Kaplan, Dark Territory (New York: Simon & Schuster, 2016), and Thomas Rid, Rise of the Machines (New York: W. W. Norton, 2016).

Clarke took a crew from the NSC”: Different members of the L0pht tell slightly different versions of how Clarke came to hear about and visit the L0pht and how the testimony was arranged. I am going with what Clarke told me about finding them.

If you have an offer, we’ll listen”: The joke is by Mudge’s recollection. The others recall the part about Clarke being surprised the L0pht could do what it did without a government’s support.

Mudge told the senators”: Cris “Space Rogue” Thomas, the best archivist of the L0pht’s members, posted a transcript of the hearing here: www.spacerogue.net/wordpress/?p=602.

a problem they had found in the internet’s routing procedure, Border Gateway Protocol”: It has never been made clear what bug the group was referring to. Mudge said at a L0pht reunion panel at Def Con 2018 that he had found it on his day job at BBN. He told me it had just been reported to router makers before the testimony.

We were a visceral representation of what the adversarial view was”: Wysopal’s comment came during the 2018 Def Con panel marking the twentieth anniversary of the testimony.

The Atlanta FBI office warned the Pentagon”: The FBI records were obtained through a Freedom of Information Act request by cDc members, who have not made them public but shared them with me.

The Defense Department’s Criminal Investigative Service”: According to declassified CIS documents shown to me.

A lawyer was hired”: cDc member Mike Seery put up the $1,000 needed. The lawyer was Cindy Cohn.

An ISS intermediary even offered cash”: According to a log of the Internet Relay Chat, which is not publicly available. The man said in the chat that he worked for ISS at the time, though his LinkedIn profile shows he joined full-time in 2000.

ISS is just flat-out sleazy in a lot of ways”:Mudge said this to a filmmaker at the time. I have seen the footage.

one million dollars and a monster truck”: The letter, signed with Mike Seery’s handle, was cited by the BBC and others. The full text is at www.mail-archive.com/siglinux@locutus.csres.utexas.edu/msg04587.html.

Christien had burned advance copies of BO2k”: The story of how the CDs came to be infected was told to me by Christien and other cDc members. Fried declined interview requests.

practically calling us godless commies”: Kevin’s comment was in an email to others in cDc. The paper’s editorial ran on July 15, 1999. It is not currently online.

a qualified thumbs-up”: Bruce Schneier, “Back Orifice 2000,” Crypto-Gram (newsletter), Schneier on Security (blog), August 15, 1999, www.schneier.com/crypto-gram/archives/1999/0815.html#BackOrifice 2000.

One Lockheed Martin expert wrote to a security mailing list”: The email went to subscribers of the list called NTBugtraq.

Carrie wanted to help Microsoft do better”: My sources for this anecdote are Carrie and Beck.

the leading tech discussion site Slashdot”: “Bizarre Answers from Cult of the Dead Cow,” Slashdot, October 22, 1999, https://news.slashdot.org/story/99/10/22/1157259/bizzare-answers-from-cult-of-the-dead-cow.

Chapter 7: Oxblood

John Lester’s personal account”: Count Zero, “HoHoCon 1994… The Insanity Continues,” January 6, 1995, www.cultdeadcow.com/oldskool/HoHo94.html.

Laird said he was working for a not-for-profit”: He later told me he had been volunteering at the Toronto group Web Networks, which built websites for progressive groups, native tribes, and government agencies, and supported himself with other jobs on the side.

Laird came by his sense of ethics”: I feel obliged to remind readers that, as with Mudge and the others, I am relying on Laird’s own word for this account of his pre-cDc life.

Laird memorialized the event in classic cDc style”: This was in an email circulated to the group.

A Declaration of the Independence of Cyberspace”: John Perry Barlow, “A Declaration of the Independence of Cyberspace,” Electronic Frontier Foundation, February 8, 1996, www.eff.org/cyberspace-independence.

Barlow said that the innocence”: I interviewed him in a San Francisco nursing home near the end of his life.

a short piece in Wired magazine about the Blondes”:Arik Hesseldahl, “Hacking the Great Firewall,” Wired, December 1997, 120, www.scribd.com/doc/237686960/Hacking-the-Great-Firewall.

Laird wrote that the conversation had taken place”: Oxblood Ruffin, “The Longer March,” July 15, 1998, www.cultdeadcow.com/cDc_files/cDc-0356.html.

