Finally!

 

That took much longer than expected 🙂

suspended2

Last post that got me nixed? Uncovering the obvious link…

It was all a sham. The same day they get a failed signature they also claim they “Got” his keybase. It never happened. The entire war was fake. It served its purpose. It divided the resistance further. I cant believe I didnt see this from the start.

microchipkeybase2

microchipkeybase

 

All of the accounts listed below in this fake war are still active with no problems. A war that never happened. I talked to Jeff Reifman tonight for the first time. And according to him, LM’s account was locked for doxxing him. Yet Microchip can unless leash whole armies on people and shes fine? And her entire crew? Highly unlikely…

allactive

 

And yet, everyone seemed to forget about BuzzFeed article

https://www.buzzfeed.com/josephbernstein/from-utah-with-love?utm_term=.ssLaP8p5ve#.kaPRwqaPpm

ThrowbackThursday – Stolen Libyan Missiles via SR

You know the deal. I reported in March 2011. MSM wouldnt report until Sept 2011. Here is my interview. Policy/Intel/News only. No politics.

 

Original posts can be found:

https://ameristroika.wordpress.com/2011/03/26/when-did-officials-know-al-qaeda-steals-libyans-missiles/

https://ameristroika.wordpress.com/2011/09/13/al-qaedas-new-missiles-courtesy-of-qaddafi-on-air-with-strictly-right-radio/

cc: https://20committee.com (so Mr. Provokatsiya can learn how to intel from the best) Cheers mate!

 

 

Recap: The BlockTogether Fiasco

To my fellow free-thinkers in and outside of The Resistance, I am going to recap the entire Blocktogether fiasco so that no key points are missed or in question. Since the release of the information much has happened. We have seen Blocklist managers go into all-out propaganda mode to protect their ability to censor. Twitter needing to take emergency measures to try and correct this issue. And most importantly, more of the message about censorship by 3rd party “sock-puppets” is being seen. This last part is arguably the most important. And the credit for spreading that message belongs to you.

In this first post we’ll take a look at the technical aspect of the problem. After that, we’ll move into the disinformation campaign being waged against us. Literally, nothing Louise Mensch has said is factual regarding this.

My goal was simply to protect the ones who were blocked. They were compromised as a direct result of Blocktogether. I had no intention of protecting the censors and abusers. Luckily, they would rather dig their heels in and continue using a flawed system even if it means they must suffer severe real-world consequences. And ironically, it turns out that the people that would’ve been helped the most are the list managers. But never fear, they will risk it all to hold onto the high that comes with having power over people.

Lets take a look at what happened, why it happened, and what it means as the problem currently stands. Here is the problem:

  1. Twitter has problems with its OAuth. Always has
  2. Blocktogether is a 3rd party application that users give read/read-write + DM access (thanks @1weesel)
  3. This endangers the subscribers, as well as the block list administrators

 

BTreadWrite2

Courtesy of @1weesel via twitter

The Genesis

Let us deal with Twitter and their OAuth problems first and cite a few examples. I will keep it in layman’s terms so even I can understand it. This stuff was always explained to me by very patient people; more patient than I could ever be.

For a long time now people have been using Twitter’s OAuthorization to gain control of accounts or to fool other users into giving up control of their accounts. Just for the record we will take a look at a few examples from a site that rewards devs for finding and fixing bugs along with a tutorial for account takeover:

[Critical] Steal OAuth Tokens

https://hackerone.com/reports/131202

Real-world application of above bug

https://www.geekboy.ninja/blog/turning-simple-login-csrf-to-account-takeover/

Keep in mind. This was active up until a few weeks ago. One of many OAuth bugs and security issues on Twitter’s side. The same technique is applicable to both Twitter and Facebook.

But here is where it starts to get interesting and the details matter…I hope I’m not boring everyone.

This “bug” on Twitter’s side can be used (with slight modification) to access an account using a Blocktogether list. This can be both as a subscriber or list manager. It does not matter. It creatively uses two routers to spoof credentials. Since Twitter will take temporary, or even outdated security certificates, this helps them gain the foothold and account takeover

https://hackerone.com/reports/168538

And a video of the demonstration. Important to note this is not me in the video:

 

The most recent tactic of gaining access to an account worked almost identical from what I can deduce. The attacker can spoof a security certificate or use an expired one and the job is complete. The creator of Blocktogether had already acknowledged using outdated security certificates. Even temporary certificates that were used in the beginning are still allowed and validated.

