Zines/phrack/68/16.txt

                              ==Phrack Inc.==

                Volume 0x0e, Issue 0x44, Phile #0x10 of 0x13

|=-----------------------------------------------------------------------=|
|=----------------------=[ Lines in the Sand: ]=-------------------------=|
|=-----------=[ Which Side Are You On in the Hacker Class War ]=---------=|
|=-----------------------------------------------------------------------=|
|=-------------------------=[ by Anonymous ]=----------------------------=|
|=-----------------------------------------------------------------------=|

                                   ---

With dramatically growing hacker and leaker activity paralleling the
revolutionary upheavals around the world, we are increasingly hearing the
rhetoric of "cyberwar" thrown around by governments attempting to maintain
legitimacy and exercise more police-state powers. In talking about the
FBI's priorities ten years after 9/11, FBI director Robert Mueller stated
in a recent speech at the International Association of Chiefs of
Police(IACP) conference that "the next threat will be cyber-based ...
self-radicalized individuals using online resources and individuals
planning cyber attacks" [21]. Although hackers made a mockery of Mueller
and the IACP during the conference by defacing their websites, it is hard
to believe that hackers are a bigger threat than the "terrorists". Still,
this logic is being used to send many more billions of dollars into white
hat pockets at private military and intelligence contracted corporations to
develop better defensive and offensive technology. The US is also proposing
several changes to the 1986 Computer Fraud and Abuse Act, providing
increased sentences (including mandantory minimums) as well as RICO Act
classifications for computer hacking. For the most part, the increased
hacker busts have largely targeted small-time defacers and DDoS kids
allegedly affiliated with Anonymous - hardly the "foreign terrorist threat
to critical infrastructure" used to justify the proposed increased
penalties for hackers and increased cashflow to the security industry. But
there's more than small timers at play: attacks against high profile
institutions including law enforcement, military and corporate targets have
escalated, becoming both more destructive as well as more politically
articulate. We're experiencing the opening stages of the next Hacker Class
War, and with many factions at play each operating with their own agenda
and strategies, with more and more hackers breaking into shit for the rev
or selling out to the military intelligence industrial complex, the
question is asked "which side are you on"?

U.S. military officials, eager to talk about how the Pentagon has boosted
its computer defenses, often remain quiet when asked about its offensive
Internet capabilities. A list of cyber capabilities-- available only to
policymakers-- is described as ranging from planting a computer virus to
bringing down electric grids [1]. This would not be possible if it were not
for the assistance of computer hackers working directly or indirectly for
the Department of Defense, as well as the tendency in our communities to
support or tolerate those who choose to do so. Unfortunately, this
mentality is frequently espoused by figureheads commonly quoted in
mainstream news articles, where they claim to speak on behalf of the hacker
community. Conversely, there has always been resentment from black hats and
the criminally minded for the corporate sellouts who claim to be hackers
but instead choose to protect systems against those who actually break into
them. Much has been written about the corrupt white hats who work to
protect vital infrastructure against other, more fun-loving hackers.  Many
lulz have been had over the years every time these big shots get owned and
all of their emails and passwords are released in nicely formatted .txt
files.  Besides FBI collaborating fucks and security "professionals", it is
time to call out the other emerging threat to the integrity of our scene:
the US military's active effort to train and recruit hackers into aiding US
cyber "defense" systems.

With the passage of the 2012 Defense Authorization bill, the DoD has
"express authority to conduct clandestine military activities in cyberspace
in support of military operations". Reuters reports that "the Pentagon has
put together a classified list of its offensive cyber capabilities so
policymakers know their option". To what extent the US has already engaged
in offensive electronic attacks is for the most part speculative. It is
widely speculated that the US or Israeli military, or both cooperating,
developed STUXNET to destroy Iran's nuclear facilities [2].

To fill the need for skilled security people, the military operates several
schools and training classes designed to turn young enlisted computer
enthusiasts into skilled hackers. The US Military Academy in West Point, NY
has an ACM SIGSAC chapter which teaches special classes on remote intrusion
techniques and periodically hosts several live hacking competitions to
"train and engage enlisted military, officer, or government-affiliated
civilians". Last April, the West Point team was victorious over "veteran
hackers from the NSA" at the 2011 Cyber Defense Exercise. Other military
hacker teams such as ddtek (as led by Lt. Cmdr Chris Eagle who regularly
speaks at DEFCON and Blackhat) also compete in civilian hacker tournaments
such as DEFCON's CTF, usually dominating the competition by bringing dozens
of Navy cybersecurity graduates [3][4]. No doubt many of these people will
eventually be working at USCYBERCOM or other clandestine military hacker
operations to launch attacks on behalf of the rich ruling class.

