Clear Webmail Security: A Series Of Unfortunate Events

When you visit this website, like most others, analytics software on this end records some information about you, including what website brought you here.

Following a link from an email isn’t usually a problem. However, when your provider is Clear/TelstraClear’s and you’re using webmail it is. Or was.

The Clear referring URL lets someone access a customer’s emails by simply clicking on the link (until, I assume, the session is logged out, timed out or the customer’s password is changed).

This applies to virtually any site visited through TelstraClear’s webmail.

Authenticity required

What’s in your emails?

This becomes a very big problem when you think about what someone keeps around in their emails. Google wants to encourage its users to archive everything. Perhaps this post contains a very convincing argument as to why you shouldn’t archive everything, and instead make liberal use of the delete button (or move the emails to your computer).

Here’s some examples of information routinely sent to and stored in email accounts that would be very useful to someone with bad intentions:

  • Unencrypted payslips, with IRD and bank account numbers
  • Shipping notifications, with addresses, phone numbers and courier tracking codes
  • Work emails that have made it into a personal email account
  • Information on utilities and addresses supplied from power company e-bills
  • Broadband or other service activation email, containing usernames and passwords to webmail and/or internet access

Response

A power company told me that the information contained in their e-bills isn’t all that private. They said that their customers like the convenience of not having to log in to access their bill and that they consider all feedback on their services.

TelsraClear said that the issue has been fixed, that “this was the first time the issue has been raised” and that they “take security very seriously”.

Understandably TelstraClear were “not too keen” on this post going ahead as “it might encourage attempts to hack the webmail application” which “might still cause service problems for legitimate users if such an attack was to take place”.

However, maybe a real life example will hit home with people, even if they’re not with TelstraClear.

Because how secure is your personal information?

Update: Christchurch City Libraries responds with why they include addresses in the emails they automatically send out.

Image credit: Dev.Arka

Doing The Government’s Work For Them

Internet surveillance, censorship, and avenues of resistance with anonymity with Jacob Appelbaum, Researcher and Hacker, The Tor Project.

Go watch Jacob’s talk here.
Jacob Appelbaum talkPoints I found interesting:

  • The concept of lawful surveillance. We make it compulsory for telecom providers to make their networks buggable. Would there be outrage if a law was passed that every road must have a camera and microphone on it?
  • If you’re not paying for something, you’re the product.
  • Visualize your cellphone as a tracking device that can also make calls, go on the internet and text people. If the government forced you to carry it everywhere, you’d riot in the streets. They don’t need to; you do their work for them. You carry it with you, willingly.

MPAA Propaganda

Look what I found at the end of the Hoyts ticket counter:

Respect Copyrights leaflet 1

Respect Copyrights leaflet 2

Respect Copyrights leaflet 3

Respect Copyrights leaflet 4It contains some interesting content.

“Remove unauthorised material from your computers”

“While not required under the new law, illegally obtained copyright protected material may still be file shared and therefore should be removed.”

Read: buy the files you downloaded illegally in the past. Helpful advice would be to remove peer-to-peer software from your computer if you’re not using it, or to stop sharing illegally obtained material if you’re doing so (eg. stop seeding).

“What are the risks of P2P file sharing?”

“P2P file sharing can expose your computer to harmful viruses, worms and trojan horses as well as annoying pop-up advertisements. There is also a real danger that private information on your computer may be accessible to others on P2P networks.”

Finding files through moderated sites (which can remove harmful torrents), reading the comments on torrents and having up-to-date anti-malware software all reduce this small risk of harm.

The “real danger” of private information being inadvertently shared is practically impossible with torrenting. LimeWire, FrostWire and friends were possibly deceptive about what user’s folders were actually being shared in the past, but now LimeWire is dead and FrostWire exclusively uses torrents, so it shouldn’t be a problem anymore.

But points for including the relatively unbiased URL of NetSafe’s The Copyright Law, albeit in tiny print down the very bottom on the back page.

Respect Copyrights.co.nz

This site is interesting, especially when you compare its list of legitimate places to buy movies and TV shows to the US version‘s list.