The Blocklists

The three blocklists that I published were

  1. Given to me by an operator who was using the lists, taking names at random, and demonstrating getting a foothold/access to the account
  2. None were ChiefCovfefe/Mensch/TeamPatriot blocklist
  3. None were altered in any way. I received them that way

Over the course of three days and ending on 11/21 I published 3 block lists. These were users affected by, or determined to be compromised by an attacker. This was a delicate agreement between myself and the operator. So delicate that I agreed to only “show it to select group of people in 24hr period”. That “select” group was the twitter community. So I published the lists with a 24hr expiration. Why? Simple.

  1. These are compromised accounts. The longer the info stays up the more danger they are in. Attackers will see the lists before the users. Keeping them up indefinitely can only multiply the harm
  2. When the lists “vanished” the liars could start their campaign. I claimed I had no access to them after the 24 hr time period. Are Team Patriot willing to bet on that info and risk it all? What if I still have them? Their claims fall to pieces. And I do have them (game over)

The operator was furious and I burned a bridge. So what? Many were saved. More are demanding change. And as long as the censors think the lists disappeared they felt free to lie about them. It worked perfectly.

Why Mensch Crew had to get defensive

We will address this in detail next time. As a primer, most of details of this attack were realized when this bug was found only because certain users seemed to be structuring tools to operate to take advantage of this flaw. It set off a red flag. Running those user ID’s we can see that the CounterChekist account and the ChiefCovfefe account were two that had created tools within the Twitter Dev options to use this exploit. I posted the raw data the operator showed me when he encountered researching this. I have redacted everything but the user ID which I believe to be CounterChekist. I should say that I do not believe he has the skills to create such tools. So this is likely the result of an attacker.

https://pastebin.com/dxm0JDdy

It is important to note that the chances that this was done by an outside operator vs the account owner is 50/50. And since the Big Chief runs the largest censorship tool he would obviously make himself a prime target. Ditto on CC. And if an attacker did anything illegal or broke a ToS then the responsibility would fall on the account owners, not the attacker.

Exposing this protects the Big Chief; which was not my intention at all but it is rather an unintended consequence. So why then is he – and also the entire crew – smearing people and fabricating evidence to keep this flaw in place? I can only deduce that he was the one creating the tool/script to access the nearly one million accounts on his list. An innocent person’s response wouldve been to shut it down and thank the messenger. Instead, they have taken a scorched earth approach to to keep this in place.

Meanwhile, people start seeing mass unsubscribing…

lolunblock

Twitter DMs Go Down. As Expected (11/21)

Another topic we will touch on more in the next post. But immediately after this was revealed Twitter needed to deploy a patch. Within hours on 11/21 (the same day I revealed the compromise) Temporary fixes were made. It was massive enough to require DM’s being taken off line. Since things like Blocktogether can give an attacker a foothold into DMs of accounts they dont own, new code needed to be written in. Unfortunately, OAuth flaws are so deep that it does not help. Twitter was able to minimize the impact by doing this in blocks of users. So DMs were not offline for everyone all at the same time. Matter of fact, it was likely only caught because some users were using it during what was normally their “off-peak” usage.

This link cites a few examples of users who witnessed it.

http://animeright.news/zanting/twitter-direct-messaging-dm-service-goes-down-during-outage/

 

Thank You, So Far, and Moving Forward

I mean that sincerely. And if you missed it in the mish-mash of Twitter replies, I believe in having no enemies. Having opponents is different. As a whacky Libertarian I tend to think everyone is nuts except me (which is likely pretty accurate according to my latest internal polling data).

In our digital age we tend to forget that there are real people behind avatars. And since most of the topics that help us clash are inseparable from from our emotions, the impersonal layer of “words on a screen” do not help us feel like we are talking among people but rather talking at avatars.

You have all demonstrated that you have the ability to talk with one another, not at them. And that warms my heart.

My biggest concern is that I do not want to lose people in the course of this explanation or confuse anyone. So I implore you to speak up and ask me anything at any time. I am even willing to do any sort of group chat if everyone wants to get into a single spot and address any issues. Discord and Google Hangouts come to mind. I have a decent mic and anyone, including Karol, Chief, or Lousie are welcome too. If this is something you guys would like to do, let me know.