As leader of the Hong Kong Blondes”: Arik Hesseldahl, “Hacking for Human Rights?,” Wired News, July 14, 1998, www.cultdeadcow.com/news/wired/19980714/.

Clinton had been working to normalize relations”: “President Clinton’s Visit to China in Context,” Human Rights Watch, n.d., www.hrw.org/legacy/campaigns/china-98/visit.htm.

Klein’s wide-eyed write-up”: Naomi Klein, “Computer Hacking New Tool of Political Activism,” Toronto Star, July 23, 1998, reprinted at www.cultdeadcow.com/news/newspapers/toronto_star72398.txt. Klein also wrote about the Blondes in her book No Logo, in which she explained that she had confirmed the legitimacy of the Laird-Wong interview with the “subject” of that piece. Klein declined repeated interview requests.

Was releasing Back Orifice to the public immoral?”: “St. Paul, Back Door Boom Boom, and All the Tea in China” (press release), August 6, 1998, http://cultdeadcow.com/news/response.txt.

a respected China-based writer for the Los Angeles Times wrote a front-page feature story”: Maggie Farley, “Dissidents Hack Holes in China’s New Wall,” Los Angeles Times, January 4, 1999, http://articles.latimes.com/1999/jan/04/news/mn-60340.

he said he had met Wong at a party”: Oxblood Ruffin, “Chinese Checkers,” cDc text file #361, December 23, 1998, www.cultdeadcow.com/cDc_files/cDc-0361.html.

cDc issued a joint statement”: “LoU Strike Out with International Coalition of Hackers: A Joint Statement by 2600, the Chaos Computer Club, the Cult of the Dead Cow, !Hispahack, L0pht Heavy Industries, Phrack and Pulhas” (press release), January 7, 1999, www.cultdeadcow.com/news/statement19990107.html.

The LoU, which had been split internally over the matter”: A member of LoU told Misha the internal story during a panel for a screening of the documentary on Anonymous, We Are Legion. LoU member Bronc Buster later joined Hacktivismo and worked on an early, rough version of Peekabooty, a privacy-protecting browser.

Laird walked the tale halfway back”: Oxblood Ruffin, “Blondie Wong and the Hong Kong Blondes,” Medium, March 23, 2015, https://medium.com/emerging-networks/blondie-wong-and-the-hong-kong-blondes-9886609dd34b.

Hacktivismo Declaration”:The entire declaration was disseminated within a joint cDc-Hacktivismo press release: “International Bookburning in Progress,” July 4, 2001, www.cultdeadcow.com/cDc_files/declaration.html.

I didn’t write the ‘Harlem Declaration’ to preach to the converted”: This was in an email Laird sent others in cDc.

In a public FAQ post”: “The Hacktivismo FAQ v1.0,” 2000–2001, www.cultdeadcow.com/cDc_files/HacktivismoFAQ.html.

Milošević, acting as his own attorney”: Ball’s cross-examination is available on the website of the International Criminal Tribunal for the Former Yugoslavia. The Cult of the Dead Cow question came on March 14, 2002, at page 2228 of the trial transcript. www.icty.org/x/cases/slobodan_milosevic/trans/en/020314IT.htm.

The program, informally known as ‘internet in a box’”: Alexander Howard, “Exit Interview: Alec Ross on Internet Freedom, Innovation and Digital Diplomacy,” Huffington Post, March 12, 2013, www.huffingtonpost.com/alexander-howard/exit-interview-alec-ross-_b_2860211.html.

Adam O’Donnell, known as Javaman, also worked on a CIA project”: The section on O’Donnell’s CIA work is based on interviews with two people familiar with it.

Chapter 8: Much @stake

overexcited public relations people told media the real names”: Wysopal recalls that the first outlet to publish their names was Newsweek. Mudge says he was also outed by the White House, which put him on a list of those meeting the president.

having sex with a prostitute”: Three senior @stake employees independently told me the story.

She lost the vote and a few days later was proven right”: Snyder is my main source for the account of her Microsoft tenure.

testing the security of an SQL database for a German bank”: Litchfield told the story himself in an article on Threatpost: David Litchfield, “The Inside Story of SQL Slammer,” Threatpost, October 20, 2010, https://threatpost.com/inside-story-sql-slammer-102010/74589/.

a 2003 paper arguing that Microsoft’s monopoly was bad for security”: Dan Geer et al., “CyberInsecurity: The Cost of Monopoly,” http://geer.tinho.net/pubs.

an intelligence contractor I will call Rodriguez”: This story comes from multiple interviews with Rodriguez.

location tracking in every cell phone”: The defense of location privacy, Hong Kong Blondes admission, and lone-wolf stories come from Mudge.