The US government must not have too much faith in their enlisted hackers,
because they collaborate with a variety of private companies and
individuals to defend their networks as well as profiling, infiltrating and
attacking their enemies. After LulzSec owned and leaked emails for the CEO
of military-contracted security firm Unveillance and Infragard member Karim
Hijazi, he was exposed to have been working with the DoD and the White
House to not only profile "main hacking groups in Libya and their
supporters" but also take the offensive and "map out Libya's Oil companies
and their SCADA system's vulnerabilities" [5]. Even after Karim was owned
and exposed he was willing to pay cash and offer his botnet to LulzSec to
destroy his competitors, further revealing the white hat's corrupt and
backstabbing nature as well as revealing how desperate and vulnerable the
most powerful military in the world really is.

Then there's Aaron Barr, the former CEO of HBGary Federal, who was served
with swift and fierce justice-- being exposed for engaging in
counter-intelligence operations attempting to disrupt both WikiLeaks (where
he suggests "cyber attacks against the infrastructure to get data on
document submitters") and Anonymous (where he cooperated with the FBI
attempting to profile "key leaders") [6]. The leaked emails also reveal a
bid to develop "persona management software" for the US military which is
another COINTELPRO-type tool to spread propaganda by creating an army of
fake twitter, facebook, blog, forum accounts to subvert democracy and
manipulate public opinion. Although Barr/HBGary and
Karim/Unveillance/Infragard have been exposed and humiliated, the
implications of what has been released involving their work demonstrate a
frightening and possibly illegal conspiracy between private security
corporations collaborating with government and military to silence and
disrupt their political opponents.

Despite the obvious failures of their affiliates, the military continues to
try to draw talent from independent hackers. DARPA made a public offering
to hackerspaces in the US to do "research designed to help give the U.S.
government tools needed to protect against cyberattacks". The program
Cyber-Insider (CINDER) is headed by Peiter "Mudge" Zatko [7] who-- like
many of us-- used to be a teenage hacker associated with the Cult of the
Dead Cow and old-school hacker space l0pht. Peiter eventually "went
straight" when they formed security consulting firm @Stake which was later
acquired by Symantec. Now he's completed the vicious circle from teenage
hacker to "security professional" to full blown military employment,
serving as an example to aspiring hackers as what NOT to do. Mudge has now
been speaking at hacker conferences like Schmoocon as well as various DARPA
Industry Day events in an attempt to recruit more hackers into the DARPA
fold. Hackerspaces, which are becoming a growing trend not only in the US
but also internationally, are often strapped for cash to pay rent or
purchase equipment, and because of unique problem-solving skills and a DIY
hacker ethic are being looked at by employers in both private and
government fields.  Unfortunately, many hackerspaces are "non-political"
and are mostly composed of people more interested in a career than the
hacker ethic, making many especially vulnerable to pressure to do research
for the military or inform on other hackers to law enforcement.

Hackerspaces aren't unique for being wishy-washy and apathetic in this
regard: hackers in the US have a long history of big names going federal.
Adrian Lamo, once known as the "homeless hacker" after turning himself in
for breaking into several high profile news websites, is now universally
hated as the dirty snitch who turned in alleged WikiLeaks leaker Bradley
Manning. Despite this, Adrian still openly affiliates with 2600-- running
their facebook group, making occasional appearances on IRC, and most
recently being invited to speak on a panel at the 2010 HOPE convention.
Then there's Kevin Mitnick-- whose social engineering skills somehow
qualify him as some sort of spokesperson for hackers-- who has resigned
himself (like so many others) to the "industry" doing professional security
consulting and making big bucks giving speeches and signing books at
conferences (and like so many others he has become a target of black hats
who have repeatedly owned his servers and released his private emails and
passwords) Jeff "The Dark Tangent" Moss, who for more than a decade headed
the "largest underground hacking convention" DEFCON and the
grossly-misnamed Black Hat Briefings ended up working for the Department of
Homeland Security.  Then Oxblood Ruffin from the "underground" group Cult
of the Dead Cow (which was also owned hard by black hats) runs his mouth on
Twitter claiming "ownership" of the term "hacktivism" while repeatedly
denouncing other hackers(specifically "black hats" and "anonymous") who
break into and attack systems, going so far as to sign a joint statement by
cDc, 2600, l0pht, CCC and others condemning Legion Of The Underground's
attacks against the Iraqi government for human and civil rights abuses [8].