Sincerely,

Douglas Stewart

PS: The post right after this one debunks the entire “Las Vegas Shooter was an Anti-Trump Antifa” with previously unseen photos. Notice no one on the right cared. I received only thanks from Resist folks. Keep these things in mind when the goons start trying to smear me as partisan or an ideologue. Cheers!

Update: New Photos of Possible Las Vegas Shooter at Anti Trump Rally

New photos of the man believed to be Stephen Paddock at the Reno, NV August 23 Anti Trump Rally have emerged.

Shortly after the Las Vegas Massacre that left 58 people dead the internet went crazy looking for Stephen Paddock. His digital fingerprint was nearly non-existent so the effort turned to looking into real-world events. Within hours Pamella Geller had posted a picture of a man at the August 23 Anti Trump Rally in Reno Nevada that resembled Stephen Paddock. Very few photos, and only a single quick video existed, of the man in question at that time. Here is the tweet linking to the post:

Below are photos of the Reno event from  from August 23. The man in question was then only man wearing the pink NASA shirt and the pink hat. The first, in the street, is the reverse angle of the short video initially released. The other two show him at the event just behind the barricade. He came with the woman on the the right (his left) and both have similar signs (small font, long message, same dimensions). The man believed to be the Las Vegas shooter does not appear to be Stephen Paddock. His height and weight do not match. His neck is much thicker than that of Paddock. Furthermore, nose shape and size – along with the size and height of his cheekbones are also a dead miss. He appears younger than the 64 year old Paddock and attended the rally with a woman who is not Marilou Danely. Given Paddock’s anti-social behavior it would be extremely out of character for him to travel with another woman to a social gathering.

Below: Alleged Paddock in crosswalk, center frame background, center frame background in front of policeman. In the Crosswalk photo he is not far behind the woman he came with who is not Marilou Danely. (backs of their identical signs are on orange paperboard)

 

paddock_lookalike3Paddock_lookalike2paddock_lookalike

The last photo is the most convincing because we have this man smiling. It is here that we see that the shape of this man’s face and Paddock are not a match. Height, as seen below puts this gentleman in the range of 5’10” as the barriers he is standing in front of are 43″.

Lets take and compare Paddock with the man at the rally ( I wont use post-mortem)

paddockmugshot

And now the man in question…

paddock_lookalike_cropped

Paddock_lookalike2_cropped

Notice, this mans goatee is entirely white. Paddocks is interspersed with blond hair. The most telling is the corners of the goatee where Paddock’s is not gray, even in post-mortem. Next, Paddock has extremely light and thin eyebrows. The man in question here has dark eyebrows that are much thicker. The man at the Anti Trump Rally in Reno on August 23 is not the Las Vegas Shooter Stephen Paddock. 100%. And I am withholding this man’s name until I have permission to use it for this purpose.

Additional media is available on this person. The problem was that this man was positioned perfectly to view the protest. That means the cameras were near him and pointing away. He was literally standing next to the cameras the entire time. The only other video that exists (to my knowledge) is a brief 1 second panning of the camera shortly before a member of the Working Families Party took the microphone. Additional still pictures exist and those will be forthcoming. Links to the highest resolution galleries of these protest are posted at the end of this entry. Credit: Camara la con Banda

Originally, folks scouring the internet had thought it was possibly Scott Richardson – if not Paddock – who is active in Reno and appears at most of these events. It is not. While Richardson is closer in age to Paddock and the man in question, the man in the pink shirt is not Scott Richardson. Below is a high resolution of Richardson at a Reno event a short time after the Anti Trump Rally of Aug 23:

_MG_0250

Credit: Camara la con Banda

For galleries of all Reno protests as captured by Camara la con Banda please visit his galleries HERE

 

 

My “disingenuous” email to Trevor S Valle

Below is the email in its entirety with headers – for verification that the content is unchanged. What started out as a simple question for clarification on a statement turned into a two-day tirade that ended with threats to use his concealed carry permit against me for the crime of being in LA (A city I have been to often and will be in this week). I will also be including the entire thread of his irrational responses, up to, and including calling me – a descendant of Russian Jews escaping annihilation of two regimes, and after I told him this – a “Nazi”. In over ten years of asking for clarification on statements from people, I have never had someone as thick-headed, violent, and mean, as Trevor Valle. Read below and please tell me what sounds disingenuous. Remember, this is a twitter verified semi-public figure. Wait until you see the twitter feed. More to come. Enjoy. (PS I’m breaking the Amazon link so it doesn’t appear like an ad). All of this because he couldn’t clarify a ridiculous statement he made publicly.

