1
00:00:00,000 --> 00:00:12,640
rC3 preroll music
2
00:00:12,640 --> 00:00:20,029
Herald: As we said the years before, the
force merged to main. Andy is commonly
3
00:00:20,029 --> 00:00:27,910
known in our scene. His current talk "CIA
vs. WikiLeaks: intimidation, surveillance,
4
00:00:27,910 --> 00:00:34,109
and other tactics observed and
experienced". In this talk Andy aims to
5
00:00:34,109 --> 00:00:40,121
report and show us a collection of his
observations, physical, visual and other
6
00:00:40,121 --> 00:00:47,010
evidences of the last year incidents that
strongly indicate the context of US
7
00:00:47,010 --> 00:00:53,530
Central Intelligence Agency and
potentially other entities of the US
8
00:00:53,530 --> 00:00:57,800
government acting against WikiLeaks and
surrounding persons and organizations.
9
00:00:57,800 --> 00:01:03,909
Please welcome, with a very warm digital
applause, Andy.
10
00:01:03,909 --> 00:01:10,990
Andy: OK, I have no idea how a digital
applause works here, but thanks for it
11
00:01:10,990 --> 00:01:16,730
anyhow. At the beginning, I want to make
and I have to make a few disclaimers, so
12
00:01:16,730 --> 00:01:22,390
that you know which perspective you're
getting here. I'm working as a data
13
00:01:22,390 --> 00:01:26,110
journalist for quite a while around the
topics of surveillance, signal
14
00:01:26,110 --> 00:01:31,250
intelligence, data security. I'm running
this funny buggedplanet, even started that
15
00:01:31,250 --> 00:01:35,890
buggedplanet.info before Snowden came with
all his documents. But I did work a while
16
00:01:35,890 --> 00:01:41,780
with his documents. However, this talk is
a bit different as I'm not talking about
17
00:01:41,780 --> 00:01:47,560
things that I learned, studied or
whatever, but I experienced myself. I'm
18
00:01:47,560 --> 00:01:52,240
describing events here where I was
targeted. So, I might not be the most
19
00:01:52,240 --> 00:01:58,670
neutral person in this scenario, but I'm
trying to be technically as accurate as
20
00:01:58,670 --> 00:02:05,840
possible anyhow. So forgive me if I'm a
bit grumpy about these people. That's just
21
00:02:05,840 --> 00:02:12,120
because of their perspective. Secondly,
while I've also and the CCC, of course,
22
00:02:12,120 --> 00:02:17,770
has been addressing human rights issues in
the digital age for a long time, we, and I
23
00:02:17,770 --> 00:02:23,030
personally, co-founded EDRI, the European
Digital Rights Initiative, to ensure the
24
00:02:23,030 --> 00:02:27,780
enforcement of human rights in the digital
environment. However, what happened here
25
00:02:27,780 --> 00:02:34,590
is slightly beyond digital rights. It goes
into real life. And while I'm a German
26
00:02:34,590 --> 00:02:39,120
citizen, and I know roughly what kind of
laws have been violated here, in respect
27
00:02:39,120 --> 00:02:44,810
to the German environment, I absolutely
would welcome people who help me analyze
28
00:02:44,810 --> 00:02:50,720
and understand it from the perspective of
the universal human rights, because there
29
00:02:50,720 --> 00:02:58,400
is similar cases with people living in
other jurisdictions and so on. Second
30
00:02:58,400 --> 00:03:04,130
slide of disclaimers, sorry that it's so
much, so I'm addressing with this talk
31
00:03:04,130 --> 00:03:10,370
activities against people surrounding and
have been and/or surrounding Julian and/or
32
00:03:10,370 --> 00:03:17,630
WikiLeaks and/or other members of
WikiLeaks. Whatever I describe here, I
33
00:03:17,630 --> 00:03:23,810
have personally observed and experienced
it. So it is for sure very incomplete.
34
00:03:23,810 --> 00:03:30,160
It's at best a fragment of what's gone on.
