with him from our archives and others, ranging from the early 60s to 2013, conversations with people who had connections to him and lots of his music and wisdom. If you're a Pete fan or want to know more about him, you won't want to miss it. So once again, Friday, May 3rd, a celebration of Pete Seeger here on WBAI from 9 a.m. till midnight. ♪ Oh, I think I'm gonna be ♪ ♪ I'm gonna take a chance, oh ♪ ♪ If I had a song, if I had a song ♪ And you're listening to your radio station, WBAI New York. The time is just about seven o'clock. Time once again for another edition of Off the Hook. ♪ The telephone keeps ringing so I ripped it off the wall ♪ ♪ The telephone keeps ringing so I ripped it off the wall ♪ ♪ I cut myself while shaving, now I can't make a call ♪ ♪ We couldn't get much worse, but if they could, they would ♪ ♪ Bum-diddly-bum for the best, expect the worst ♪ ♪ I hope that's understood, bum-diddly-bum ♪ ♪ Bum-diddly-bum, bum-diddly-bum, bum-diddly-bum, bum-diddly-bum ♪ ♪ Bum-diddly-bum, bum-diddly-bum, bum-diddly-bum, bum-diddly-bum ♪ ♪ Bum-diddly-bum, bum-diddly-bum, bum-diddly-bum, bum-diddly-bum ♪ ♪ Bum-diddly-bum, bum-diddly-bum, bum-diddly-bum, bum-diddly-bum ♪ ♪ Bum-diddly-bum, bum-diddly-bum, bum-diddly-bum, bum-diddly-bum ♪ ♪ ♪ ♪ ♪ ♪ ♪ ♪ ♪ ♪ ♪ And a very good evening to everybody. The program is Off the Hook. Emmanuel Goldstein here with you. Joined tonight by Alex. Good evening. And Kyle. Yes, howdy. How you doing? I'm pretty good. How are you? I'm pretty good, too. We have a lot to talk about. And Alex. A lot to discuss, so maybe we can... Alex, how are you? You're good? I'm keeping very well. Let's get that out of the way. Thank you for asking. Yeah, we're all good. Okay. First, some station business. Yes. This week, actually, a very special week, because from Wednesday, well, today's already over, so basically tomorrow and Friday, we're going to have phone lines open for listeners to call up about missing premiums. How exciting. From 11 a.m. to 5 p.m., staff will be available to handle your complaints, kvetches, and even your compliments. I don't know why somebody would call up to compliment us about missing premiums, but whatever. You can call 212-209-2960 from, again, Wednesday to Friday. You already missed today, but tomorrow and Friday, April 24th to 26th. That looks like a 6, Reggie. All right. I'm going to rewrite that, because, okay. I'm sorry, people. Thank you. Thank you for listening. 212-209-2950. I don't know who you're going to get if you call the other one. Don't call that number. I'm just going to write that again so that it's more legible. All right, then. I wrote the wrong number. Okay. Yes. Tomorrow and Friday, 11 a.m. to 5 p.m. You know what? The phone number is also on the homepage at WBAI.org. All right. Yeah. Good to have that out of the way. Okay. So, we have other things that are going on, too. We put all the Circle of Hope videos up on YouTube earlier today, and guess what? We discovered that we've been blacklisted many, many times by Google. Google owns YouTube, as we all know. But, apparently, many of our talks, and this is a shock to me, are considered advertiser unfriendly. And we noticed this, you know, as we were sorting them, making sure everything was in the right order, we noticed that a bunch of them had little notations next to them that said, yeah, this isn't – most advertisers would not find this appealing or something in that vein. And we decided to have some fun with it, and if you go to our webpage, www.2600.com, you will see that we have listed all the videos that Google finds to be unacceptable. You can still watch them on YouTube, but you can't see ads. Now, you might ask, why do we want ads? Well, for precisely this kind of a thing, so that we know how their algorithm is judging things, judging content. Because, okay, right now, what you get out of that, you don't get any ads for an advertiser unfriendly video. But in the future, you could get something like, yeah, you're not allowed to see this from your particular region because we deem it unacceptable. The only way to understand how the algorithms work is to play with them and to experiment with them, to see just what it is that they're doing. In fact, in one case, there was a video that actually went a step further, and that was a talk about sex that was blocked by Google for anyone under 18. God forbid people under 18 find out something about sex. Yeah, the talk from the 11th Hulk, Hacking Sex, Toys, Tools, and Tips for Empowerment and Pleasure. Banned for anyone under 18 on YouTube. I mean, I think that's going a little too far. I think so too. I mean, I would imagine that would be very advertiser friendly, frankly. Well, I don't know what kind of advertisers. I don't really care. We don't make any money off this anyway. I think it's under $10 a month from thousands of views every month. Yeah, YouTube, you're not supposed to tell people that, by the way. It's sort of an unwritten rule in the YouTube community. Don't tell how much you're making because then they'll get mad. I don't care if they get mad. None of us care if they get mad. You won't make much money unless you have millions and millions of views. But unless you find a talking raccoon or something, it's unlikely you're going to do that. So what we did was we put all the videos up on our story along with links so that people can kind of have a marathon of objectionable talks from all 12 of our conferences. We had at least one talk that was deemed unacceptable by Google. In fact, Alex, one of your talks is on there. Let's see. Which one was it? It was from a while ago. It was from 2002. I think it was the abuse of authority talk that I did. Was it that one? Yes. Abuse of authority, Bernie S., Shapeshifter, and you. If you have a curse word in the title, that gets flagged immediately. If you have the word sex in the title, that gets flagged immediately. If you have anything relating to terrorism, that gets flagged immediately. I can't figure out what abuse of authority, what was in there. But the algorithm also goes through the actual content of the talk. They listen and they judge based on the words. It's kind of scary, but this is the future. I frankly don't even really remember a lot of the content from that 2002 talk. All you have to do is click on the link and you can watch the whole thing. I'm going to do that. It's going to be embarrassing for me to see myself 17 years ago, and most notably to see my hairline back then. Well, just to give people a sense, we're just going to read the ones from the last conference, the Circle of Hope, which took place in 2018. And we're not going to read the ones that have curse words in the title, obviously. Sex worker rights and internet freedom, yeah, unacceptable. Four arguments on why state hacking is bad. I don't know why that would be flagged. Hackers and shamans, travelers of the black box. In some cases, it seems like the word hack is flagged, but in other cases it's not. So I don't know what the criteria is for that particular categorization of being unacceptable. Hacking extradition, fighting the long arm of U.S. law, yeah. The sex geek returns, again, they have this thing about sex, so that is flagged. The Enron email corpus, where the bodies are buried. That was a very interesting talk. Yeah, that got flagged, too. I