citizenlab.ca/2022/09/statement-on-the-fatal-flaws-found-in-a-defunct-cia-covert-communications-system/ did an investigation and found 885 such websites, but decided not to disclose the list or methods:The question is which website. E.g. at citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/ they used data from Censys.
Using only a single website, as well as publicly available material such as historical internet scanning results and the Internet Archive's Wayback Machine, we identified a network of 885 websites and have high confidence that the United States (US) Central Intelligence Agency (CIA) used these sites for covert communication.The websites included similar Java, JavaScript, Adobe Flash, and CGI artifacts that implemented or apparently loaded covert communications apps. In addition, blocks of sequential IP addresses registered to apparently fictitious US companies were used to host some of the websites. All of these flaws would have facilitated discovery by hostile parties.The websites, which purported to be news, weather, sports, healthcare, and other legitimate websites, appeared to be localized to at least 29 languages and geared towards at least 36 countries.
We searched historical data from Censyscitizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/ mentions scans.io/. citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage-firm-circles/ mentions: www.shodan.io/, Censys really seems to be their thing.
Another critical excerpt is:This basically implies that they must have found some communication layer level identifier, e.g. IP registration, domain name registration, or certificate because it is impossible to believe that real agent names would have been present on the website content itself!
The bulk of the websites that we discovered were active at various periods between 2004 and 2013. We do not believe that the CIA has recently used this communications infrastructure. Nevertheless, a subset of the websites are linked to individuals who may be former and possibly still active intelligence community employees or assets:Given that we cannot rule out ongoing risks to CIA employees or assets, we are not publishing full technical details regarding our process of mapping out the network at this time. As a first step, we intend to conduct a limited disclosure to US Government oversight bodies.
- Several are currently abroad
- Another left mainland China in the time frame of the Chinese crackdown
- Another was subsequently employed by the US State Department
- Another now works at a foreign intelligence contractor
The websites were used from at least as early as August 2008, as per Gholamreza Hosseini's account, and the system was only shutdown in 2013 apparently. citizenlab.ca/2022/09/statement-on-the-fatal-flaws-found-in-a-defunct-cia-covert-communications-system/ however claims that they were used since as early as 2004.
Notably, so as to be less suspicious the websites are often in the language of the country for which they were intended, so we can often guess which country they were intended for!
The Reuters article directly reported only two domains in writing:
- iraniangoals.com. Iranian language football website. As of 2023, the domain had been bought by Reuters and redirects to their website.
- iraniangoalkicks.com. Iranian language football website. Available in GoDaddy as of 2023.
But by looking at the URLs of the screenshots they provided from other websites we can easily uncover all others that had screenshots, except for the Johnny Carson one, which is just generically named. E.g. the image for the Chinese one is www.reuters.com/investigates/special-report/assets/usa-spies-iran/screencap-activegaminginfo.com.jpg?v=192516290922 which leads us to domain activegaminginfo.com.
Also none of those extra ones have any Google hits except for huge domain dumps such has Expired domain trackers, so maybe this counts as little bit of novel public research.
The full list of domains from screenshots is:
activegaminginfo.com: Chinese gaming information website.2011 archive: web.archive.org/web/20110208113503/http://activegaminginfo.com/. Contains mentions of 2010.Domain available in GoDaddy as of 2023.- As of 2023, it seemed to be an actual legit photography website by German (amateur?) photographer Klaus Wägele. Archive: web.archive.org/web/20230323102504/https://www.capture-nature.com/Ciro Santilli actually sent him a message to let him know about the CIA thing in case he didn't, and he replied that he wasn't aware of it.
www.headlines2day.com: Iranian language news website.2011 archive: web.archive.org/web/20110201164741/https://www.headlines2day.com/. Dated "Copyright 2009".As of 2023, this was a completly broken-looking news website but in English entitled:2023 archive: web.archive.org/web/20230121191348/https://www.headlines2day.com/. It makes one wonder if the CIA still operates it!Today's Headlines
fitness-dawg.com: English fitness website.2021 archive: web.archive.org/web/20110207104044/http://fitness-dawg.com/.Domain available as of 2023.rastadirect.net: English Rastafari culture website.2010 archive: web.archive.org/web/20100429002010/http://rastadirect.net/ dated as "Copyright 2008".Domain available as of 2023.fightwithoutrules.com: Russian fighting website.2011 archive: web.archive.org/web/20110203021315/http://fightwithoutrules.com/. Contains mentions of 2009 news.Domain available as of 2023.alljohnny.com: Johnny Carson fansiteDomain available as of 2023.
This brings up to 8 known domain names with Wayback Machine archives, plus the yet unidentified Johnny Carlson one, see also: Section "Searching for Carson", which is also almost certainly is on Wayback Machine somewhere given that they have a screenshot of it.
In this section we document the outcomes of more detailed inspection of both the communication mechanisms (JavaScript, JAR, swf) and HTML that might help to better fingerprint the websites.
Mathematical, Physical and Life Sciences division of the University of Oxford Updated 2025-01-10 +Created 1970-01-01
It would be boring if we could only simulate the same condition all the time, so let's have a look at the different boundary conditions that we can apply to the cell!
We are able to alter things like the composition of the external medium, and the genome of the bacteria, which will make the bacteria behave differently.
The variant selection is a bit cumbersome as we have to use indexes instead of names, but one you know what you are doing, it is fine.