But you will, in case you haven't heard
35
00:03:30,160 --> 00:03:38,270
about it yet, that Pompeo made some very
clear statements when he was head of CIA.
36
00:03:38,270 --> 00:03:46,530
It's pretty clear where to attribute these
things. And lastly, there is, of course,
37
00:03:46,530 --> 00:03:51,440
other persons mentioned. But I'm keeping
them out here for all kinds of reasons.
38
00:03:51,440 --> 00:03:56,590
But there will be the time when we will
hear more reports and other perspective of
39
00:03:56,590 --> 00:04:05,251
this particular situation. So, here's my
little overview. I want to get you an idea
40
00:04:05,251 --> 00:04:12,709
how to get into such a mess. Just in case,
you know, you want it. The context and the
41
00:04:12,709 --> 00:04:16,430
timeline, a bit of psychology as it's
important because at some point you not
42
00:04:16,430 --> 00:04:21,603
only get paranoid, you have this drive
to... no this can't be true. Right? You
43
00:04:21,603 --> 00:04:26,360
have this cognitive dissonance drive
inside of you that you would like to stay
44
00:04:26,360 --> 00:04:34,080
sane. The new normal of "IT-incidents".
We're all used to that, covert vs. overt.
45
00:04:34,080 --> 00:04:38,490
What I mean with the term intimidation
surveillance, physical events and their
46
00:04:38,490 --> 00:04:46,020
impact about the elephant in the room, the
problem of the missing socks. And at the
47
00:04:46,020 --> 00:04:50,949
end, a little bit of questions. Am I
infectious, how to get out of this mess?
48
00:04:50,949 --> 00:04:58,069
Maybe also. So, how to get into such a
beautiful mess? Wait, it's not beautiful.
49
00:04:58,069 --> 00:05:04,710
Well, there are some ideas we share in the
hacker community usually, and even it's
50
00:05:04,710 --> 00:05:10,989
not far from there to get into the
journalist community. Information should
51
00:05:10,989 --> 00:05:17,900
be free. Free flow of information is a bit
of a requirement for world peace. And we
52
00:05:17,900 --> 00:05:23,211
had this and I personally also had this
type of self conception, self
53
00:05:23,211 --> 00:05:28,639
understanding consciousness. Twenty years
already when WikiLeaks started around
54
00:05:28,639 --> 00:05:36,889
2006. So this is not that I was jumping or
anybody in the scene was jumping onto
55
00:05:36,889 --> 00:05:41,000
something that didn't exist until then.
But WikiLeaks turned out to be an
56
00:05:41,000 --> 00:05:49,069
extremely good concept as a democracy
test. If governments cannot deal with full
57
00:05:49,069 --> 00:05:55,419
transparency, well, that tells you a lot
about them. But, of course, that is
58
00:05:55,419 --> 00:06:04,080
similar to jumping to the last point,
similar to working in journalism. When you
59
00:06:04,080 --> 00:06:08,659
expose things in journalism be it
corruption, be it hypocrisy of
60
00:06:08,659 --> 00:06:15,999
politicians, be it blunt lies or whatever.
It's not always about making friends. It's
61
00:06:15,999 --> 00:06:23,499
yes, partly making friends, and partly
pissing people off. That happens. However,
62
00:06:23,499 --> 00:06:31,310
in this particular environment that Julian
inspired to create. There's some
63
00:06:31,310 --> 00:06:36,990
cultural, even misunderstandings. For
example, the word conspiracy. For us in
64
00:06:36,990 --> 00:06:42,219
Europe, I think many of us indeed German
hacker scene are inspired by Robert and
65
00:06:42,219 --> 00:06:47,069
Wilton's way of saying, oh, a conspiracy
is like the world is full of them and we
66
00:06:47,069 --> 00:06:54,979
should join the best of them. But in the
American context, the word conspiracy is a
67
00:06:54,979 --> 00:07:00,469
legal term, unfortunately. And when you
are with American citizens in a room and
68
00:07:00,469 --> 00:07:04,369
talk about conspiracies, they often get
very nervous. And it's kind of a complete
69
00:07:04,369 --> 00:07:09,871
different attitude. Because it's like the
U.S. term to define people who belong to a
70
00:07:09,871 --> 00:07:14,399
group like, organized criminals or
organized, you know, this T word, this
71
00:07:14,399 --> 00:07:19,160
other type of entities. And of course,
that's absolutely not what we want to get
72
00:07:19,160 --> 00:07:24,600
into involved here. But sometimes, we
mistakenly are misunderstandingly joke
73
00:07:24,600 --> 00:07:30,940
about conspiracies and people listening to
this get it completely wrong. And I fear
74
00:07:30,940 --> 00:07:39,039
that is also what happened and how me and
others got into such a mess. So at the
75
00:07:39,039 --> 00:07:46,750
end, of course, in journalism and that's
similar to dealing with data from a
76
00:07:46,750 --> 00:07:55,949
hackers perspective is about supporting
media with data and information and so on.