Another more recent example of treachory in the hacker community is the
case of 'security consultant' Thomas Ryan (aka frogman) who infiltrated and
released internal mailing list communications for the NYC Occupy Wallstreet
protesters.  For months he worked his way in, gaining access and trust,
while at the same time forwarding protest plans to the FBI and several news
organizations, eventually dumping everything to right-winger Andrew
Breitbart's website as "proof" of "illegal anarchist activities". In the
same files he released he accidentally included his own correspondence with
the FBI and news organizations (some "security professional"). Thomas
Ryan's white hat and right-wing leanings were rather well known in hacker
circles, as well as his social engineering exploits (he previously spoke at
the "black hat briefings" about his experiences tricking dozens of
government employees and security cleared professionals by using a fake
profile of an attractive and skilled woman named "Robin Sage":
unfortunately he did not dump any private or embarassing information on his
white hat brethren). Certainly the primary point of failure for OWS was
poor security culture, trusting an already well-known reactionary white hat
to their internal communications and protest details (a weakness of an
open-source movement as opposed to closed private collectives composed of
vouched-in members). However when this betrayal falls from our own hacker
tree, we need to take responsibility and discourage future treachory (like
how Aaron Barr was served by Anonymous).

Then there's 2600 which is composed of several separate communities
including the local meetups, the magazine, Off The Hook, and the IRC
community. To be fair, Eric Corley is somewhat friendly to the interests of
hackers, supporting digital rights, criticizing the police state, and being
generally left-leaning.  But upon closer inspection you'll find a very
disturbing militaristic anti-wikileaks, anti-EFF and straight up
anti-hacker mentality held by many of the people involved: half the ops on
2600net have no problem openly bragging about working for the military or
collaborating with law enforcement. Just like ten years ago in their
condemnation of LoU, 2600 released a statement in December condemning
Anonymous ddos attacks against the banks and credit card corporations that
were ripping off WikiLeaks [9] (a tactic that is nothing more than a
digital version of a sit-in, a respected tradition of civil disobedience in
US politics). Using the 2600 name to condemn Anonymous actions not only
undermines our work but creates the false impression that the hacker
community does not support actions against PayPal in support of Wikileaks.
More than six months later, the FBI carried out raids at the homes of
several dozen alleged Anonymous "members" who were purportedly involved
with carrying out the LOIC attacks against PayPal. In light of how dozens
of people (who may not even have been involved at all) may be facing
decades in prison for some bogus trumped up federal conspiracy charges,
what kind of credibility should be given to 2600 who clearly has no regard
for practicing solidarity with hackers facing unjust persecution?

The 2600net IRC network itself is run by a DoD-cleared, Infragard-trained
"r0d3nt" named Andrew Strutt who works for a military-contracted company
and has in the past openly admitted to working with law enforcement to bust
people he claims were running botnets and distributing child porn. Andrew
Strutt's interview for GovExec.com [10] read: "'I've had to work hard to
build up trust,' Strutt adds that he doesn't disclose his identity as a
hacker to the people he refers to as his handlers. And he doesn't advertise
to hackers that he works for the .mil or .gov community either". Most
recently, r0d3nt voluntarily complied with a grand jury subpoena where he
gave up the shell server "pinky" to the feds and kept quiet about it for
months [11]. The shell server had several hundred accounts from other
members of the 2600 community who now have the displeasure of knowing that
law enforcement forensics are going through all their files and
.bash_history logs. Strutt kept this a secret from everybody for months
(complying with a clearly illegal "gag order") and has since been very
vague about details, refusing to answer questions as to the specifics of
the investigation except that law enforcement was looking for "a certain
user"'s activity on the box. Of course it is reckless and stupid to use a
community shell server to carry out attacks putting other users on the box
in danger, but this is something you should be prepared for well ahead of
time if you put yourself in such a place. Many ISPs that host websites and
listservs for radicals and hackers not only have a clearly defined privacy
policy reducing the amount of personally identifiable information on the
box, but also have a "will not comply" statement that says they will never
voluntarily give up the box.  This was demonstrated in November 2009 where
IndyMedia.us received a similar gag order and subpoena asking for log files
on the server (which never existed in the first place). The folks there
immediately got the EFF involved and publicly announced the government's
unjust fishing expedition, saying they had no plans on complying. In the
end, nothing was given up and the gag order was found to be
unconstitutional [12].

