The Surveillance Kings: Who's Really Behind Who's Watching Us
by DocSlow
Several years ago, I had been working on an article involving corporate computer security and how malware was changing the way companies approached security.
I had conducted over 100 interviews with various computer security analysts from small companies to very large corporations. Most of these analysts simply related to me that they were too busy fighting on the malware front - both night and day, and had little time or no authority to actually analyze what was going on.
Then I met Brad (not his real name - he was afraid to speak publicly). Brad told me he had information that went far beyond the current story I was writing, and that if we could meet, he would show me all the evidence he had collected.
Brad said that the story was not so much about malware, but rather about a developing surveillance project he uncovered, and the fact that it could be used like current malware to spy on anyone at any time. This story unfolded around 2005 and is only now relevant in light of all the recent whistle-blowing concerning the surveillance of everyone on the planet by certain governmental three-letter orgs. Brad had some 4000 pages of accumulated documentation, all collected and stored on CD-ROMs. Now, it has been almost ten years since this article was started, and recent events warrant that the story be told.
Computer security was Brad's main avocation for nearly 30 years, with malware forensics as his specialty. He was hired by a very large company to deal with a growing malware problem in the fall of 2005, and he was excited to do his job. He told me he had succumbed to the indoctrination offered him by the company (called "orientation") and fully accepted their brand so as to be a part of what he assumed would be an elite group within the organization. The company was IBM.
Initially, Brad said that he and the new recruits that were hired with him were given tip-top laptop computers, installation CDs labeled "IBM Transitioner" with Microsoft Windows XP at its core, and a stipend to set up their home offices.
Brad jumped into the fray with both boots, eager to get started thwarting those whose intentions were to cause havoc within the company. Brad and the new recent hires went about setting up their machines to do the tasks they were assigned, and Brad noted that there were some curiosities with those laptops that immediately started to arise. There were two coworkers who were initially hired with Brad, and Brad said they were mostly unobservant of the anomalies that accompanied the new machines - they just assumed 'the things were slow."
The first thing Brad noticed after he installed the "IBM Transitioner" OS CDs was that the CPU usage at idle was around 60 percent. The others mentioned that they did notice it, but declined to investigate as to why this was happening. Brad told me his first simple exploration into the anomaly was to observe what was happening to the XP OS with Sysinternal's "Process Explorer." It showed that an application on the hard drive entitled "PC" was responsible for the excessive activity.
Brad then stated that he began to look in "Program Files" for the application, and it existed, but the activity of the CPU as presented in Process Explorer was curiously absent.
He was sure the rest of this application should exist somewhere on the hard drive. It didn't. Brad related that his first assigned task with the company was to research the possibility of a viable BIOS malware application, and so he thought maybe that's where it was residing - in the BIOS.
But further investigation revealed it was simply installed on a hidden partition on the hard drive. The structure of the app was such that many calls were derived from the application's base install, and then redirected to the hidden partition. WTF was going on here?
Brad was able to access the apps being called on the hidden partition and found audio recording apps, video capture apps, screen capture apps, and keyloggers. Brad thought, "Great... what have I gotten myself into here?" He wondered what the purpose of these apps was, and why they were being run without any interaction from the user?
Brad then employed another Sysinternals app, and it would appear to reveal what was actually going on. Brad had installed and run "TCPView" on his assigned laptop and found that, periodically, packets of the collected data were being sent to an IP address in Boulder, Colorado - a mainframe station for IBM. As he tracked the data transfer, it became apparent that the transfers were happening every five minutes. Apparently, IBM was spying on its employees.
Tasked with protecting the company's some 300,000 employee computers from malware attacks, Brad brought his discovery to the attention of his new "superiors."
He assumed they would understand that this activity was a compromise to the real security of their systems. He was wrong. Brad was told they would get back to him shortly. Two days later, they convened a meeting with Brad and told him not to speak of what he discovered, and that he would probably be terminated should he do so.
Brad had already alerted a few coworkers that they should slap black electrical tape over the video cam, and insert a dummy phono plug in the external mic jack. They did so, and were soon approached by corporate goons to remove them - or else. Soon thereafter, Brad was removed from the Malware Forensics program, and was relegated to a simple sysadmin position.
IBM has a long and sordid history of nefarious data collecting practices in its background. (((Edwin Black))), author of IBM and the Holocaust chronicled that the sale and implementation of the IBM Hollerith machines significantly advanced Nazi efforts to exterminate Jews, and IBM has never once officially commented on the allegations prodigiously referenced in Black's New York Times bestseller.
His book details the story of IBM's strategic alliance with Nazi Germany. It is a chilling investigation into corporate complicity, and the atrocities witnessed raise startling questions that throw IBM's wartime ethics into serious doubt. IBM and its subsidiaries helped create enabling technologies for the Nazis, step-by-step, from identification and cataloging programs of the 1930s to the selection processes of the 1940s. And guess what? Brad was aware of this and told me that he contacted Edwin Black. Black warned him to be careful if he ever related any of his experiences with the company. Shortly after Brad's encounter with his corporate controllers, he told me he quit IBM.
"One of the guys I worked closely with on the 'team' was fired within days of my resignation," Brad said.
"I called him and we chatted about all of this. Initially, he was quite keen on exposing the old guard. A few days later, when I spoke to him on the phone, he stated he wanted no more to do with me... and hung up on me. I never spoke to him again."
What had become clear to Brad soon after having left the company, and after analyzing all of the data he had collected, was that IBM was developing and perfecting a surveillance program - not simply for spying on employees - but for spying on U.S. citizens as a whole.
IBM's inter-connectivity with DARPA and hints at the company's capabilities with respect to their surveillance abilities were, curiously, mostly public. It can be easily looked up on their website.
Their perfection of early data mining practices had evolved over several decades into applications that could watch over all activities of the general public. Already, private commercial applications were being offered for sale to companies to spy on their employees, and human resources divisions across most corporate entities embraced them wholeheartedly.
Brad said he has been asked at many of the companies he has worked at to spy on employees and covertly record their computer doings on a very regular basis.
One of the spookiest things Brad told me at the time was that he had uncovered a completely proprietary operating system developed by IBM that almost perfectly mimicked the Microsoft OS on its surface, but that it secretly contained all the surveillance applications noted above - and it was being tested on employees and civilians alike.
I asked him how he thought it could be unsuspectingly delivered to the public. Brad said he had evidence that it was actually delivered in real OS security updates, and it could entirely replace the real OS!
I recently contacted Brad (he's doing well with his own company now) and asked him after all these years what his thoughts were concerning his experiences.
"With recent allegations that the U.S. government has implemented programs to spy on its citizens without any accountability, this information finally has some credibility." Brad then stated, "This technology was being developed long ago, and has now been perfected by all of the giant tech corporations most of us think of as friends of new technology."
I asked Brad if he had kept up on the technology and if he had seen any new developments within it.
He said, "Yes, it's far better than it used to be. Back in 2005, it was being tested only - now it has been widely implemented, and has been ported to many other operating systems. No one is safe from it. The kings of surveillance are all around us, and there's no going back."