think there's some corporate things going on here, and we really depend on our listeners and our viewers to investigate this. That's why we posted it, so that people can experiment and see just what it is that makes Google say, yeah, this is something we're not going to offer to advertisers. And there's, like, all kinds of crazy advertisers out there, so I think they'd be drawn to this kind of thing, but what do I know? Continuing, help, my toaster is attacking me and other 911 calls of the future. I don't know, maybe 911 did it. Who knows? Online monitoring of the alt-right. Interesting that that one got flagged. Open oversight, X-key score for cops. Tracking slash surveilling your local police. Unacceptable. Updates on iStore organizations from the BS police, was probably the spelling out of BS that did it. And finally, Life Before Leak, the Hacker's Illustrated Guide to Script Kitty History. It really pains me that that one got flagged. So, there's a whole page, if you go to YouTube, you'll find advertiser-friendly content guidelines. And there are all sorts of things there about controversial issues, sensitive events. Video content features are focused on sensitive topics or events, including but not limited to war, political conflicts, terrorism or extremism, death and tragedies, sexual abuse. Even if graphic imagery is not shown, it's generally not suitable for ads. Drugs, dangerous products or substances, harmful or dangerous acts, inappropriate language, incendiary, demeaning, sexually suggestive, violence. Most of this is not in any of our talks, but there's three pages of enlightening reading as far as what they consider to be acceptable. I mean, I find it frankly to be an honor that I'm included in that list of non-advertising-friendly talks. That's what we said, yes. We gave people congratulations if they're on that list. I'm sorry, Kyle, your talk was not deemed objectionable by Google on the Telephone Pioneers. I'll keep working hard to make that elite club. Just, yeah, be a little more offensive. I think you can do it. I'll try. So, on the other hand though, the talk that I gave this year, which was about cybersquatting on the Trump campaign, was apparently deemed as advertising-friendly. And when I went to it, to the uploaded link that you had provided and checked out the video, an ad was actually shown to me before my video. And we made no money from that ad. I'm sure you didn't. But it was very strange too because, you know, my talk at Hope this year was about this cybersquatter that was about to do something that appeared to be, you know, very bad to the Trump campaign and it was this sort of harrowing tale of deceit and detection. And it was interesting, but it was very unfavorable to Trump. The ad, however, that was displayed was really curious because it was a pro-Trump ad of sort of very poor quality and resolution calling for the resignation of Adam Schiff. Wait a minute. Hold on. Your talk got a pro-Trump ad attached to it? It did. Google, what are you thinking? For God's sake. That's exactly my point. Talk about relevance. Wow. I mean, like a really, really incendiary too. I mean, I think that was even in the guidelines, this word incendiary. But in any event, I mean, it was really over the top, calling for the resignation of Adam Schiff. I wish I was recording the screen as it was displayed because it was really bizarre and I thought, how could they possibly think that this was, you know, appropriate for this particular type of audience? In fact, it's the exact opposite of what people would be interested in. What's the name of your talk? Cybersquatting on the Trump Campaign. Okay. So go to youtube.com slash channel 2600 and look for that title in the Circle of Hope videos. Click on it. Make sure ad blocking is not on because ad blocking is a very effective way of not seeing ads. And if it's off, tell us what ad you see. We'd like to know. See if you see that same crazy pro-Trump ad that Alex saw. Write to us, oth at 2600.com. So that's a bit of fun. We have all our videos up now. And speaking of which, this particular ad, if I recall it correctly, some of the content itself was somewhat sexually suggestive coming from language of the president himself calling Adam Schiff... The ad was sexually suggestive. So the ad violated the ad-friendly criteria. It was designed in such a way as to take Trump's remarks about the thinness and smallness of Adam Schiff's neck and make one believe that he was about to talk about not his neck, but his phallus. Wow. Okay, well, let's try and pick up the intelligence level as we stooped all the way down there. Thanks for YouTube and everybody for bringing us to that. Just one comment. The monetization is the environment that I think a lot of people are existing in on YouTube. And most everything you watch there will potentially have some kind of ad associated with it. And it's not really well understood. I think what we're asking is we want as much information about how those ads are selected and how it is incorporated, whether it's personalized for you based on your browsing history or some combination thereof of the content filtering and its understanding or hearing of the language and words used combined with some kind of measurement on your particular personal browser. And though this flagging will, what we're upset about is it will limit the monetization that is built in and that we're all kind of operating under. But the real disadvantage is that it's, and what our point is here, and I don't want it to get lost, is that it's limiting the flow of information because so much is lost. Yeah, perhaps one or the other of these talks do cross paths with a section of the wording that Google's using. But that's not the point. The real point, it's not that we want any more money or anything like that. That's just this system is what everyone has to deal with. And this filtering is listening and making a judgment. And what we end up with is less information in aggregate as a result, really just so that we can host these for free on the platform that everyone is using. And I really, I think that's a dangerous direction to go because it's not just filtering particular content like pornography or other things that don't fit within their standards. It's really the content of what is being discussed. So, like something that is about sex or about, and really may have educational value, it's like we immediately are on the defense and that value judgment is being made by a machine and it's really a process that is not transparent. Yeah, and what Kyle says is completely correct because we're not doing this for any kind of income. We'd be crazy. But we are doing this to understand how it works and to mess with it and experiment with it and to share information with the people that view this. And of course, you can always get the uncensored, completely ad-free versions from our store and much better picture quality too. But it makes me realize that we're fighting with just about every social media platform out there, whether it's YouTube or Google. Twitter won't verify any of our accounts. We're at war with them for some reason. Instagram won't let us have our username as a username even though we know they can do it. All numbers apparently is an issue. This is the 1990s we solved these problems, but apparently