Ultimately, I just cracked a bit”:Mudge’s first public admission of his mental health issues came in a good 2015 Washington Post series about why the internet’s security flaws remain unfixed: Craig Timberg, “A Disaster Foretold—and Ignored,” Washington Post, June 22, 2015, www.washingtonpost.com/sf/business/2015/06/22/net-of-insecurity-part-3/.

Ninja Strike Force member I will call Stevens”: Stevens told both me and another source of his experiences.

Some operatives installed keyloggers”: This was reported in Sean Naylor’s recent history of JSOC, Relentless Strike (New York: St. Martin’s Press, 2015).

Others had similar experiences”: Thieme provided me with the emails from veterans.

The first mainstream articles on the zero-day business”: Andy Greenberg profiled the @stake veteran who calls himself the Grugq in “Shopping for Zero-Days: A Price List for Hackers’ Secret Software Exploits,” Forbes, March 23, 2012, www.forbes.com/sites/andygreenberg/2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/. I later wrote a deeper story and a sidebar for Reuters: “Special Report: U.S. Cyberwar Strategy Stokes Fear of Blowback,” Reuters, May 10, 2013, www.reuters.com/article/us-usa-cyberweapons-specialreport/special-report-u-s-cyberwar-strategy-stokes-fear-of-blowback-idUSBRE 9490EL20130510, and “Booming ‘Zero-Day’ Trade Has Washington Cyber Experts Worried,” Reuters, May 10, 2013, www.reuters.com/article/us-usa-cyberweapons-policy/booming-zero-day-trade-has-washington-cyber-experts-worried-idUSBRE9490EQ20130510.

organized criminals, a preponderance of them in Russia and Ukraine”: I cover the evolution of botnets and the reason for Russian prominence in malware in Fatal System Error (New York: PublicAffairs, 2010).

once you accept that there are bugs”: “Canvassing All Security Cracks,” Sydney Morning Herald, April 22, 2005, www.smh.com.au/technology/canvassing-all-security-cracks-20050422-gdl620.html. Aitel did not respond to my interview requests.

They rejected illegal jobs”: Interview with Val Smith.

Project Mayhem”: “Phrack Prophile on the UNIX Terrorist,” Phrack #65, November 4, 2008, http://phrack.org/issues/65/2.html.

the new consulting firm, iSec Partners”: The story of iSec comes from my interviews with Stamos and an electronic exchange with Rubin.

Chapter 9: Tor and Citizen Lab

Hacktivismo is good with thinking up new projects”: Robert Lemos, “Long Haul Ahead for Social Hackers,” ZDNet, February 19, 2002, www.zdnet.com/article/long-haul-ahead-for-social-hackers/. Baranowski declined my interview requests. DeVilla spoke in an interview with me.

Some of our early interactions around hacktivism”: Deibert gives Laird Brown credit not only in his comments to me but also in his book Black Code (Toronto: Signal, 2013).

in the context of international security”: The early scope is described in Deibert’s book Black Code.

Silicon Valley firm Blue Coat”: The Blue Coat research drew mainstream-media attention. The company blamed resellers of its products.

The lab also took on the legal sale of exploits”: The lab’s research is highlighted on its website: https://citizenlab.ca/category/research/.

A devastating series of four front-page reports in the New York Times”: For example, see Azam Ahmed, “Spyware Trailed Investigators in Mexico,” New York Times, July 9, 2017, www.nytimes.com/2017/07/10/world/americas/mexico-missing-students-pegasus-spyware.html.

But they faced accusations of bias”: I wrote about the Balkanization of high-end security research in “Politics Intrude as Cybersecurity Firms Hunt Foreign Spies,” Reuters, March 11, 2015, www.reuters.com/article/us-cybersecurity-fragmentation-insight/politics-intrude-as-cybersecurity-firms-hunt-foreign-spies-idUSKBN0M809N20150312.

Deibert’s team dubbed the spy network GhostNet”: The original GhostNet report—“Tracking GhostNet: Investigating a Cyber Espionage Network,” March 28, 2009—is here: https://issuu.com/citizenlab/docs/iwm-ghostnet.