77
00:07:55,949 --> 00:08:02,909
So here is a bit of a timeline to give you
a time frame. I'm now after I was a bit
78
00:08:02,909 --> 00:08:06,809
long for about two decades a CCC
spokesperson and board member blah blah
79
00:08:06,809 --> 00:08:11,389
blah, I moved to the board of the Wau
Holland Foundation. Wau Holland Foundation
80
00:08:11,389 --> 00:08:17,669
collects actually money for WikiLeaks
under the aspect of Wau's idea of
81
00:08:17,669 --> 00:08:23,580
supporting Freedom of Information since
2010 or so. I joint a little later.
82
00:08:23,580 --> 00:08:29,929
However, when WikiLeaks started to publish
the Afghanistan, the Iraq war logs and
83
00:08:29,929 --> 00:08:36,130
diplomatic cables that already triggered
legal investigations, and of course, the
84
00:08:36,130 --> 00:08:42,659
arrest of then still Bradley, now Chelsea
Manning, later. So there was always, it
85
00:08:42,659 --> 00:08:46,540
was always clear, more or less right from
the beginning, that there's legal trouble
86
00:08:46,540 --> 00:08:50,930
on the way, that there's a secret grand
jury and that the Americans didn't really
87
00:08:50,930 --> 00:08:56,720
appreciate their war crimes to be exposed
and the diplomatic cables to be in the
88
00:08:56,720 --> 00:09:02,670
Internet, to be understood and readable
for all of us and the media worldwide and
89
00:09:02,670 --> 00:09:09,630
so on. Of course, when people come
together and gather in any project, you
90
00:09:09,630 --> 00:09:16,160
have human beings, you have, they have
characters, they have mistakes. They do
91
00:09:16,160 --> 00:09:22,920
things that are not always great. So I'm
not trying to say here that everything was
92
00:09:22,920 --> 00:09:28,259
always great and it was only the CIA
messing it up. No, humans make mistakes
93
00:09:28,259 --> 00:09:33,660
and these mistakes in such an environment,
of course, get exploited, get amplified
94
00:09:33,660 --> 00:09:41,930
and so on. In 2007, WikiLeaks started
publishing some CIA documents and a whole
95
00:09:41,930 --> 00:09:47,540
series of it, the so-called 'Vault 7'
documents. And those documents describe
96
00:09:47,540 --> 00:09:54,899
technology, exploit programs from the CIA.
You probably, most of you will know them.
97
00:09:54,899 --> 00:10:01,339
If not, you can now look them up. And
these included tools that allowed the CIA
98
00:10:01,339 --> 00:10:06,070
to pretend to be someone else, including
coming from another country, speaking
99
00:10:06,070 --> 00:10:11,899
another language, be from Russia, in
Russia be from Iran and Farsi and so on.
100
00:10:11,899 --> 00:10:19,040
And Pompeo, who was at that moment still
head of the CIA, got very upset. And there's
101
00:10:19,040 --> 00:10:26,300
two references from this, one from April
2017, and another is from February 2018.