Why do many of the big name hackers that are seen as role models end up
being feds and corporate sellouts, and why are these people still welcomed
and tolerated in the scene? Eric Corley of 2600 estimated that a quarter of
hackers in the US are FBI informants [13], which is unfortunately an
astonishingly high figure compared to other fields. Experienced criminals
who have done prison time will tell you that the code of the street is
don't trust anybody and don't rat.  If you ask many younger hackers,
they'll casually joke about breaking into systems in their youth but if
they ever grow up or get busted they'll be working for the government.
Dealing with the devil never ends up well for anyone involved: all they
want to do is bust other hackers, and in the end after using and abusing
their informants they often kick them to the curb.

Albert Gonzales (aka "soupnazi", "cumbajohnny", and "segvec") became an
informant after he was busted in NYC for credit card fraud and was paid
$75,000 to infiltrate carding websites like ShadowCrew. Despite his
cooperation with the Secret Service where he sent several dozen hackers and
fraudsters to prison as part of Operation Firewall, the feds STILL indicted
Gonzales on some fresh credit card fraud charges of his own and sent his
rat ass away for several decades. Unfortunately one of the people roped
into Gonzales' web of deception was the notorious black hat Stephen Watt
"the unix terrorist" who helped write old school zines like el8 and left a
trail of mail spools, ownage logs, and rm'd servers of the most respected
"security professionals" in the industry. Watt was never even charged with
participating in any of Gonzales' money schemes but simply wrote some
common packet sniffing code called 'blabla' which was supposedly used to
help intercept credit card transactions in TJX's networks, demonstrating
how depraved and desperate the feds are to make quotas and inflate the
threat of hacker fraud artists in the media [14].

While many support our fallen hacker comrades like the Unix Terrorist, we
still hear a startling line of thought coming out of the infosec community.
Ask around at your 2600 meeting or hackerspace and you'll hear a
condemnation of imprisoned hackers as being nothing more than criminals
along with a monologue comparable to politicians, police officers and the
media: don't break into other people's systems, don't ddos, don't drop dox
and if you find a vulnerability, "please please report it to the vendor so
it could be patched." To think this mentality is being perpetuated by
people who wave the hacker flag is disgusting and undermines the work that
many legit hackers have fought and went to prison for.

Because so many who claim to represent hackers end up working for the very
corrupt and oppressive institutions that other hackers are fighting
against, it is time to draw lines in the sand. If you are military, law
enforcement or informant, work for a DOD contracted company or a private
security firm hired to bust other hackers or protect the infrastructure we
aim to destroy, you are no comrade of ours. This is 2011, the year of leaks
and revolutions, and every day we hear about riots around the world, and
how major corporations and government systems are getting owned by hackers.
The papers have been describing recent events as a "cyberwar" (or more
accurately, a "hacker class war") and the way the attacks have become more
frequent and more damaging, this is not much of an exaggeration.

It is impossible to talk about contemporary hacktivism without mentioning
Anonymous, LulzSec and Antisec. Responsible for dramatically raising the
stakes of this "war," they have adopted an increasingly explicit
anti-government and anti-capitalist stance. The decentralized model in
which Anonymous operates parallels every successful guerrilla warfare
campaign waged throughout revolutionary history. In just a few months, they
have taken aim at the CIA, the United States Senate, Infragard, Sony, NATO,
AT&T, Viacom, Universal, IRCFederal, Booz Allen, Vanguard Defense
Industries, as well as Texas, Missouri, Alabama, Arizona, Boston, and other
police departments -- dropping massive username/password lists,
confidential law enforcement documents, personal email correspondence and
more. The latest campaign -- "Operation Antisecurity" -- is designed to
unite other hacker groups, tipping their hats to old school antisec days
while bringing more attention to anti-government black hat politics as has
never before seen [15]. Although the attack methods being utilized have
been relatively primitive-- ranging from common web application
vulnerabilities like RFI/LFI and SQL injection, to brute force DDOS and
botnet attacks-- there are signs that their attack methodology is becoming
more sophisticated, especially as talent from allied hacker crews becomes
involved. Additionally choice of targets are going after our bigger
enemies: while past incarnations of antisec have humiliated many well-known
sellouts in the computer security industry, today's blackhats are not
scared to hit higher profile figures in law enforcement, military, and
governments most notably by mercilessly dropping usernames, passwords, home
addresses and phones, and social security numbers to tens of thousands of
police and military officials.