Our list for TV shows is basically the On Demand sites for the free-to-air TV stations, plus iSky. On the movies side we have iSky, the console networks and iTunes, which is also listed as having TV shows, but that’s not the case in New Zealand.

Respect Copyrights New Zealand legal alternatives

In comparison, the US site lists 43 legal alternatives, including iTunes (which you can actually get TV shows from in the US, or by using a US iTunes account), Hulu and Netflix.

Respect Copyrights US legal alternatives

And the MPAA wonder why people illegally download movies and TV shows in New Zealand?

On a plus, Respect Copyrights has removed that ridiculous clause from their Terms of Use stating that no one was allowed to link to their site without their “express written permission”. Their grasp of the internet is growing!

Spotify

Good news on the music front though. Music streaming subscription service Spotify is coming to Australia and New Zealand, possibly around February next year. The downside is that they’re now in bed with Facebook, so you’ll need a Facebook account to use it.

NZ Movies

Jonathan Hunt and Lance Wiggs illustrate how inadequate the sites MPAA lists are. MPAA, NZFACT and friends love harping on how people pirating movies like Boy are harming our movie industry in New Zealand.

But you still can’t download it legally from iTunes.

And I wouldn’t count on it being added either. Remember Sione’s Wedding? You know, the movie released in 2006 that cost “its investors an estimated $1 million” because it was pirated?

It’s not in the New Zealand iTunes store five years later.

Sione's Wedding New Zealand iTunes Store

But of course, it’s in the US iTunes store as Samoan Wedding.

Samoan Wedding United States iTunes Store

Nice one. Perhaps more kiwis would support their creative community, if, you know, you actually made it easy for them?

Jagex’s War On Bots ft. Scare Tactics, Subpoenas and PayPal

Jagex, the makers of RuneScape are suing Impulse Software et al. in relation to their sale of bot software that effectively plays the game for a person without needing much human interaction. It’s part of their crackdown on bots; Jagex claims using bots to play violates their rules, is unfair to other players and ruins the game.

Subpoena

As part of the Impulse court case, Jagex subpoenaed Google and PayPal seeking further information about email addresses, YouTube accounts and PayPal accounts.

The information provided by PayPal included personal information on 70,000+ customers who had bought Impulse’s bot software.

Code on wallDéjà vu

An “outside counsel eyes only” protective order was issued for the information PayPal provided, which meant that the information couldn’t be shared with Jagex employees. Jagex didn’t seem to be happy with this though, so in a different court (U.S. District Court for the Central District of California) and using the same legal counsel, on July, 1, 2011, they subpoenaed for the same information in a different case, Jagex Limited v. John Does, and were allowed to share the results with their employees.

[Quotes used in this post are mainly from a PDF of the case that used to be available at http://www.mediafire.com/?ba2nu8puj96tq5b]

“[The] Plaintiff and its counsel misrepresented the scope of this pending lawsuit by stating that the action involved ‘a developer and seller of Bot software.’ The Notice failed to state that Plaintiff already accused Defendants of having used one or more Bots to allegedly circumvent Jagex’s automated technological measures thus making Defendants a party to both suits.” “Plaintiff and its counsel also failed to inform the court in the Central District of California (CDC) lawsuit of this Court’s Protective Order.”

“Even though Plaintiff and its counsel were bound by the Protective Order entered by this Court and were fully aware that Defendants’ customer information was CONFIDENTIAL-OUTSIDE ATTORNEY’S EYES ONLY, using the subpoena power of the Central District of California, Plaintiff’s counsel undertook a calculated clandestine action to serve a subpoena on PayPal to obtain Defendants’ customer information and turned Defendant’s customer information over to its client who then misused the information.”

Mass email

On October 25, 2011, Jagex sent out a mass email, presumably to those whose information they gained from the PayPal subpoena:

[The forum post is now gone, probably because the very fact that they have to clarify the legitimacy of an email shows that it wasn’t a very effective cease and desist notice.]