Chapter 10: Jake

He also had an extraordinarily compelling personal story”: A number of journalists have recounted Appelbaum’s upbringing, including Nathaniel Rich in a Rolling Stone article (“The American Wikileaks Hacker,” December 1, 2010, www.rollingstone.com/culture/culture-news/the-american-wikileaks-hacker-238019/). One longtime friend of Jake’s vouched for the major points in the Rolling Stone story. Appelbaum himself did not respond to my interview requests by email, Twitter direct message, and emails to his graduate school advisors.

a bizarro version of Mark Zuckerberg”: Rich, “The American Wikileaks Hacker.”

Even more of a show-off than Jake”: The best work on Assange is Andy Greenberg’s book This Machine Kills Secrets (New York: Plume, 2012). His emails to the Cypherpunks list are available on the list archive, which tends to move around a bit online.

The story of Anonymous”: See Gabriella Coleman, Hacker, Hoaxer, Whistleblower, Spy (Brooklyn, NY: Verso, 2014); and Parmy Olson, We Are Anonymous (New York: Back Bay Books, 2012).

I wrote a short 2011 story in the Financial Times”: “Cyberactivists Warned of Arrest,” Financial Times, February 4, 2011, www.ft.com/content/87dc140e-3099-11e0-9de3-00144feabdc0. My other stories on Anonymous and LulzSec included “They’re Watching, and They Can Bring You Down,” FT Magazine, September 23, 2011, www.ft.com/content/3645ac3c-e32b-11e0-bb55-00144feabdc0#axzz1YtFTuZd2.

What we did was different”: Ryan Gallagher, “Why Hacker Group LulzSec Went on the Attack,” Guardian, July 14, 2011, www.theguardian.com/technology/2011/jul/14/why-lulzsec-decided-to-disband.

Davis later said”: In an email conversation with me.

Assange was tracking events closely”: Olson, We Are Anonymous, 326–329.

Russia also had a substantial presence”: UK and US law enforcement officials told me this as I was covering Anonymous for the Financial Times. I have interviewed Cassandra Fairbanks and noted her curious evolution for Reuters.

WikiLeaks’s flagging reputation”: How Snowden chose his journalists was laid out long after he went public. This version was presented at a memorial for John Perry Barlow, which I attended. A video of the memorial is available online and worth watching: https://supporters.eff.org/civicrm/event/info?reset=1&id=191. Trevor Timm talked about the release of the Snowden documents; the discussion begins at around 1:32:00 of the video.

Jake later reported related stories for Der Spiegel”: The heart of these stories is what is known as the ANT catalog, which details specific attacks. The Guardian and other publications generally shied away from identifying the devices and software the NSA could hack.

Other stories showed that the NSA had continued to corrupt security products”: Good accounts of the NSA subverting standards, under a project called Bullrun, include these: Nicole Perlroth, Jeff Larson, and Scott Shane, “N.S.A. Able to Foil Basic Safeguards of Privacy on Web,” New York Times, September 5, 2013, www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html; James Ball, Julian Borger, and Glenn Greenwald, “Revealed: How US and UK Spy Agencies Defeat Internet Privacy and Security,” Guardian, www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security; and “Dual EC DRBG,” Project Bullrun, July 31, 2005, https://projectbullrun.org/dual-ec/index.html.

Song urged Koum”: These details come from three people with knowledge of the events.

citing the opportunity”: Acton’s initial statement is here: https://signal.org/blog/signal-foundation/. The second quote is from an interview with me.

He bragged of multiple lovers”:Poitras acknowledged the relationship in her film Risk. Jardin confirmed her relationship by email.

Steele came too late for some”: Komlo wrote her account anonymously for the protest website JacobAppelbaum.net, then later came forward by name. I spoke to her after that. I also interviewed Leigh Honeywell and others involved in the Tor investigation. As stated earlier, Appelbaum did not respond to interview requests. Neither did Bernstein. Gilmore’s early defense came on a private email list.

Being involved with him was a steady stream of humiliations small and large”: Leigh Honeywell, “He Said, They Said” (blog post), hypatia.ca, June 7, 2016, https://hypatia.ca/2016/06/07/he-said-they-said/.

What you tolerate and don’t tolerate defines you”: This is from an interview with someone involved in the investigation.