As hackers continue to expose and attack corruption, law enforcement will
desperately continue to try to make high-profile arrests regardless of
actual guilt or association. Especially as politicians continue to try to
classify hacktivism as an act of cyber-terrorism (which can be retaliated
against as traditional acts of war [16]), the threat of prison is very real
and people should be well prepared ahead of time for all possible
repercussions for their involvement. We should not, however, let the fear
of government repression scare us into not taking action; instead, we
should strengthen our movement by practicing better security culture and
working to support other hackers who get busted in the line of duty. Even
though there are plenty of guides out there on how to become "anonymous",
many mistakes have already been made: trusting the mentally unstable 19
year old Ryan Cleary to run the LulzSec IRC server, for example. Even
before he was actively cooperating with the feds after being arrested in a
joint US-UK operation, Ryan was already known to double-cross other
hackers, having posted IP information of hundreds of anonops IRC users
[17][18]. Although it's righteous to out snitches and movement traitors to
the public, doxing other hackers involved in the struggle is only making
law enforcement's job easier to identify and prosecute our comrades. Now
more than ever should folks unite and practice solidarity with each other,
setting aside our differences to go after our common enemies.

The events over the past few months have been compared to the glory days of
the 90s, complete with IRC wars and major website defacements. As breaking
into computer systems becomes popularized and a new batch of young bloods
are emerging on the scene, many questions remain. Is government going to
make more arrests and pass more draconian laws? Would they be doing the
same thing anyway-- even if hackers weren't striking back? Is Anonymous
actually damaging the white-hat military and intelligence security
industries with the ownings, defacements, and leaks, or are they just
bringing heat on the underground while providing justification for more
government financing of our enemies? Is this just another script kiddie
scene thriving on sqlmap and milw0rm exploits or is there old school talent
behind the scenes owning shit to keep the antisec flame alive? Most
importantly, how can those fighting the hacker class war better coordinate
their work with street-level resistance movements?

As attacks intensify, no doubt governments will try to put more money into
defending their infrastructure, holding more internal security trainings,
and passing more laws increasing penalties for computer hacking as well as
censoring and invading our privacy. The government propaganda machine will
no doubt blame hackers as some sort of cyber-Al Queda to demonstrate the
need for heightened security. Don't get it twisted: they have always wanted
to pass these laws in the first place and would have done so with or
without using the hacker threat as scapegoat, just as they wanted to go
invade Afghanistan and Iraq and pass the PATRIOT Act before 9/11 ever
happened. Don't be scared by ridiculous statements like FBI deputy
assistance Steven Chabinsky who announced regarding the anonymous PayPal
arrests, "We want to send a message that chaos on the Internet is
unacceptable, [even if] hackers can be believed to have social causes, it's
entirely unacceptable to break into websites and commit unlawful acts".
Yes, the feds will continue to paint us as terrorists whether we act or not
and will continue to make sweeping arrests regardless of guilt or innocence
in an attempt to demonstrate that they aren't losing the cyberwar after all
when all signs show that they are. It's widely speculated that the
unexpected resignation of US-CERT director Randy Vickers is related to the
dramatic increase in high-profile internet attacks against government
institutions [20].

Another sign of success is how the threat of being targeted by Anonymous
and other anti-censorship activists could possibly scare the companies into
not going forward with their plans, which is exactly what happened to
Australian ISP Telstra [20]. A practice that seems to have been revived
from old school black hat days is the targeting of security professionals
and hackers who choose to sell out and work for corporations and
governments to protect their systems.  This is an effective strategy
because not only are they ridiculously incompetent and corrupt low-hanging
fruit, but they likely hold private information on the cyberwar activities
of the military. Additionally, hitting them hard and repeatedly will serve
as a warning to others who would follow their lead and sell out their
skills to the enemy: think twice before you find yourself in the
crosshairs. What would happen when the government invests all this money to
hire more hackers to protect their systems, but no one showed up?