Of course, genetic modification is limited only to experimentally known protein interactions due to the intractability of computational protein folding and computational chemistry in general, solving those would bsai.
Besides time series run variants, conditions can also be selected directly without a time series as in:which select row indices from so
python runscripts/manual/runSim.py --variant condition 1 1reconstruction/ecoli/flat/condition/condition_defs.tsv. The above 1 1 would mean the second line of that file which starts with:"condition" "nutrients" "genotype perturbations" "doubling time (units.min)" "active TFs"
"basal" "minimal" {} 44.0 []
"no_oxygen" "minimal_minus_oxygen" {} 100.0 []
"with_aa" "minimal_plus_amino_acids" {} 25.0 ["CPLX-125", "MONOMER0-162", "CPLX0-7671", "CPLX0-228", "MONOMER0-155"]1 means no_oxygen.By Ciro Santilli:
- 2021-04-13 twitter.com/cirosantilli/status/1382067162492366854: main initial announcement on Twitter. twitter.com/mikko, who has 209.9K followers and a Wikipedia page: Mikko Hypponen hearted the tweet s2
- 2023-01-21 twitter.com/cirosantilli/status/1749172304259535063: improvements to the Prayer wars
- 2024-02-07 twitter.com/cirosantilli/status/1755378931446739373: large-ish update with new items and improved organization
- 2024-03-31 twitter.com/cirosantilli/status/1774531934305071295: binwalk discoveries, start poking a bit into ordinal ruleset inscriptions
- 2024-04-04 twitter.com/cirosantilli/status/1775805941885108392: largest text ordinal inscription
By others:
- 2021-04-15 news.ycombinator.com/item?id=26801067 (96 points) on Hacker News. Reached position 16 at one point: archive.ph/L0Fte and led to about 5k views total. Ah, Ciro could watch that Google Analytics realtime view go bling all day long. Narcissism is a bitch.
- 2021 cryptonewmedia.press/tankman-image-on-bitcoin-blockchain/ by user igadjeed
- 2022-01-23 news.ycombinator.com/item?id=30050479 "Abuse and Harassment on the Blockchain ", comment-mid thread
- 2022-01-24 www.reddit.com/r/Buttcoin/comments/sbw0se/when_i_heard_about_nfts_i_thought_they_were/hu2uk8g "When I heard about NFTs, I thought they were stupid, but then I watched a video explaining how they work, it really changed my perspective", comment mid-thread
- 2023-02 lots of Twitter backlinks as a result of ordinal ruleset inscriptions:
- 2023-02-03
Video 1. Bitcoin= Free Speech Repository? by Trader University (2023)Source. Features Marijuana plant and Rickrolling sections. He seems to be a finance guru. - 2023-02-07 twitter.com/privateid_ntity/status/1622814063331004421
- 2024-01-18 twitter.com/pete_rizzo_/status/1748049913286447355 by Rizzo, The Bitcoin Historian (81k followers, mid-thread)
- 2024-12-29: x.com/lopp/status/1873453363523932630 by Jameson Lopp (492k subscribers)
- ? cloudhiker.net/ A hand curated and categorized list of interesting links by Kevin Woblick. Only allows users to visit a random one per category, so we can't get proof of backlink, this was noticed through Google Analytics.
At 7e4cc9e57de76752df0f4e32eca95fb653ea64e4 you basically need to use the Docker image on Ubuntu 21.04 due to pip breaking changes... (not their fault). Perhaps pyenv would solve things, but who has the patience for that?!?!
The Docker setup from README does just work. The image download is a bit tedius, as it requires you to create a GitHub API key as described in the README, but there must be reasons for that.
Once the image is downloaded, you really want to run is from the root of the source tree:This mounts the host source under The meaning of each of the analysis commands is described at Section "Output overview".
sudo docker run --name=wcm -it -v "$(pwd):/wcEcoli" docker.pkg.github.com/covertlab/wholecellecolirelease/wcm-full/wcEcoli, so you can easily edit and view output images from your host. Once inside Docker we can compile, run the simulation, and analyze results with:make clean compile &&
python runscripts/manual/runFitter.py &&
python runscripts/manual/runSim.py &&
python runscripts/manual/analysisVariant.py &&
python runscripts/manual/analysisCohort.py &&
python runscripts/manual/analysisMultigen.py &&
python runscripts/manual/analysisSingle.pyAs a Docker refresher, after you stop the container, e.g. by restarting your computer or running
sudo docker stop wcm, you can get back into it with:sudo docker start wcm
sudo docker run -it wcm bashrunscripts/manual/runFitter.py takes about 15 minutes, and it generates files such as reconstruction/ecoli/dataclasses/process/two_component_system.py (related) which is required to run the simulation, it is basically a part of the build.runSim.py does the main simulation, progress output contains lines of type:Time (s) Dry mass Dry mass Protein RNA Small mol Expected
(fg) fold change fold change fold change fold change fold change
======== ======== =========== =========== =========== =========== ===========
0.00 403.09 1.000 1.000 1.000 1.000 1.000
0.20 403.18 1.000 1.000 1.000 1.000 1.000 2569.18 783.09 1.943 1.910 2.005 1.950 1.963
Simulation finished:
- Length: 0:42:49
- Runtime: 0:09:13 There are unlisted articles, also show them or only show them.