You can’t dialogue with a sociopath”: Farr wrote this as a post on Medium. He later deleted it, saying that he did not want to further divide the security community. An archive of the original is here: https://web.archive.org/web/20160606222408/https://medium.com/@nickf4rr/hi-im-nick-farr-nickf4rr-35c32f13da4d.

most serious public statement in more than a decade”: “CULT OF THE DEAD COW Statement on Jacob Appelbaum / ioerror” (press release), June 6, 2016, http://w3.cultdeadcow.com/cms/2016/06/cult-of-the-dead-cow-statement-on-jacob-appelbaum-ioerror.html.

In a personal post on Medium”: Oxblood Ruffin, “Public Figures & Anonymous Victims,” Medium, June 8, 2016, https://medium.com/@oxbloodruffin/public-figures-anonymous-victims-543f0b02d684.

quote the emails between WikiLeaks and its real source”: “Read Mueller Probe Indictment of 12 Russians for Hacking Democrats,” Washington Post, n.d., http://apps.washingtonpost.com/g/documents/national/read-mueller-probe-indictment-of-12-russians-for-hacking-democrats/3087/.

Chapter 11: Mixter, Muench, and Phineas

When I was young, there was something fun”: Marlinspike’s comments came in a really good Wired profile by Andy Greenberg: “Meet Moxie Marlinspike, the Anarchist Bringing Encryption to All of Us,” Wired, July 31, 2016, www.wired.com/2016/07/meet-moxie-marlinspike-anarchist-bringing-encryption-us/.

an early supporter of Laird’s Hacktivismo project named Martin Muench”: Muench did not respond to my interview requests.

sixty-page Gamma catalog”: A partial version is online at https://archive.org/stream/186_201106-ISS-ELAMAN1/186_201106-ISS-ELAMAN1_djvu.txt.

I just read the Citizen Lab reports”:Lorenzo Franceschi-Bicchierai, “Hacker ‘Phineas Fisher’ Speaks on Camera for the First Time—Through a Puppet,” Motherboard, July 20, 2016, https://motherboard.vice.com/en_us/article/78kwke/hacker-phineas-fisher-hacking-team-puppet. The interview was conducted by VICE reporter Lorenzo Franceschi-Bicchierai, who did the best work on Gamma’s hacking and several copycat attacks on spyware vendors. Not unreasonably, he declined to pass along my interview request to Phineas, whom I was unable to reach.

In another interview a month earlier”: Enric Borràs, “Phineas Fisher; ‘I’m Wanted by Much More Powerful Police Forces than Catalonia’s and for Much Worse Crimes,” Ara, June 6, 2016, www.ara.cat/en/Im-much-powerful-Catalonias-crimes_0_1590441016.html. The author of that article also declined to pass along my interview request to Phineas.

If you’re a spouseware vendor, we’re coming for you”: The group posted its widely quoted warning and advice on Pastebin: https://pastebin.com/raw/Y1yf8kq0.

public interest hacking”: Gabriella Coleman, “The Public Interest Hack,” Limn, issue 8 (February 2017), https://limn.it/articles/the-public-interest-hack/.

articles about the leaked Panama Papers”: The work was led by the International Consortium of Investigative Journalists (www.icij.org), with the McClatchy newspaper chain and the Miami Herald playing major roles.

Two former Kaspersky employees told me”: When I asked Eugene Kaspersky about the claims, he acknowledged his software sometimes took inactive code. Joseph Menn, “Kaspersky Acknowledges Taking Inactive Files in Pursuit of Hackers,” Reuters, November 3, 2017, www.reuters.com/article/us-cyber-summit-kaspersky/kaspersky-acknowledges-taking-inactive-files-in-pursuit-of-hackers-idUSKBN1D328B.

I once again express my sympathy and profound condolences to the family of the Russian pilot”: Alec Luhn and Ian Black, “Erdoğan Has Apologised for Downing of Russian Jet, Kremlin Says,” Guardian, June 27, 2016, www.theguardian.com/world/2016/jun/27/kremlin-says-erdogan-apologises-russian-jet-turkish.

I hacked AKP”: Dissent, “Notorious Hacker ‘Phineas Fisher’ Says He Hacked Turkey’s Ruling Political Party,” July 21, 2016, https://www.databreaches.net/notorious-hacker-phineas-fisher-says-he-hacked-turkeys-ruling-political-party/.

UK security activist Thomas White”: White later removed his personal site from the web.