26-Oct-2011 06:44:16
Last edited on 26-Oct-2011 06:49:30 by Mod Timo

Hello everyone,

As a part of the update some people will have received the following e-mail communication:

Dear Player,

We have strong evidence that you may have purchased and used botting software in the past, specifically ibot software.

Botting and the cheating it brings is destroying your game, violates Jagex’s rights under the Digital Millennium Copyright Act (DMCA), and any player that continues to engage in botting activity has no place in our community.

As part of bot nuke week we are offering you a 1 time amnesty and settlement lifeline, which is a chance to reform and change your ways. We’d like you to contribute to the community in a positive way, to compete on a level playing field as everyone else does and play in the true spirit of the game, with integrity. All of your accounts, main and otherwise, are now on our watch list and will be monitored for the use of ibot and all other inappropriate third-party software. Regardless of who you are or how long you’ve been with us, if you decide to cheat and bot ever again we will have no hesitation in: (1) permanently removing your account from our wonderful community in order to protect Jagex’s rights under the DMCA, and (2) naming you as a defendant in Jagex Limited v. John Does, which is a lawsuit based on DMCA violations that is currently pending in the U.S. District Court for the Central District of California (Civ. Action No. SACV11-00969-CJC).

Please note that this amnesty and settlement offer is protected under Fed. R. Evid. 408. If you ignore our offer and instead continue use botting software, we reserve our rights to pursue statutory damages against you for between $200 to $2,500 per act of past, present, and/or future botting in accordance with 17 U.S.C. 1203(c)(3).

We do hope you make the morally sound and lawful choice of turning your back on bots. We look forward to seeing you in game having fun in a way that is true to the spirit of fair play and respectful to your fellow players.

Yours sincerely,
Mark Gerhard

I can confirm that this is an official statement from Jagex to the recipient. Please note that there are no website links in the main body of the e-mail. Should you receive any e-mails that contain the above text with website links or additional information, they are likely to be phishing e-mails and should be ignored.

Kind regards,
Mod Timo

Jagex cross referenced those subpoenaed email addresses with their own records, and the next day began sending the same message through the internal Jagex messaging system to individual players.

Interestingly, Jagex recently started giving an increase in bank space, where a player stores items in the game, as an incentive for registering your email address with your account (when RuneScape started, email addresses weren’t required).

Although Jagex claims RuneScape has a large adult player base, it is almost certain that minors received the messages as well. They’re full of legal jargon and are similar to the extortionate letters the music industry (or their lawyers) send. It strikes me as unethical to send threats like that to children.

If Jagex are confident in their bot detection system, how about instead of going from one extreme: no action “we’re watching you”, to another: legal action, they use their in-game powers and just ban accounts if the re-offend. Legal action seems like an unnecessary and scaremongering threat.

Privacy and a chance to response to the subpoena

“In the cases cited by Plaintiff… the individuals… were given a specified amount of time to object to the subpoena through a Motion to Quash and/or Motion to Dismiss… The first time Defendants and their customers learned of the CDC lawsuit is when their customers began receiving a copy of an email from Jagex on October 25, 2011 followed by the message post on October 26, 2011.”

The forum posts I’ve read support this.

Jagex’s counsel say “it was and is our understanding that PayPal would have notified the account owner(s) of the account(s) associated with any email address in the subpoena in order to provide that account owner(s) an opportunity to address the subpoena, prior to releasing the requested information or documents.”

The reply:

You know that PayPal did not notify my clients of the pending subpoena in the Boston suit when you served the first subpoena without first noticing Defendants’ attorneys. Therefore, to now state that Banner and Witcoff understand/understood that PayPal would notify the Defendants is suspect.”

“This lawsuit’s different”

Jagex disagree that they’re focusing on Impulse Software’s customers and say they just want to “identify [our] own customers who [we] believe may be in violation of S1201(a)”.

The reply:

“Your claim that the John Doe action does not involve our clients is illusionary at best. Not only did [you]… seek to obtain permission to subpoena my clients’ records from PayPal, but the identification of the Doe’s in the Complaint filed described my clients as well.”