it would break Instagram if we had 2,600. And it saves us a lot of time not being on Instagram, so whatever. Are we fighting with Facebook? I don't think we're fighting with Facebook at the moment. There was some stuff going on with Facebook. Oh, there was drama. There's a lot of drama on Facebook, but I don't think... We had nothing to do with the election. Not our hackers, I don't think. Nothing that came out in the report. Oh, the report. Let's get to the report in a second. First, an update on news. There was a story in The Gothamist, which is one of my favorite publications. Just basically the headline, someone smashed the hell out of dozens of Link NYC kiosks. Apparently somebody was going on a rampage smashing glass on about 30 Link NYC kiosks in the West Village in Chelsea. And just today, one of those Link NYC machines or kiosks, whatever you want to call them, fought back by sending out a picture of the guy as he was throwing a brick at that very machine. And I don't think it'll be long now before he has to face justice for that. So the machines do fight back. They do, and at least we know that the cameras are on and recording. Well, now we know. Sure, and probably that's why he was throwing a brick at it. Well, and also, you know, the privacy policies of the Link NYC kiosks have been problematic for a really long time, and they consider the images that those cameras will be taking as environmental images. And we don't necessarily know whether they're recording or not. But what's very interesting is, this all happened around the West Village in Chelsea, and I live right on the cusp of the West Village in Chelsea. I'll give out your info. That's fine. You know, people can look it up. Wait, how? How would people look it up? Okay, and you know what? Let's not give them that. Yeah, let's not give them that. Go ahead. I won't go farther than that. Your fictitious story of where you live. Yes, but anyway, so I'm coming home from dinner with my son on Sunday night, and I saw the Link NYC kiosk on my corner, and it appeared to be smashed. And I thought, oh, there's no way that's actually smashed. It's just the image of a cracked screen being displayed on the screen. I thought it was a joke. I thought it was, you know, like those bridges in China, those kind of transparent bridges that appear to crack underneath your feet. Wait, what? Did you ever see these really high transparent bridges? Why would you want to go on one of those? I know, they're terrifying, honestly. And you see these videos on YouTube of the, you know, shattering of these bridges. I don't use YouTube. Yeah, exactly. The advertiser-friendly videos of terrified Chinese people going over these bridges. But in any event, it looked fake to me, so I literally had to go over to it and touch it. And that's only by touching it did I realize that it was really broken. And that's when the cop cuffed you, right? No, but then I went to the other side of the kiosk, and I saw the same exact thing happen to the other side. And that was when I realized, oh, this had to be an intentional act of vandalism. You think? Yeah, both sides cracked. So it's really, I think, quite interesting. And I think you're right. It'll probably be, you know, a short trip to catch this guy if he's still in New York. See, people are rising up against technology in all different ways. I don't approve of that particular way, except in extreme circumstances. But questioning, hacking, playing around with things, that is our moral obligation. But hey, we only have a limited amount of time. We have two guests on tonight, so we have to race kind of fast. I want to talk about the Mueller Report, which was released to, well, sort of released to the public and to Congress last Thursday. There's a particularly good review of it from people who review PDFs, Technical and Cultural Assessment of the Mueller Report PDF. Who are these people that review these things? I think it's part of the PDF organization or PDF association. Does every file format have an organization? Probably. Well, probably not as well-versed in this particular subject. Let me just read you a couple of things from it. From a PDF technology perspective, the file uses PDF 1.6 technology. It is of acceptable quality, but does not conform to ISO 19005, the archival standard for PDF files. It is not digitally signed or encrypted for security. Based on its metadata, the PDF released by the Department of Justice was produced using Ricoh MP6C502 software, probably a typical office network copier slash printer. The file was produced on April 17th after 6.23 p.m. The document consists of 448 200 dpi RGB color images, all 2200 by 1700 pixels in size. The images were compressed with lossy compression, more appropriate to photographs than to text. This is the cause of the noise associated with the text. Okay, it goes on in much more detail. But what I'm curious about, do they conclude that this was scanned as an image or was it scanned as something that was searchable? Because if it was searchable and DOJ changed it so it wasn't searchable, that says a lot. I believe the report concludes that the report that the special counsel provided to the Department of Justice was likely a hard copy. And then the Department of Justice had scanned that particular hard copy, made an image scan of that, didn't OCR it, and then used redaction software, professional redaction software, to make those redactions throughout the Mueller report itself, then printed out that copy of the Mueller report that contained the redactions and re-scanned that, which indicates, or rather, which would explain why there's so much noise associated with the text and some of the images. And it would also explain why there are two bars on some of the pages. You noticed, I'm sure everybody noticed, a yellow line going through some of the pages? Yes. That was from the scanner itself. And over to the right side of portions of the Mueller report, there was another gray vertical bar. The yellow bar, I believe, was a horizontal bar. The gray bar was a vertical bar. Those probably came from different scanners. We're not making any bar puns in this, are we? I wish I thought of that. The yellow bar, I was going to say, was his testing of the pen to see if it even worked. But what we did was, while this was happening on Thursday, a lot of people were expressing frustration, and there were a couple of places where there were searchable PDFs, but you had to jump through hoops to read them. An interface with their particular software half the time didn't work. Ad blockers were triggering complaints. So we just grabbed a copy, and we just put it up on our website, and it's still there. And we actually made two copies. We have a PDF, and we have a text version, both of which are searchable. Now, the text version was OCR'd. We don't know by whom, but it's got a lot of errors in the words because it was done very quickly. But it's there. You don't need any software to get it. And if you want it, go to 2600.com. slash moellerreport.pdf. The capital M and capital R in moellerreport. And no space between those words. moellerreport.pdf or moellerreport.txt for the text version. Simple as that. You'll have it in a couple of seconds. You can print it. You can search it. You can have all kinds of fun with it without having to sign