Phineas told VICE he was retiring”: Lorenzo Franceschi-Bicchierai, “Hacking Team Hacker Phineas Fisher Is Taking a Break Because of Stress,” Motherboard, February 9, 2017, https://motherboard.vice.com/en_us/article/xy5enw/hacking-teams-phineas-fisher-will-return-but-only-after-a-break-at-the-beach.

collaborative reasoning tool”: Pitsos described Kialo that way to the Financial Times in “Meet the Start-Up That Wants to Sell You Civilised Debate,” January 24, 2018, www.ft.com/content/4c19005c-ff5f-11e7-9e12-af73e8db3c71.

Chapter 12: Mudge and Dildog

Peiter Zatko, known to even close friends as Mudge”: There are multiple stories about how Mudge took his best-known handle. The truth is the most boring one: It was a classmate’s actual last name, as Mudge explained to tech journalist Elinor Mills in a taped interview.

it got loose in its test version”: Interview with Cerf.

the creation and suppression of strategic surprise”: Dugan used this version of the phrase in various talks, but it dates to at or near the agency’s creation. Similar wording is in a DARPA fact sheet here: www.darpa.mil/attachments/DARPA_Fact_Sheet_1_07-25-17.pdf.

Now he called in a dozen”: My main sources for the meeting are Song and Mudge. Mudge also credited Song with the CFT idea in a talk on YouTube.

Miller was presenting”: The story of Miller’s funding comes from both Miller and Mudge.

Cyber Analytic Framework”: Parts of the Framework are classified, but Mudge has discussed other aspects of it with me and in talks available on YouTube. It has been reported elsewhere that another project of Mudge’s, to detect unusual activity on a network, was aimed at ferreting out moles and whistle-blowers. But Mudge vigorously disputes that, saying that it hunted for actions by user credentials being wielded by outsiders. Kaufman backs Mudge’s version.

Mudge accepted the secretary of defense’s highest award for civilian service”: I saw a hand-redacted version of the citation.

a secure operating system on a memory card”: Mudge talked about the project at Google’s annual developer’s conference in 2015; the talk can be viewed here: www.youtube.com/watch?v=mpbWQbkl8_g.

a harder time attacking Google’s Chrome browser”: Mudge and Sarah Zatko have released various findings from the lab in talks at Black Hat and other conferences.

I hate Adobe”: A large proportion of criminal and geopolitical malware depended on Flash vulnerabilities for years. The bad security was one of the reasons that Steve Jobs killed Apple support for it. In 2018, Flash is nearing end of life.

Gallagher gave him a shout-out”:Hugh Gallagher, “White Boy Rocks Harlem,” posted by zpin, YouTube video, 2:40, June 28, 2006, www.youtube.com/watch?v=Hv1ihFI5iKI.

In four years, the group found 1,400 vulnerabilities”: Figures disclosed by Project Zero and Google Chrome overseer Parisa Tabriz at her Black Hat keynote in 2018, covered here: Seth Rosenblatt, “Google’s ‘Security Princess’ Calls for Stronger Collaboration,” Parallax, August 8, 2018, www.the-parallax.com/2018/08/08/google-security-princess-parisa-tabriz-black-hat/.

Chapter 13: The Congressman and the Trolls

a punk band, Foss”: The band also featured Cedric Bixler-Zavala, later lead singer of Grammy Award–winning the Mars Volta. Here’s Foss on a television show in El Paso in 1994: “Foss on Let’s Get Real TV show- El Paso, TX- 1994 Pt 3- The Song,” posted by elephantandseal, YouTube video, 9:59, June 30, 2012, www.youtube.com/watch?time_continue=2&v=eI5GGPFnX24.

one of the poorest cities in America”: And still eighth-poorest several years later, per a CBS News ranking in February 2015: Bruce Kennedy, “America’s 11 Poorest Cities,” MoneyWatch, CBS News, February 18, 2015, www.cbsnews.com/media/americas-11-poorest-cities/.

a slim book”: Beto O’Rourke and Susie Byrd, Dealing Death and Drugs: The Big Business of Dope in the U.S. and Mexico (El Paso, TX: Cinco Puntos Press, 2011).