“Under the discovery requirements in our pending case and the Local Rules… you had a duty to inform us of the John Doe action… Even when we sent you a letter inquiring about a Press Release issued by Jagex suggesting a violation of the Protective Order, you consciously omitted disclosure of the John Doe action.”

The suggestion of the protective order violation comes from this paragraph:

“We are constantly looking into ways of making the game experience the very best possible for all of our players and as part of our on-going programme to rid the game of bots, Jagex is actively pursuing companies that support the macroing market as well as those who bot. As such we are currently pursuing various bot developers through multiple legal channels, although sadly we cannot yet disclose the full details of our actions for legal reasons. Separately, as part of normal legal process and procedure, we have also taken steps to acquire the details of all players who have purchased bots. Once we have the information regarding the players involved we will take action specifically to ensure that these players are not compromising the game’s integrity through the use of a third party programs.”

This is turning into a very interesting case. Maybe it’s not the best time for business for Impulse Software, but if they come out of this in one piece this could turn into the best advertising money can’t buy.

Image credit: Nat Walsh

First Three Strikes Notices & a Centralised Notice System?

First notices

The New Zealand Herald is reporting that the first(?) notices under the new Copyright (Infringing File Sharing) three strikes law have been received by ISPs. They’re from the Recording Industry Association of New Zealand (RIANZ) for songs by Rihanna, Lady Gaga and Taio Cruz.

It would be extremely interesting to know the specifics: what songs were downloaded and what downloading method was used.

Centralised system

The Pirate Bay Street ArtStuff reports that rights holders have been in discussion with ISPs over creating a centralised system to make it easier for ISPs to deal with copyright notices.

Tech Liberty has found two companies, IPSafe and Datacom, that seem to be interested in that centralised system. The letter they received from the Ministry of Economic Development in response to an Official Information Act request is here (pdf).

No word on how a centralised system would ensure the privacy of ISP customers.

Image credit: Jakov Vilović

Meet MattyBRaps

Meet Matthew Morris aka MattyBRaps. At eight-years-old, he’s voice coached, partnered on YouTube, LLC’d, trademarked, and sponsored, because of his rap videos. He’s managed by his father, who has a BBA (Bachelor of Business Administration). Lyrics and videos are produced with the help of his cousin, MarsRaps. Crafted into a marketable “product”, his tweets are ghostwritten, Dailybooth photos posed and production value of his videos high. Shot in 1080P, some feature luxury cars, celebrities, red carpet and recording studios (and who needs to go out when you have one in your house?).

Hoodie kidHis siblings aren’t missing out on the fun either. Or at least one isn’t. His older nine-year-old brother Joshua (JeebsTV) has his own YouTube channel too with the same high production value and sponsor.

Assumedly his parent’s goal is for him to be discovered by someone like Ellen (a feat which might be difficult as his videos are so polished already), release an album and tour the world. MattyBraps Ellen tweet

If he does make it big, what kind of attention is he going to attract? You can’t have your cake and eat it too. Fame comes with hate, and a lack of privacy. Maybe he knows he wants to rap, but does he understand the potential ramifications for his future? Because I’m not sure his parents do.

Here are some shining examples of friendly Dailybooth commenters (http://dailybooth.com/MattyBRaps/10761255, http://dailybooth.com/MattyBRaps/10109139).

MattyBraps hate 5

MattyBraps hate 4MattyBraps hate 3MattyBraps hate 2MattyBraps hate 1

Would there have been anything lost (maybe except for money) if Matty was encouraged to pursue what he loves outside of the internet spotlight, at least until he was older? Sure, keep the vocal coach, but was there a need to commercialize him this early in his life?

Running your son like a business. Exploitative or just entrepreneurial?

Image credit: QUOI Media Group

The 1½ Star Apple Product

Okay, I lie. That’s for the 65W one, the 85W one I have actually gets 2 stars.

Introducing the Apple MacBook power adapter, possibly the worst rated Apple product around.