allegiance to a particular website or a new site or anything like that. So I actually took a look at the metadata that was associated with the original Mueller report, and I got the idea of doing that from looking at the PDF association report. And then I compared the metadata that I extracted from the 2600 version, the text searchable 2600 version. And, you know, it was interesting. It indicated, obviously, that the file was modified a few hours after it was released, when you made the OCR version. We didn't make the OCR version. All we did was copy it from, I think, Cory Booker had it, actually. I think we got it from him. Oh, is that right? Yeah. People give us all this credit. We don't get credit for the things we do, and we get credit for things we didn't do. All we did was find the copy and put it up on our website so that you didn't have to jump through hoops to get it. Is this how the magazine works, too? Pretty much, yeah. Okay. That's how I live my life. Interesting, yeah. But what was interesting was, between the two reports, the one bit of metadata that didn't ever change was the fact that the scanner slash network printer was the same RICO. So everything else was changing, but that RICO still remained the same, and we know that DOJ now uses this kind of RICO printer. Again, no pun on RICO. That's fine. As a legal person, that's fine. Yes, that's right. As a legal person, that's supposed to be fine. A real scream in the office. Yeah, exactly. Tell us your impressions of the release and anything else you might have noticed from a hacker perspective. Well, I think there's really a lot. We could probably spend weeks just dissecting and going through the Mueller report. You have about 10 minutes. Okay. Well, we can do it then. I will say, though, that a lot of the information that was in the Mueller report, people don't realize that that information was mostly in the public domain already, and most of that information came out from the Internet Research Agency indictment of February 2018. So there was so much information in that indictment. That was called a speaking indictment. I think it was around 37 pages, and that was when Mueller indicted the Internet Research Agency itself, along with several other Russian nationals, for election interference activities in the United States. So not surprisingly, that is sort of front and center in the Mueller report itself. But what we do get from the Mueller report is a lot more color and a lot more context to those factual allegations that are included in the Internet Research Agency, the IRA indictment. One thing I noticed, too, with the Mueller report is hack, or another form of the word hack, like the present active participle, hacking, or, you know, hack connected to a phrasal adjective, like hack-and-dump scheme, something like that, was found on a lot of pages, 57 pages, throughout the Mueller report. I think the Mueller report was a total of 440 pages or so. You're saying the word hack appeared that many times? Yeah, on 57 pages. So it obviously appeared a lot more times, you know, if you were to count the instances of the word hack, which is more difficult to do in a PDF for some idiotic reason, but it did appear on approximately 57 pages. And we learned a lot about, you know, this context with the IRA and Trump himself and the mendacity of a lot of the Trump campaign officials when it comes to knowledge with respect to what the Russians were doing and what was coming out from WikiLeaks, which sort of builds on our conversation from last week. So, you know, firstly, I think what we learned was this skepticism that Trump had about Russia, being the source of the attacks on the Democratic National Committee and the DCCC, that it came at the same time that he, meaning the president himself and Trump campaign officials, and this is a quote from the Mueller report, quote, privately sought information, and then redacted, about any further planned WikiLeaks releases. So on the one hand, he's discounting the fact that the Russians were involved in this, and at the same time, his Trump campaign officials are trying to get more information about when additional information is coming from WikiLeaks. And where were they trying to get this information from? Well, that's the bit that's redacted. Interesting. And it says, harm to ongoing matters. So these classifications of the redaction are really quite interesting, too, because, you know, some of them had to do with investigative techniques, you know, protections of sources and methods. That's the methods component of sources and methods. The other bits are harm to ongoing matters, which was abbreviated in the Mueller report as HOM, H-O-M, consistently throughout the document. So this harm to an ongoing matter, I think what we can reasonably conclude from that is it probably relates to Robert Stone. That would be my guess, because we know that he's subject... Roger. I'm sorry. Unless it's another Stone we don't know about. Yeah, that's right. Because we do know that he, Mr. Stone, is subject to an indictment, and that is an ongoing matter. So it's probably that, and that seems like it would fit within that text. And then the Mueller report detailed two critical components of what Russian interference meant. It had to do with the social media campaign and the, quote, hacking and dumping operation, which was the hacking of the DNC, the DCCC, and then dumping that information for dissemination over to WikiLeaks. With respect to the former, the social media campaign, another really interesting tidbit from the Mueller report is that we learned that the IRA, the Internet Research Agency, created these divisive social media posts on topics such about voter fraud or attacking particular candidates, things focusing a lot on Florida as well. And Trump campaign officials, including Kellyanne Conway, Donald Trump Jr., Eric Trump, Michael Flynn, and a few others, actually amplified these Russian social media posts with their own accounts. In all likelihood, they did this unknowingly because the content fit exactly the mindset of their electoral base, but it's a sort of curious coincidence. Another curious coincidence. Do you remember Trump's famous exhortation on the campaign trail? And I think it was June 2016 where he said, quote, I'll tell you this, Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing. You remember that. Everybody remembers that. Of course. So we know from the Mueller report now that within five hours after Trump's exclamation and exhortation, GRU operatives, that is Russian intelligence, targeted Clinton's personal office for the first time within five hours. Now, coincidentally, Mueller was able to— I'm sorry, was not able to identify any previous attempt before that exhortation. So there's another interesting coincidence. I like that you're calling it an exhortation. It makes him sound demonic. Yeah, I guess it does. Yeah, well, maybe he is. I think it is sort of a deserving type of thing. Why did it take them five hours, though? That's what I'm wondering. What time did he give—it was probably evening, probably in the middle of the night their time, they woke up in the morning and started first thing. That's what I think. I'm sure, yeah. I mean, sometimes that's how long it takes to get a message across. It was from Russia this was