@mentions12_cropped

@mentions5cropped

What? “I didn’t read your email” it but he knows its “disingenuous”. He’s made his contact info public everywhere. He’s a public figure. A public figure who says he’ll use us CCW if anyone asks him about his statements in person. He’s made his email public on even Breaking Bio podcasts. He also doesnt understand the term “dox” and does what SJW’s always do; redefine words to use them for their advantage.

MIME-Version: 1.0
Received: by 10.80.179.164 with HTTP; Tue, 19 Sep 2017 22:27:52 -0700 (PDT)
Date: Wed, 20 Sep 2017 01:27:52 -0400
Delivered-To: douglasmatthewstewart@gmail.com
Message-ID: <CAFAu7R5HJng=v4Zsx9YMtjMkeJFjJz3xZu1MCSfv1biLk_sfrA@mail.gmail.com>
Subject: Still need clarification on your statement
From: Douglas Stewart <douglasmatthewstewart@gmail.com>
To: tattoosandbones@gmail.com
Content-Type: multipart/alternative; boundary=”94eb2c0e3d02bf75f80559983c48″

–94eb2c0e3d02bf75f80559983c48
Content-Type: text/plain; charset=”UTF-8″

Hi Trevor,

Twitter is a horrible place to try and convey context. And I know you get
incessantly trolled. However, I think the one time I sent you something you
were very good about replying to it. A few months back radio host Jimmy
Church had been filling in for Coast to Coast (Believe me, when Im up my
eyes almost roll out of my head listening to that). During the broadcast he
said that transitional fossils dont exist. I called him out and said it was
“patently false” and CC’ed you. And you responded to him to challenge that
claim. Other than one other pro-Trevor comment I don’t believe I have ever
said anything to you on twitter. I may be wrong. If I did it was never
anything negative or challenging. I think I first discovered you via Rogan,
and Im pretty sure I even caught the podcast with Take That Darwin
(Breaking Biology?) podcast but dont hold me to that last one. It may have
been before or after. However, following you has been a treat sometimes and
at others I’ve sort of pitied the relentless trolling. My opinion is that
the verified check can be a curse for some people. Real trolls use that as
a license to be total pricks. I think we forget that there are real people
behind a lot of these avatars.

It was also the subject of an upcoming story. A friend of mine was over
discussing edits (I try not to have bylines anymore) and wanted to pitch a
story to her editors (probably a Sunday edition) Since shes still new to
this publisher shes trying to cut her teeth and avoid just getting paid
kill fees. When I told her that the verified can attract relentless swarm
of trolls her opinion was that [sic] “Famous people aren’t really being
harassed because the ones that matter dont even look at replies or have
someone manage their accounts”. And thats when we started talking about a
few figures that get trolled relentlessly. Your name came up (from me). And
when I opened twitter, sure enough I saw the tweet that I first replied to.

She had thought it was a weird statement and neither of us understood
exactly what was being said. So I said “I’ll find out, he’ll reply. He’s
good about that” and fired it off. In hindsight I probably should’ve sent a
blank open tweet asking you about the whole thing rather than jump into the
middle of a contentious thread. I’ll spare you not type the hindsight
cliche!

I’m still looking for clarification regarding your statement. It appeared
to a blanket condemnation of a certain people which isn’t always bad (for
example “ISIS sucks” is fine). And I guess what confused me the most was
the wording of “campaign”.

So as I saw that I first wanted to clarify if you were referring to the
presidential campaign that has just ended or if you were referring to the
administrations actions writ large. This was the clarification I was
seeking.