Mine has been slowly breaking near the end that connects to the computer for the past month. I’ve now become skilled at what I have to do to get it to work after it’s plugged in (the very technical approach of jiggling) but touching anything in the vicinity the wrong way will cause the charger to stop working again.

It’s been about one and a half years after I bought the Mac, so it definitely shouldn’t be breaking so soon, but that also means that I’m outside of the one year warranty. I didn’t buy AppleCare, because, you know, I live life on the edge. And also because it’s freakishly expensive at $600. Laptops are probably the only thing that I’d consider buying an extended warranty for, but I wouldn’t have chosen a Mac if I thought it would need $600 worth of repairs before it was three years old. Also, we have the Consumer Guarantees Act.

The 15 minute call

So I called Apple. I’d reMacBook Pro with chargerad on an Instructables post that some people had good experiences calling up Apple and receiving a new charger even outside of their warranty period. Their reasoning being because Apple knows the chargers are poorly designed (but nice to look at) they will replace them.

I called Apple, and I think spoke to someone in Australia. Side note: outsourcing is fine by me if it doesn’t interfere with getting stuff done for the customer, which in Apple’s case it kind of does.

The second person I spoke to, in his defence I think he was foreign to Australia, didn’t know much about the geography of New Zealand.

Their list of Christchurch repairers was outdated and I was given Yoobee’s earthquaked Moorhouse Ave location, prompting a humorous response from the rep: “If they’re listed here they should be open. Otherwise it would defeat the purpose of my list.” I can’t imagine a list of Apple stores being outdated.

And according to an Instructables comment, if I was in the USA this could have all been done by courier, or according to Yoobee’s staff, if we actually had Apple stores here in New Zealand (which the international phone reps often assume) I could have just walked in and got a new charger straight away.

I tell the rep what’s wrong with the charger: it’s broken at the moment, when I plug it in sometimes it works but the majority of time it doesn’t and I have to play around with it to get it to work. We go through my serial number (which today I found out has SWAG in it), whether it’s the original charger, the purchase date, my lack of AppleCare and my email address. I get told it’s outside of warranty and some dubious information about incorrect watt adapters blowing up. I bring up the endless one star reviews, he says he’s read them the other day and most are because of blown up chargers[citation needed]. I drop four magic words: the Consumer Guarantees Act, get told I should contact the Ministry of Consumer Affairs and then talk to Apple’s legal team, which seems like it’s probably said to scare people away. I ask to be transferred to their legal team but get told that’s not possible.

[funky hold music]

His supervisor says that it would be inconsiderate (his words) if they provided an exception for me because it would be unfair for people who bought AppleCare (also his words). Guilt trip. He asks if I’m sure it’s the power adapter and when it started happening. He asks if I can bring it into one of their service providers so they can do a full diagnostic, which basically consists of plugging the charger into a computer and scanning the barcode the computer displays when the charger doesn’t work. Once it’s confirmed they’ll look into the possibility of giving me an exception, but he can’t promise me anything, because it would be unfair.

Scene change – Yoobee store

Apple makes them send in the broken charger before they will send out a new one, “That’s the rule they give us”. Apple won’t just take their word that the charger is broken. Having no charger is worse than having one that works intermittently. Yoobee checked if they had any ones they could loan me, but they didn’t. I didn’t ask why they couldn’t just give me one off the shelf, pick your battles and all, you know?

Unsurprisingly they say about broken chargers that “we do deal with these all the time.”

TO THE CAAAAARRRRR.

Scene change – the car park

I ring Apple from the car and get the same supervisor. We have a 36 minute conversation which basically consists of me complaining about the ridiculous policy (Apple says it’s Yoobee’s, Yoobee says it’s Apple’s. I side with Yoobee) of not being able to keep a semi-working charger while waiting for the new one and the rep trying to make me feel bad because he gave me an exception to the out of warranty policy for a charger that isn’t even properly broken (like giving away a charger is such a rare event, if the charger wasn’t so poorly designed I wouldn’t need a new one after 18 months, but battles). Apparently the free charger was because their product lasted 12 months so I didn’t need to get anything fixed during my warranty, and not because of known product flaws.