happening. Yeah, yeah. With the one-time keypad, I'm sure they had to decipher some kind of code and they got the go signal. Who knows? So complete exoneration. No collusion. No collusion whatsoever. No collusion. It's interesting how you can read different things if you lie. Yeah. Other interesting tidbits from a hacker perspective are that the Mueller report documented that Russia hacked into a Florida county election database and tried to spear fish over 120 Florida county officials. Within our law firm, we think we actually have identified a few of these particular attacks in Florida. And we know that Russians successfully targeted an election software developer with malware. What's interesting too is bits of that are redacted, but we shouldn't forget that Reality Winner released some of this information last year. I'm sorry. Maybe it was over a year ago now, and she is going to be in federal prison for five years. And that's why we have more information about this than actually was released in the Mueller report. Another kind of weird bit that came out of this too from a hacker perspective was there was a section on Russian bitcoin mining, and this was a redaction for an investigative technique. And this indicates to me that the GRU, that Russian intelligence, had some form of bitcoin mining operation whose purpose that the report describes without redaction was to, quote, secure bitcoin used to purchase computer infrastructure used in hacking operations. And again, we knew a bit of this before from the Internet Research Agency speaking indictment. And approximately six days after the first hacking into the DCCC network on April 18, 2016, another interesting bit from a hacker perspective is that GRU officers gained access to the DNC via a virtual private network connection between the DCCC and the DNC networks. So that's kind of interesting to me that they were able to compromise the VPN between those two networks, and that's what ultimately led to the breach of the file server on which all the information that was exfiltrated resided. Two other interesting tidbits here. Mueller described something by the name of X-Agent and X-Tunnel. X-Agent was malware that the Russians were using, kind of typical malware that would take screenshots, key logging, credentials harvesting, a whole bunch of other activities. And X-Tunnel was the data exfiltration methodology whereby they exfiltrated, I think, about 70 gigs of data from the DCCC and DNC networks. So these Unit 26165 officers, again, Russian intelligence, set up a group of computers. Now there's a quote from the Mueller report, set up a group of computers outside those networks to communicate with the implanted software, the first set of GRU-controlled computers known by the GRU as middle servers, which, as an aside, essentially a command-and-control middle man, sent and received messages to and from the malware on the DNC-DCCC networks. The middle servers, in turn, relayed messages to a second set of GRU-controlled computers labeled internally by the GRU as an AMS panel. And the AMS panel, and then we have a redaction, served as a nerve center through which GRU officers monitored and directed the malware's operations on DNC-DCCC networks. Now guess where that AMC panel was located, the computer on which resided the AMC panel. Hillary Clinton's basement. Close. It was in Arizona. Okay. Which is quite interesting. They found it in a floorboard in John McCain's bathroom. That's not funny. That's not funny either. That's too soon. Yeah, too soon, too soon, yeah. But it's interesting too, though, that it was located in Arizona because what we also know about the Russian operation is that they leased other computers that physically resided in the United States. Yeah, I think this is really important because the scrutiny for funds, like the payment stuff you just talked about with Bitcoin, I mean that I could easily see as a vector for paying service providers that you don't necessarily want to know where the money is coming from and to obfuscate all of that hiring of servers that are localized, in other words, that originate at an IP block that is inside the U.S. and not something that would be flagged as an international or regional IP block from a place like Russia or other place that might have less credibility and be under more scrutiny or more firewalled and sort of prevented from having a freedom of movement. Yeah, I completely agree. And we also know from the Internet Research Agency indictment that it's exactly what you said, Kyle, which is they used Bitcoin to engage in financial transactions for things like domain registrations as well. And then the other bit that I was thinking about with respect to the leased computers physically residing in the United States is it's about trust and control too. I mean, anybody can use a VPN to get a US IP address and make it seem like you're coming from somewhere, but a lot of those IPs are blacklisted. But the other bit, the most important bit is, I think, the control that they have over these particular servers. They can wipe the servers, they can wipe the logs, and they don't necessarily trust VPN providers to not be recording their data, and you don't have access to wipe a VPN provider's logs. That's what they needed to do. They needed to engage in anti-forensic activity. So, again, I think you're right. This is a really important point. Yeah, the payment scheme also was a factor with purchasing ads. That was the only other thing I wanted to correlate that with. I hate to do this, but we only have an hour, and we have so many things to get to this hour. We're going to have to continue this conversation. We can't even do it next week because we're preempted next week. It's May Day, and we have special programming here at WBAI. But I do want to take this opportunity to introduce one of our special guests tonight, Evan Koblentz from the Vintage Computer Festival is joining us because another one of those events is coming up. Evan, are you there? I'm here. Hello. Tell us, when is it, where is it, and how do people get involved? Okay, good questions. So the show this year is Friday, Saturday, and Sunday, May 3rd, 4th, and 5th, and it's at our usual spot, the Infowage Science and History Center in Wall, New Jersey. Our website is vcfed.org, VictorCharlieFox.EchoDelta.org, where you can just show up to get involved, or you can buy tickets online. We are a 501c3 nonprofit, so we're strictly a noncommercial event. Tell us the kinds of computers that people can find at these things because we've been there, and it's just, you know, it's only three days, and you need virtually every minute to totally explore and just see all the history that's represented there. Sure. Well, the first day of it, Friday, is all technical classes. We have 15 classes and three tracks on how to fix historic computers. Friday, we also have a panel discussion on DIY homebrew computing. Saturday and Sunday, there is a keynote each morning, and I'll talk about that in a minute, and then after the keynote is when the real meat of the show opens, that being the hands-on exhibit halls, the consignment, the vendors, the museums, etc. There's two exhibit halls, totaling about 30 or 40 exhibits. In total, there will be something like 150 actual vintage computers up and running, everything from, you