Hackers may brag about their antics instantly getting international news
coverage but the offensive cyber operations of the US military are
considerably quieter. Not only does this keep their enemies from knowing
their capabilities but also because much of the work being done is likely
illegal. As the saying goes, those who make the laws are allowed to break
them. When teenagers hack into high profile systems, they're considered
criminals and even terrorists; the governments and militaries of the world
do the same at greater magnitudes while hiding behind the guises of
national security or "spreading democracy." It might be a while before we
ever hear about some of the operations hackers working for the military are
involved in. Then again, it might not-- maybe they'll be the next ones
owned, having their private data plastered all over the Internet.

                                   ---

[1] "President lays out cyberwar guidelines, report says"
http://news.cnet.com/8301-13506_3-20073314-17/president-lays-out-cyberwar-
guidelines-report-says/

[2] "Stuxnet apparently as effective as a military strike"
http://arstechnica.com/tech-policy/news/2010/12/stuxnet-apparently-as-
effective-as-a-military-strike.ars

[3] "Eagle Soars to Top of NPS"
http://www.navy.mil/search/display.asp?story_id=2886

[4] "Poke in the Eye to SANS and CISSPs in Defcon 18 CTF Announcement"
http://sharpesecurity.blogspot.com/2010/04/poke-in-eye-to-sans-and-cissps-
in.html

[5] "Fuck FBI Friday Pretentious Press Statement"
http://LulzSecurity.com/releases/fuck_fbi_friday_
PRETENTIOUS%20PRESS%20STATEMENT.txt

[6] "How One Man Tracked Down Anonymous And Paid a Heavy Price"
http://www.wired.com/threatlevel/2011/02/anonymous/all/1

[7] "Hacker 'Mudge' Gets DARPA Job"
http://news.cnet.com/8301-27080_3-10450552-245.html

[8] "Joint Statement Condemning LOU Cyberwar"
http://www.2600.com/news/view/article/361

[9] "Press Release - 2600 Magazine Condemns Denial of Service Attacks"
http://www.2600.com/news/view/article/12037

[10] "Hiring Hackers"
http://www.govexec.com/features/1110-01/1110-01s1.htm

[11] "Statement regarding Seizure of pinky.ratman.org shell server."
http://foster.stonedcoder.org/~r0d3nt/statement.txt

[12] "From EFF's Secret Files: Anatomy of a Bogus Subpoena"
https://www.eff.org/wp/anatomy-bogus-subpoena-indymedia

[13] "One in Four Hackers in the U.S. is an FBI Informant"
http://publicintelligence.net/one-in-four-hackers-in-the-u-s-is-an-fbi-
informant

[14] "TJX Hacker Was Awash in Cash; His Penniless Coder Faces Prison"
http://www.wired.com/threatlevel/2009/06/watt/

[15] "50 Days of Mayhem: How LulzSec Changed Hacktivism Forever"
http://www.pcmag.com/article2/0,2817,2387716,00.asp

[16] "Pentagon to Consider Cyberattacks Acts of War"
http://www.nytimes.com/2011/06/01/us/politics/01cyber.html

[17] "Teenage 'Cyber Hacker' Son is Accused of Bringing Down 'British FBI'
Site"
http://www.dailymail.co.uk/news/article-2007345/Ryan-Cleary-Hacker-accused-
bringing-British-FBI-site.html

[18] "LOL ANONOPS DEAD"
https://sites.google.com/site/lolanonopsdead/

[19]"Agency Chief Tasked With Protecting Government Networks From Cyber
Attacks Resigns"
http://www.huffingtonpost.com/2011/07/25/chief-protecting-government-
networks-resigns_n_909116.html

[20] "Anonymous and LulzSecs Existence Scares ISP into Halting Web
Censorship"
http://www.zeropaid.com/news/93950/anonymous-and-LulzSecs-existence-scares-
isp-into-halting-web-censorship/

[21] "FBI Director Mueller Explains FBI Priorities 10 Years after 9/11"
http://theiacpblog.org/2011/10/25/fbi-director-mueller-explains-fbi-
priorities-10-years-after-911/

[ EOF ]