He showed voters the energy he could devote”: There are many decent accounts of Beto’s career and campaign, though none picked up on his early hacking and bulletin-board posts. Among the better stories are Patrick Svitek, “Rep. Beto O’Rourke, in Long-Shot Bid for Senate, Is No Stranger to ‘Calculated Risks,’” Texas Tribune, April 7, 2017, www.texastribune.org/2017/04/07/beto-orourke-2018-senate-bid-ted-cruz/; and Eric Benson, “What Makes Beto Run?,” Texas Monthly, January 2018, www.texasmonthly.com/articles/makes-beto-orourke-run/.

Beto began broadcasting the event from his phone over Facebook”: Allana Akhtar and Paul Singer, “Facebook Live, Periscope Have Big U.S. Political Moment with House Sit-In,” USA Today, June 23, 2016, www.usatoday.com/story/tech/news/2016/06/23/facebook-live-periscope-have-big-political-moment-house-sit-/86297956/.

they streamed live video.”: Large segments of the livestream are findable with the hashtag #BipartisanRoadtrip.

Never Again” pledge: https://neveragain.tech.

Speaking as Matlock”: After my interview with him, an antifascist group published Matlock’s real name. Two of Noonan’s associates then confirmed it to me. In 2019, Noonan told me he had moved on: “I’m out of politics and I have been getting far-right activists and white nationalists, many of whom I was with at Charlottesville, to drop acid and slam ketamine in an effort to reevaluate their lives and stay relevant to society instead of going down the autistic rabbit hole.”

But Auernheimer was suspected of hosting faked documents”: Eric Geller, “Neo-Nazi Activist May Be Behind Fake Macron Accounts,” Politico, January 28, 2018, www.politico.eu/article/neo-nazi-activist-may-be-behind-fake-macron-documents/. In a 2019 email exchange with me, Auernheimer declined to answer questions about his activities in the French or American elections but said he did not work with Russia. He did work at times with right-wing troll Charles “Chuck” Johnson, whose startup WeSearchr coordinated bounty offers for the fruits of political opposition research, including “proof” Macron was gay and Clinton’s deleted emails.

network of companies including Cambridge Analytica”: Coverage of Cambridge Analytica, including the identification of a whistle-blower, was led by the Guardian.

I revealed that security company RSA had taken $10 million”: “Exclusive: Secret Contract Tied NSA and Security Industry Pioneer,” Reuters, December 20, 2013, www.reuters.com/article/us-usa-security-rsa-idUSBRE9BJ1C220131220. A follow-up is here: Joseph Menn, “Exclusive: NSA Infiltrated RSA Security More Deeply than Thought—Study,” Reuters, March 31, 2014, www.reuters.com/article/us-usa-security-nsa-rsa/exclusive-nsa-infiltrated-rsa-security-more-deeply-than-thought-study-idUSBREA2U0TY20140331?irpc=932.

Stamos quit Yahoo in 2015”: Joseph Menn, “Exclusive: Yahoo Secretly Scanned Customer Emails for U.S. Intelligence—Sources,” Reuters, October 4, 2016, www.reuters.com/article/us-yahoo-nsa-exclusive/exclusive-yahoo-secretly-scanned-customer-emails-for-u-s-intelligence-sources-idUSKCN1241YT.

Facebook experts found GRU reconnaissance of campaign workers”: Joseph Menn, “Exclusive: Russia Used Facebook to Try to Spy on Macron Campaign,” Reuters, July 26, 2017, www.reuters.com/article/us-cyber-france-facebook-spies-exclusive/exclusive-russia-used-facebook-to-try-to-spy-on-macron-campaign-sources-idUSKBN1AC0EI. I covered Facebook, propaganda, and hacking closely during this time and routinely interviewed intelligence, congressional, Facebook, and outside security sources.

intelligence officials told Time magazine that Russian propagandists bought Facebook ads”: Massimo Calabresi, “Inside Russia’s Social Media War on America,” Time, May 18, 2017, http://time.com/4783932/inside-russia-social-media-war-america/.

2018 indictments of thirteen Russians”:Matt Apuzzo and Sharon LaFraniere, “13 Russians Indicted as Mueller Reveals Effort to Aid Trump Campaign,” New York Times, February 16, 2018, https://www.ny times.com/2018/02/16/us/politics/russians-indicted-mueller-election-interference.html.

Cruz also got tweets of support from IRA accounts”: Josh Russell, “If you go look at the Clemson researchers database there are at least 4500 tweets containing ‘Cruz’ dating all the way back to february 2015,” Twitter, September 13, 2018, 7:39 p.m., https://twitter.com/josh_emerson/status/1040429696792637440.