know, DECK PDP, mini computers of the 60s, all the way up through early, you know, 32-bit Amigos of the 90s, and everything in between. Do you go earlier than the 60s? Is the 60s as old as you get? Well, so VCF, Year Round Museum, is located here in Infowage, and there we have, you know, things going back to the 40s and 50s. I don't think we've ever had an exhibitor bring an artifact early older than the 60s themselves. Fascinating. Now, do people have the opportunity to actually touch these things? Yes, that's what it's all about. When I was a little boy in the 80s and 70s, my dad collected 50s cars, and he would drive me to antique car shows, and I said, these are awesome, let's go for a ride. And he said, naive kid, what do you know? And that wasn't insulting. You know, they were machines, not fine art. If you touched them, you got yelled at. So now that I run a, you know, technology history event, we require the exhibitors to have everything up and running. Imagine a car show where everyone had to give you the keys to keep you for a ride, right? That's our analogy. Wow. Now, how do young people react to this? How do young people react? You know, sometimes there are little kids, 8, 9 years old, who blow us away with their knowledge. It's amazing. Kid walks in, and he walks right up to us and he goes, hey, that's an AT&T 6400. Like, how do you possibly know that? How do they know that? That's amazing. I don't know. I don't know. But most of the time, you know, guys my age, mid-40s, you know, are fathers of little kids and explain to the kids, this is how we play video games and how we program. Sometimes the kids appreciate it, sometimes kind of stare. I've noticed in our museum, when children come to visit, if I say program, they stare at me. I say app, and they say, oh, okay. Wow. Interesting. But the single most exciting thing this year is the Unix aspect. 50 years ago this summer, Dennis Ritchie and Ken Thompson invented Unix at Bell Labs here in Central Jersey, and we've got Ken Thompson as our keynote speaker on Saturday, May 5th this year. Oh, boy. Wow. Okay, you're going to have to have some crowd control there. That's huge. 50 years ago. I mean, what a great time to have him, too. 1969, summertime, Bell Labs, New Jersey, yeah. And so three years ago, our keynote speaker was Brian Kernaghan of K&R fame. This year, Brian's going to interview Thompson on stage. So it's pretty awesome. And, of course, you know, Dennis Ritchie passed away a few years ago. And then so in tribute of that, in the exhibit hall, we're having a special section called Unix Town. Fourteen of the exhibits are going to be all about Unix on every machine imaginable, everything from, you know, an Apple Lisa to PDP-8s all running Unix. We're also doing a 40th anniversary tribute to Atari this year, a similar kind of thing, with a huge Atari exhibit, and a tribute to there is on Sunday morning, who worked on the VCS, the Atari 800, and then moved over to Amiga. Well, Evan, I wish we had more time to discuss this in length. But as I mentioned, we're preempted next week. This event is taking place after that show. We wanted to make sure people found out about it. And it's one of the best events in our community, I think. One more time, can you give people as much information as they can possibly digest so that they don't miss this? Sure, sure. So Friday, Saturday, and Sunday, May 3rd, 4th, and 5th, all benefits of Vintage Computer Federation. We're a nonprofit user group, and all the details are on our website, victorcharliefox.ecodeltavcfed.org. Okay, great. And, again, that's not this weekend coming up, the weekend afterwards, Friday, Saturday, and Sunday. That is correct. All right, Evan, we're going to check in again and see how it goes. I'm sure we'll hear about this on the news as well. It's amazing. And if people are at all curious about old machines and technology, this is the event. Thanks so much. Thank you for giving us time. Appreciate it. Thank you. And we look forward to attending one of these things. Maybe we'll go to this one. Who knows? Okay, now we have other things to get to as well, but action-packed show tonight. You've got something over there, Kyle. Maybe you could describe what it is you have. And I understand EFF is responsible for this, Electronic Frontier Foundation. They've created a new virtual reality tool that trains people to be on the lookout for surveillance devices. Is that how I understand it? Yes. Yes, indeed. This is a virtual reality training tool. And what it is about is it's all about being able to spot different types of surveillance, in particular, surveillance tools used by law enforcement. And basically, you can load this website. And it's really cool because it's running in a website. It's not an app that you would need to install. You basically go to EFF.org slash spot dash VR. And everybody can go to this. It's working now. And once again, that's EFF.org slash spot dash VR. And what it is is something for you to use with some kind of virtual reality headset on a smartphone. And a lot of people have these. There are a variety of different ones to use. Kyle, you're wearing it on your head right now. People can't see that, but you look rather silly. But tell us what is that like? Well, yeah, I'm right here. Can you hear me? I hear you. You're knocking into the microphone because you can't see where it is. But you have the EFF virtual reality tool loaded? Yeah, yeah, yeah. So basically, your first level here or what they're showing you in this tool is a street corner. And so I have to look around. You can probably hear I'm knocking into things. Watch out. Watch out. Okay, so I see a street, and I'm looking now. I see a police car. You just smacked Alex in the head. Oh, sorry, Alex. Just keep your hands down. Yeah, okay. Yeah, so anyway. You saw a police car? Yeah, so I'm going to get started. Yeah, I got to start it here. And it's all controlled by my gaze. So I can just look at things. And here, the cops. Who's talking? So you have a little Alexa in there with you? I'm looking at body cams. Okay. You know what? I'm going to bring in Dave Moss, who's a senior investigative researcher over at the Electronic Frontier Foundation. Dave, welcome to the show. As you can hear, we're having fun with this tool you guys have released. Thanks for having me. And I'm so glad. I'm, like, cracking up here. I'm messaging, like, you know, the other people who worked on it that you're doing it live and bumping into the mics. It makes me ecstatic that people are trying it out. Tell us the thinking behind this tool in the first place. Okay. Well, so there were kind of two ways we approached this. On one level, you know, we do a lot of research into surveillance technologies, but so often that is just, like, really long blog posts. Like, that's how we communicate to the world. We do really long blog posts, or we get a bunch of FOIA documents, and we publish those, and we have people, like, look through those documents. But people aren't necessarily always connecting how these things that we talk about or we write about actually appear in their communities and how it really surrounds them. This stuff is kind of out there in broad daylight, but it's also invisible because it's so common. And so we thought, you know, what can we do? And part of