The conversation ends with me inside the store again having a speakerphone conversation with the rep and a Yoobee Apple tech.

I kept the charger. A new one is coming in on Wednesday for me. Also, Yoobee texts you with updates on your case. Technology.

<3 Yoobee. Not so much <3 for Apple.

Image credit: Marcin Wichary

I don’t consent to this search, Mrs Tolley

The Ministry of Education has released guidelines regarding schools searching students and confiscating their property. The Education Act doesn’t specifically give schools the power to search and the issue hasn’t come before a New Zealand court before, so the guidelines really are just that. It’s possible though that courts would say that searching is an implied power under the general umbrella of a board having “complete discretion to control the management of the school as it thinks fit.”

On the other hand, it could be argued that as significant privacy issues are involved and that the power of search is not specifically given to schools that such searches are not lawful.

The protection from unreasonable search and seizure comes from the New Zealand Bill of Rights Act:

“Everyone has the right to be secure against unreasonable search or seizure, whether of the person, property, or correspondence or otherwise.”

Risk to safety

Backpack contentsThese three words form the basis of the guidelines. The item being searched for must pose a risk to safety.

“Risk to safety means that there are reasonable grounds to suspect that students or staff are at risk of harm from an item that poses an immediate or direct threat to physical or emotional safety.”

I interpret an item posing an immediate or direct threat as one when the student possessing it has an intention to use it right now. In the examples attached to the guidelines, staff involved consider “whether there is an imminent risk to the physical or emotional safety of students or staff …”

I struggle to think of an example where a dangerous item is all at once: not visible (because if it was visible, no search would need to take place), is about to be used, and where it would be a good idea to start trying to search the student rather than try to deescalate the situation so the item isn’t pulled out.

A common sense approach!

So basically, instead of taking the student away from others and getting the police involved to begin with, school staff should involve themselves with dangerous or illegal items, potentially escalating a volatile situation. And of course, the student that won’t willingly hand over an item they’re suspected to have will obviously be happy to comply with an intrusive and legally questionable search.

Violate rights, tell parents later

“Except in exceptional circumstances you should inform parents or caregivers after a search has been conducted (if you have not already contacted them).”

No. Parents should be contacted first, always.

Diaries, mobile phones, and laptops

The guidelines mention searching correspondence under the definition of a search. They state that this would include “written and electronic material (e.g. in a diary, on a mobile phone or on a laptop).” None are mentioned again in the guidelines, except for a laptop in a weak example (see below).

This gives the impression that a diary, mobile phone or laptop could theoretically be searched in accordance with the “imminent risk of physical or emotional harm” criteria. Cue alarm bells. How that criteria could be construed as applying to electronic devices and diaries potentially containing very private material is beyond me.

Lukewarm examples

There is no strong scenario provided with the guidelines where a search should actually be conducted.

Scenario 1: Pornography on a laptop. Example correctly concludes that a laptop isn’t a threat if it’s not turned on and so shouldn’t be searched.

Scenario 2: Students caught smoking marijuana say they were sold it by another student. No search because police have to be called because of the illegal items potentially involved.

Scenario 3: Students are lighting deodorant on fire. Friends of a student hand over their lighters. Student is suspected to still have a lighter. Example says that there is an imminent risk to the physical or emotional safety of students or staff in this situation because “a student could easily be burnt if the activity continues.” Imminent risk, really?

Concludes that “as the risk is significant it is likely that the search should – if it safe to do so – be conducted.” I say education would be better than a search. There’s nothing stopping the student from bringing another lighter the next day after he’s searched. Searching isn’t going to magically solve the underlying problem.

Scenario 4: Hearsay that a student is going to “get” another student and more hearsay about a “knife.” Student seems upset and angry, doesn’t stop when teacher asks him/her to. Example correctly concludes that searching straight away when a situation isn’t calm isn’t a good idea. Example says if staff conclude there’s an immediate risk to call the police. Tick.