Stamos was trying to do the right thing”: The board incident was reported in Sheera Frenkel et al., “Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis,” New York Times, November 14, 2018, www.nytimes.com/2018/11/14/technology/facebook-data-russia-election-racism.html.

farewell memo”: Ryan Mac and Charlie Warzel, “Departing Facebook Security Officer’s Memo: ‘We Need to Be Willing to Pick Sides,’” BuzzFeed News, July 24, 2018, www.buzzfeednews.com/article/ryanmac/facebook-alex-stamos-memo-cambridge-analytica-pick-sides.

Rank-and-file tech workers”: Daisuke Wakabayashi and Scott Shane, “Google Will Not Renew Pentagon Contract That Upset Employees,” New York Times, June 1, 2008, www.nytimes.com/2018/06/01/technology/google-pentagon-project-maven.html.

Cruz is a rare and precious gift”: Frank Bruni, “Watch Out, Ted Cruz, Beto Is Coming,” New York Times, April 7, 2018, www.nytimes.com/2018/04/07/opinion/sunday/ted-cruz-beto-orourke-texas.html.

Vanity Fair had dubbed him Kennedyesque”: Abigail Tracy, “Meet the Kennedyesque Democrat Trying to Beat Ted Cruz,” Vanity Fair, May 31, 2017, https://www.vanityfair.com/news/2017/05/beto-orourke-ted-cruz-texas-senate-2018.

Beto told National Public Radio”: Wade Goodwyn, “Texas Democrat’s Underdog Bid to Unseat Ted Cruz Picks Up Momentum,” All Things Considered, NPR, March 5, 2018, www.npr.org/2018/03/05/590709857/texas-democrats-underdog-bid-to-unseat-ted-cruz-picks-up-momentum.

sons of bitches”: Adam Edelman, “Trump Rips NFL Players After Anthem Protests During Preseason Games,” NBC News, August 10, 2018, www.nbcnews.com/politics/donald-trump/trump-rips-nfl-players-after-protests-during-preseason-games-n899551.

Beto, who had never been asked the question before”: Daniel Kreps, “Watch Beto O’Rourke Talk Trump’s Texas Visit, NFL Kneeling Viral Video on ‘Ellen,’” Rolling Stone, September 5, 2018, www.rollingstone.com/politics/politics-news/watch-beto-orourke-talk-trumps-texas-visit-nfl-kneeling-viral-video-on-ellen-719245/.

O’Rourke offers not just a path to victory in Texas”: Peter Hamby, “‘It Seems Like Iowa in 2007’: Is Beto O’Rourke the Left’s Obama-Like Answer to Trump in 2020?,” Vanity Fair, August 29, 2018, www.vanityfair.com/news/2018/08/could-beto-orourke-be-the-next-obama.

when I told him I wanted to include his background in a post-election book”: Knowing a Congressman had belonged to the group, I guessed it was Beto from press coverage of his Senate race that described his rebellious youth in Texas. But other members would not confirm my suspicion, so I offered my word that I would not publish until after the November 2018 election. They agreed to my terms, and I then offered the same deal to Beto.

the beginning of the end for one-party rule”: James Henson, “Beto O’Rourke Should Run for Senate in 2020. He Could Win,” Washington Post, November 9, 2018, https://www.washingtonpost.com/opinions/beto-orourke-should-run-for-senate-in-2020-he-could-win/2018/11/09/99263192-e462-11e8-ab2c-b31dcd53ca6b_story.html?utm_term=.d75abaa157b8.

at the center of the dispute is Rep. Beto O’Rourke”: Jonathan Martin and Alexander Burns, “Democrats Have Two Paths for 2020: Daring or Defensive. Can They Settle on Either?,” New York Times, November 10, 2018, https://www.nytimes.com/2018/11/10/us/politics/democrats-2020-president.html.

A month later”: Matt Flegenheimer and Jonathan Martin, “Beto O’Rourke Emerges as the Wild Card of the 2020 Campaign-in-Waiting,” New York Times, December 9, 2018, www.nytimes.com/2018/12/09/us/politics/beto-2020-presidential-race.html.

Epilogue

Institute of Electrical and Electronic Engineers”: The IEEE code is available at www.ieee.org/about/corporate/governance/p7-8.html.

Security is about how you configure power”: Song’s speech was on YouTube for a time.