me, like, wishes I could go do, like, walking tours of every city and point out all these technologies that I've gotten very good at noticing, but that's not really a particularly good use of my time, and I'm not necessarily sure that people would show up to follow me around a city. But we thought, like, what about virtual reality? Like, what about trying to do something very simple where we take a street scene, we have people look around and look for these surveillance technologies, and we were very lucky to get, you know, what maybe wasn't said is that, you know, when you're in this scenario, and it's not like a computer-generated animation, I mean, there's literally a 360-degree photo, and there's literally a police encounter going on in the photo. You're just a few feet away from two cops speaking to a young man. And those situations can often be very stressful, they can move very quickly, but it's important for people in those situations to maybe have some practice on identifying what technologies might be around. And so we thought that not only could this be an educational tool and give people practice, but maybe it can be a dry run for some of these more stressful situations. Kyle, you look kind of stressed right now. Actually, are you encountering the cops on this thing? I hear the voice talking. I have my back turned to the cops. Oh, that's not a good idea. Well, I'm distracted by the mobile ALPR, which is a mobile license plate reader. Oh, you found that? Yeah, automated license plate reader. And it's amazing. Yeah, so I'm basically reading, and it's reading to me about this particular mobile license plate reader technology. And I'm looking around. I'm looking around at everything. And yeah, this encounter is going on behind me, and I assume I'm involved. So when you see something, what do you do? Do you point at it? Do you look directly at it? It's brilliant. It's all gaze-controlled. And what that means is it's when you look at something, you basically have a cursor or something in the center of your field of view so that you can kind of direct your gaze. And so wherever I point that circle. Because we're about to walk into the wall there. Yeah, okay, okay, yeah. And then, yeah, so I point the circle wherever I can possibly look. I can look down. I can look up. And yeah, so now I found a camera. Okay, you found a camera. And this voice is prompting you to do what? Well, yeah, it's really up to you, the user, and I think that's the game of it is to find these different things. There's no prompting on where and which directions. You kind of have to look all over, and that's part of it. And then as soon as you spot it, it reads to you about the particular type of surveillance that you're being subjected to. Wow. Now, Dave, how many different things are in this? How much can people explore? There are seven things the person should look for and then two fake-out Easter eggs, which I'm not going to tell you about in case he finds them. Okay. But there's actually six different technologies. One of them appears in two different forms for people to find. But, you know, it ranges from drones to license plate readers to body cameras to biometric devices. You know, it's a huge range of technologies that appear day to day. And we wanted to make sure that there were things that people could actually see. Like, we didn't pick anything that was super secret that you wouldn't have been able to see because we didn't want to, like, make it so that you think that every surveillance truck out there has, like, cell phone snatching technology. We wanted to make sure that it was actually more reflective of the things people would encounter in kind of a safari-like situation. Wow. What has been the reaction to this so far? It's been really good. I mean, one of the cool things is that this is, for a lot of people, this is their first time encountering virtual reality. And so it really does have, like, a huge impact on them and really opens them to seeing things differently. Most people have been reacting really well. Oftentimes when they're going through the experience, there's usually one or two aha moments where there's a technology that they didn't know existed. So maybe that is, like, you know, like your co-host said, it was like the mobile license plate reader. A lot of people aren't aware that their license plate readers are mounted to police cars. Sometimes people are unaware that police officers sometimes have portable devices that can do face recognition. And so that's something that people, you know, often go, oh, wow, I didn't know that's messed up. Or there's also something, a fairly common camera out there is called the PTZ camera, a pan-tilt-zoom camera that can be remotely controlled to zoom or pan or tilt. That's why it's called the PTZ camera. But we found that a lot of people react to it, and they're like, you know, we see those things all over the place, but I didn't have a word for them. I didn't know what they were called, and now I know. And that's what we're trying to have. I think that there was one person who posted on Twitter how great it was, how crazy it was to run around in the city scene and fight all the surveillance. And then they wrote at the end of it, LOL sob. And I think LOL sob is kind of what the average response has been, that this is cool, but this is also scary. I can attest to that. Kyle, you look kind of mortified right now. Did something happen? Oh, no, no. I've found nearly everything that there is in this particular scenario. But I just would say this is a really tremendous educational tool. I could see people, young people, students of all stripes really getting around this and trying to figure out where these things are. And I think it's a great entry to a discussion about these technologies, because we all are living in the public world. We're out on the streets, and we need to be cognizant of what kinds of technologies are around us at all times. And right now I'm looking at the mobile biometrics. Did you know that, yeah, cops can scan your fingerprints just while you're on the street? If they are compelled to, they have devices that are capable of doing that. What do you mean, scan your fingerprints? It's mobile biometrics. So apparently, yeah, you might be— You start to put your fingerprints down on something. You might be confronted by an officer potentially asking you to give up biometric information. There are—yeah, I mean, that seemed like a long way off, but apparently that's regularly used. Oh, yeah, so I should add that it's almost like sometimes they'll have these biometric Swiss Army knives that can do face recognition, fingerprints, iris scanning, and tattoo recognition in all one handheld device. But sometimes that device is just a phone. There are some cities that buy face recognition software that is just powered by an Android phone, and so they just issue these special phones to people that have these capabilities. To build off what Kyle had mentioned with respect to young people, I think this could be so eye-opening to so many people because— For instance, I have a son. He's 5 years old right now, and he builds these houses with magnetic tiles or buildings and things like that. And a couple of weeks ago, he said to me, Daddy, look what I put on the side. I said, well, what is that? And he told me it