Or if the situation isn’t considered an emergency: the student has calmed down, staff don’t feel threatened, they only think a small pocket knife is involved, staff can “proceed to consider … if a search is appropriate in the circumstances.” Except they can’t have it both ways. If the student is calm and wouldn’t use a knife if he/she had one (no imminent threat) then a search isn’t necessary. If the student would use a knife if he/she had one, then the police should be called.

Unnecessary and a breach of BORA

Vanushi Walters, YouthLaw solicitor speaks the truth. If the situation is serious enough for a search, it’s serious enough for the police.

“Search and seizure powers in schools are unnecessary and a breach of the Bill of Rights Act. She said the most appropriate course of action is for principals and teachers to call the police.”

Let’s make the guidelines law

But wait, there’s more.

“The Ministry was also looking in to possible legislative changes to give schools more support in what was ‘a complex legal area,’ she said.”

Give school staff equivalent or greater powers than the police have so they can search students? Okay!

You want to violate my privacy? You’ll have to put up a fight, I don’t consent to this search.

Image credit: Hello Turkey Toe

The National Interest of Foreign Espionage

A van was crushed by rubble following the February Canterbury earthquake, containing Israeli tourists. One of them, Ofer Benyamin Mizrahi, was killed instantly. Michal Friedman, Liron Sadeh and Guy Yurdan escaped. It’s been revealed that Israeli involvement after the quake has been investigated by the SIS and the police.

Fact checking

What appears to be the original Southland Times article that broke the investigation seems to have been poorly fact checked and shows a lack of editorial oversight. Shemi Tzur, Israeli’s ambassador in the South Pacific is said to have flown from Australia, where he is based, except a quick Google search shows that he is actually based in Wellington.

The same article talks about a piece of suspected Russian malware named “agent.btz” and says that “attempts to remove the malware have so far been unsuccessful”, which gives the impression that the computers of the United States Military are still infected. The next part of the sentence states that “new, more potent variations of agent.btz are still appearing”, so what is probably meant is that attempts to eliminate the malware out of existence have been unsuccessful, which isn’t surprising considering the nature of malware and software in general.

Red flags

9000 passports!James Bond cameras

The Southland Times article says that Ofer Mizrahi “was reportedly found to be carrying at least five passports.” John Key said “according to his information, Mizrahi was found with only one passport”, of European origin.

The group of three that left Christchurch gave Israeli representatives his Israeli passport. So that makes at least two passports.

Shemi Tzur says that he was handed Ofer’s effects and they contained “more than one passport.” Does that makes at least three passports or does this include the Israeli passport handed off at the airport?

He says it’s common for Israelis to have dual citizenship because Israeli passports aren’t welcome in some countries, which is understandable. However that doesn’t explain why Ofer was traveling with both/multiple passports—I am an expert thanks to watching Border Security on TV and conclude that less eyebrows would be raised at an airport if, when searched, someone wasn’t in the possession of more than one passport.

12 hours

Passport stamps

Within 12 hours of the quake the three remaining Israelis had evacuated Christchurch, driven to the airport by Shemi Tzur himself.

This raised eyebrows because they left Ofer behind in the van, but in their defense there was nothing they could have done and it wasn’t like they were leaving someone injured behind. Guy Yurdan, one of the three, said that Ofer was killed instantly.

The advice from many countries to citizens in Christchurch would have been to get out of there as soon as possible. The potential lack of accommodation, food, and water, plus the risk of further aftershocks would have supported their decision to leave as quickly as possible.

A mysterious seventh Israeli

Concerns were raised about a “mysterious seventh Israeli” who was in New Zealand illegally and was reported missing after the earthquake, but weeks later was reported to have left the country. Not sure whether there was anything suspicious about the person apart from their visa situation.

Five Facebook likes

A Facebook tribute page for Ofer came to the attention of investigators because it only had five likes over four months (now 32). Apparently many Israelis don’t have social network accounts. Perhaps those on Facebook who knew Ofer didn’t know of the page? It seems a stretch to say that this is suspicious.