Your original response was curious. You stated that by not taking action to
stop the current administration it was suffice to call a person complicit.
I found this to be weird on a few levels. Mostly because it makes a blanket
condemnation to people for not doing something. This means that any
write-in is included in that. Anyone who left the top of ticket blank is
included. But even more troubling is that if anyone even supported the DNC
candidate they are also supporting a campaign of blatant racism. So the
only clarification you gave me didn’t clarify anything at all. Rather it
gives carte blanche to anyone that wants to just point and shriek and call
someone a racist if they choose. Ist a strange position to take or even
suggest to advocate coming from someone who is so clearly above that.

It was a relief when I saw your frustration regarding the election on the
last Rogan appearance. When you said you were voting Cthulu. One second
before that I said “Oh no, its going to get political” and thank goodness
it didnt. On a side note, Library of America has a great volume with a
bunch of Lovecraft’s stories. The nice thing about these volumes is they
contain a full timeline of the author’s life and other notes. If you ever
get a chance check it out, I think you would like it. The literary and
academic talent they utilize to bring these volumes together are second to
none.

amazon[dot]com/H-P-Lovecraft-Library-America/dp/1931082723

In closing, I guess I’d like to say that I was not, in any way, trolling
you. I have been on twitter a long time and I’ve never had any problems. I
have never been called a Nazi; odd that you called me a “Pro-Trump” “Nazi”
even after I told you that I left the top of the ticket blank. The greater
irony is that half of my family fled purges (as Russian Jews) twice. One
time was from Russia post revolution, the second was in Eastern Europe
shortly there after. In Russia, one was tossed into the prison system. His
crime unknown. After 6 months of requests the response was that he was
“Deprived of the right to communicate”. Which was code language for being
executed. Later, in Eastern Europe a few must’ve been caught up in the
sweeps of the ghettos. We don’t know. And its what has lead me to be
fervently Anti-Nazi, Communist, racists my entire life. Its also been the
foundation for my love of history, especially revolutionary and
post-revolutionary Russia.

But I’m also not someone who takes insults too personally. Especially when
they are the product of misunderstanding. When I was still working with the
joint division ABC/Yahoo! News many times I would ask someone something on
twitter and get a wicked backlash. Why? Well, its the environment. Its the
structure. It is the playground of the petty. And everyone is just an
avatar, right? Maybe. I don’t think so. You’re a real person. I am a real
person. And my intention was strictly to clarify a statement that *still*
doesnt make sense. I would love to get an explanation and I would also like
to protest in your defense that you are not the irrational one here. I
would like to be able to convince the writer I put onto this that it really
was a misunderstanding. Feel free to contact me to clarify. Email or phone.
My cell number is below. Im in the air tomorrow morning but I’ll be free
from 11am EST from there on out.

Thanks in advance,

Douglas Stewart
douglasmatthewstewart@gmail.com
+1 203 752 **** (cell)

Screengrabs:

letter

letter2

letter3

This isnt the only time he mentioned using his CCW on me. Matter of fact, this is response number 2 in the thread. Every response is frozen. And will be here soon. PS – I have never in my life removed anything because of threats. Ever. And I never will. If anyone has a problem with it file suit.

@mentions8A

After telling him twice that I left the top of the ticket blank and told him I was Jewish, this is one of his handful of Nazi tweets. What should be noted here is that a Jewish “Nazi sympathizer” is also used interchangeably with “Nazi Collaborator”; this is the nearest equivalent to calling a black person an “Uncle Tom”. I like that he and his friend Contra Points (barely distinguishable when she isnt in her make up) decided to get together for a nice middle-finger picture. I hope they did that for me.

tervornazi

 

There’s such a grand irony in  all of this and why I even happened to see his stupid twitter exchange. Its really the best part And I’ll publish it with the rest of his stupidity to me shortly. Very simple. Trevor made an awkward statement. When asked to clarify he tried to be Kierkgaard and fumbled. To cover up the logical fallacy he went on the attack. And never relented. When I publish his entire maniacal tirade I’ll still give him the chance to respond, as promised. But he’s an angry SJW and needs to hide behind the safe space of twitter. He is even scared of emails. He lies, deflects, projects, threatens, obfuscates. Everything SJW junior post-modern intellectual midgets do. They cant help it. SJWs would rather burn everything down than admit fault in anything they have said or done. They are too afraid of how the tribe will perceive them. Let it be his downfall. My offer still stands to honor his rebuttal. After he clarifies his bullshit childlike logic.

-DMS