was the surveillance cameras. And I mean, I couldn't believe it that this is just something that he puts onto buildings by default these days when we're old enough to remember. I know Emmanuel, Kyle, and I, and Dave, I could tell by your voice that you're far past the age of puberty as well. So we all remember the days when things like this just didn't exist all around us. But for kids, they grew up in this world. They know literally nothing different. And for them to be able to identify what could be a danger to their personal privacy, what is surveillance, what is not, what does the technology look like, what do you call it, how do you name it? Naming something, the PTZ cameras, understanding that could be so critical for young people to understand. And my understanding, too, Dave—and here's where the question comes in—is that there's a lot of different ways that you can experience this. You can use, like Kyle is using right now, a mobile phone in a cardboard box that has some mirrors and things that you can put into it. Mirrors and magnifying glasses and whatnot. Yes, this is the official 2600 virtual reality headset. And yeah, it's made out of cardboard, but you know— As are most things at 2600. Yeah, we like to recycle. And yeah, you seem like you're scoffing at our equipment here. This is high technology, Alex. It looks awesome. It looks awesome. I mean, I have to say that. But there's a lot of different ways to experience this, is the question, Dave. You can do it with a browser, you can do it with a headset, etc. Yeah, so one of the things that we are really proud of with this project is, you know, being EFF and being into open source and free culture and portability of technology, we didn't want to have an experience that you had to have the Oculus Rift and you had to download it from the Oculus Store or any of those other things. So we used a coding language developed by Mozilla that's open source called A-Frame, and it works on browsers. It is a browser-based VR experience. So as long as you have a headset that can load from a browser, it works. So that will work on the HTC Vive. It will work on the Oculus Go or the Oculus Rift. We actually usually, when we go out in the field, we use the Oculus Go, which is a $200 portable VR thing. But you can do it if you buy, like, you know, a $15 thing to put your phone into, and that will work as well. And even if you don't, like, want to do VR at all, you can go to the site and you can use, you know, drag with your mouse and do the experience that way. Like, there's a bunch of different ways to experience it. You know, one of the cool things that I found is that when I go to college campuses now, oftentimes the libraries will have a very cool virtual reality lab where you can go and check out a headset or you can do things for a little bit at a time. And so it's, you know, what I'm hoping in the future is that we start seeing classes that are working on digital rights issues or working on law enforcement issues or any number of things might go and assign people to check out this experience. I'm really impressed with that. And I would also note about the browser-based VR experience being a bit more respectful of privacy than a regular app, which I was very impressed with. There are no logs, and you have to realize a smartphone that can do this is immensely capable of recording movement with accelerometers and other information as you're using it, even, if you're on Wi-Fi and so on and so forth. So I was particularly impressed by that part of this that you had described before. And I had a question. I mean, what's the future of this? Where do you think this will go? Because this is an incredible training platform, just the one scenario I've looked at. And I could see this being used in all kinds of interesting ways, including, like, augmented reality and additional types of training, but maybe even mapping, so we know where all this surveillance stuff is. Yeah. No, there's a lot of different directions to go with it. You know, we're thinking of, like, what could be cool? Would an Internet of Things version of this in a home office be cool? Would an augmented reality version of this be cool? But on the issue of mapping, that's another issue, another project that we have going at the moment where it's not virtual reality and it's not augmented reality, but it still deals with this idea of helping people connect with the technology that's around them. And so we're working with the University of Nevada, Reno's Reynolds School of Journalism to work with a large number of students to do a wide-scale crowdsourcing project to collect information that is mappable about surveillance technology. And I don't mean in, like, a, you know, camera-by-camera basis, although certainly we have some cool data sets for Denver and San Diego and San Francisco that do have that kind of granularity. But at least trying to map it out that if you live someplace, you know, you can say, like, I live in Omaha, you know, what kind of technology do people have? That there'd be a resource for you to find that out. And so that's something we're exploring right now to see whether we can put together a data set that could be useful in that capacity. But I think that VR and AR is, you know, there's some cool things for us to try. A lot of that's going to come down to, like, what kind of funding that we can get for it. Like, this project, Spot the Surveillance, was funded by the Journalism 360 Initiative, which is part of the Online News Association. And, you know, the Knight Foundation funds it. And so we have to look for, you know, what are the possibilities? You know, does the public want this? Do foundations think this is worth supporting? And that gives us some freedom to move forward. I do want to add, so, you know, in relation to something you said earlier, you know, one of the things that we're really proud of with this experience is trying to make it accessible, trying to make it open source, but also trying to be privacy, you know, privacy protective. Because we were looking at a lot of virtual reality stuff over the last few years, and we were worried about how these virtual reality systems are actually collecting very advanced biometric information on people. How you move, how your eyes move, how you're breathing, what are you looking at? And they're collecting all this information that they don't know what to do with, but they're collecting it anyway. And so we wanted to go about an experience that says, can we do it that doesn't collect anything? And we did. Wow. Congratulations on this. There's an in-depth article in the Affecting Digital Freedom column in the Spring Edition of 2600, page 46. You can visit EFF.org slash spot to visit the Spot the Surveillance directly, or you can also go to the street-level surveillance site, EFF.org slash SLS. Dave Moss from EFF, thank you so much for joining us tonight, and congratulations on this to all of you. And we look forward to playing with it. And thanks for having me, and thanks for trying it out live on the air. Okay. Have a good night. You too. And we will be back in two weeks. We won't be on next week. But you can write to us, OTH at 2600.com as always. We'd love to hear from our listeners. For everybody, this is Emanuel. Have a good night. Thank you. Thank you. Thank you.