Four phone calls

It’s been reported that Israel Prime Minister Binyamin Netanyahu phoned John Key four times on the day of the earthquake. John Key says that they only actually spoke once in “those first days.” It seems reasonable that a Prime Minister is hard to get hold of, especially during a state of emergency. I’m not sure what the significance of prime ministers calling each other is, I assume representatives from many countries spoke to John Key as a result of the earthquake.

Two search and rescue teamsMission control

There was reportedly one Israeli search and rescue team but then there were two? Either way it seems at least one either wasn’t allowed access to the red zone or was removed from the red zone by armed personnel. According to Shemi Tzur, a team was sent by the parents of Ofer Levy (other Ofer?) and Gabi Ingel, two Israelis who died in the earthquake.

The article says “Israeli families reacted that way when their children needed help anywhere in the world, often because it was demanded by insurance companies.” Insurance companies often demand that families hire and fly to a foreign country private search and rescue teams when search and rescue is already underway by the country?

Strange.

Perhaps stranger is Hilik Magnus, who runs the search and rescue company in question, Magnus International Search & Rescue:

“He served in the Israel Defence Forces in an elite paratrooper battalion specializing in special operations. He fought in the Attrition War, first lebanon war and the Yom Kippur War, remained a reserve officer for twenty years and served also in the intelligence community.”

Stranger?

Their team entered the red zone “accompanied by police, only to retrieve the personal effects of two people who died.” “There was only one rescue team and it was allowed inside the red zone to accompany police to retrieve backpacks belonging to Mr Levy and Mr Ingel.”

One Israel Civil Defense Chief

The Southland Times article says “In the hours after the 6.3 quake struck: Israel’s civil defence chief left Israel for Christchurch.” The New Zealand Herald reports that Matan Vilnai did visit Christchurch, but nine days later. And not from Israel, but from Australia where he was for a visit.

This doesn’t seem suspicious.

A groups of forensic analysts

An Israeli forensic analysis team sent by the Israeli government worked on victim identification in the morgue. A security audit of the national police computer database was ordered after someone connected that the analysts could have accessed it. The police say that their system is secure. Someone from the SIS says that it could be compromised with a USB drive:

“An SIS officer said it would take only moments for a USB drive to be inserted in a police computer terminal and for a program allowing remote backdoor access to be loaded.”—Stuff

It’s questionable why USB access would even be enabled on computers that have access to such confidential material.

Why New Zealand?

Intelligence

Gordon Thomas, who has written about Mossad says that Mossad trainees, possibly picked during compulsory military service, were usually planted overseas in groups of four. He says that the CIA and MI6 have offices in Auckland and have “held high-level meetings with New Zealand spy bosses”. They want to know what sparked the SIS investigation, what investigations were carried out and what passports the group possessed. He thinks New Zealand is a credible Mossad target because al Qaeda cells could expand into the Pacific Rim. Israel would want to know what our intelligence agencies know, what they are sharing and how good they are at getting information.

He says that Mossad has a reputation for using students as agents and that using two couples is “standard Mossad operation style. The reason they have a man and a woman … it’s easy to pass unnoticed, unchallenged, and the woman acts as back-up.”Passport

Passports

New Zealand passports are readily accepted around the world. Anyone gaining one who had nefarious purposes would likely face no contest at a border. Paul Buchanan, who has worked at the Pentagon says that it’s unlikely the four were Mossad agents because of their age and the apparent low-level task of passport fraud they were undertaking, but they might have been recruits operating as sayanins, the Hebrew word for helper. He says that after the September earthquake, Christchurch may have been seen as a good target to get names of New Zealanders to use for false passports.

 

The three survivors from the van gave an interview to Haaretz, an Israeli newspaper, days after the earthquake. It would seem unlike spies to put themselves out in the public eye like that, but maybe that’s reverse psychology. Who knows.

Image credits: Ian Rutherford, Ludovic Bertron, J Aaron Farr, Tom Raftery