102
00:10:26,300 --> 00:10:36,430
In his first public speech as a CIA
director in 13 of April 2017, he made a
103
00:10:36,430 --> 00:10:41,029
speech at a conference working in
Washington and he said things like
104
00:10:41,029 --> 00:10:45,060
WikiLeaks walks like a hostile
intelligence service and talks like an
105
00:10:45,060 --> 00:10:52,620
intelligence service. And called WikiLeaks
a non-state hostile intelligence service.
106
00:10:52,620 --> 00:10:57,709
So for those of you who know a little bit
about information science, there's this
107
00:10:57,709 --> 00:11:04,010
idea of data is actually something you can
technically measure. Information is data
108
00:11:04,010 --> 00:11:08,350
in a context and intelligence is
information processed to a level where you
109
00:11:08,350 --> 00:11:14,459
can make decisions based on it. So being a
public intelligence service, I would say
110
00:11:14,459 --> 00:11:21,670
from that perspective is like an honorable
term. However, the way Pompeo emphasized
111
00:11:21,670 --> 00:11:26,529
it, I think was slightly not that
honorable. He was more comparing it to,
112
00:11:26,529 --> 00:11:33,120
you know, other state actors and evil
forces and so on, because the US
113
00:11:33,120 --> 00:11:40,889
understanding of intelligence service far
away from entities... sorry, I need a
114
00:11:40,889 --> 00:11:46,170
water... Is far away from entities just
collecting information, but as you know,
115
00:11:46,170 --> 00:11:54,170
they also mess up with other people's life
and so on. However, a year later, in
116
00:11:54,170 --> 00:12:03,079
February 2018, he even upgraded this type
of statement. The Zeit, German newspaper,
117
00:12:03,079 --> 00:12:07,470
reported about what he said at the Munich
Security Conference Intelligence
118
00:12:07,470 --> 00:12:13,490
Roundtable, and he said, a really nasty
sentence like that. Most of his time he's
119
00:12:13,490 --> 00:12:18,680
dealing with the non-state actors. And
that's like al-Qaida, Islamic State,
120
00:12:18,680 --> 00:12:28,289
WikiLeaks or Hezbollah. Like what a list.
So I have no idea what he has. What turned
121
00:12:28,289 --> 00:12:34,829
him into comparing these kind of things? I
mean, Hezbollah, I could say we in Berlin,
122
00:12:34,829 --> 00:12:41,540
we know they provide actually yummy
halloumi and some things. But yes, they
123
00:12:41,540 --> 00:12:46,569
are money launderers and are a suspected
terrorist in some areas or whatever, or
124
00:12:46,569 --> 00:12:52,680
have been declared terrorist. But their
hummus is really good, I can say. However,
125
00:12:52,680 --> 00:12:58,940
the point I'm trying to come to. So Pompeo
got very upset. He made all this
126
00:12:58,940 --> 00:13:05,870
comparison and he seems to have allocated
resources to deal with WikiLeaks and
127
00:13:05,870 --> 00:13:13,129
everybody jumping around. And it's no
surprise that as Wau Holland Foundation
128
00:13:13,129 --> 00:13:21,199
finances selected activities of specific
publications there, that we also got in
129
00:13:21,199 --> 00:13:27,579
the focus with us collecting donations
and, you know, talking with the guys and
130
00:13:27,579 --> 00:13:34,269
financing some projects. So before I'm
coming to very concrete events, I want to
131
00:13:34,269 --> 00:13:42,509
get one second into psychology. So, of
course, when things happen to you, from
132
00:13:42,509 --> 00:13:46,370
the intelligence perspective, they always
come with what's called plausible
133
00:13:46,370 --> 00:13:50,779
deniability. When there's a guy standing
in front of the door watching, you know,
134
00:13:50,779 --> 00:13:54,680
if you come in and out, it's not just
someone watching your door. It's someone
135
00:13:54,680 --> 00:14:00,120
reading the newspaper or repairing some
electrical pipes or some water pipe or
136
00:14:00,120 --> 00:14:03,810
whatever. I mean, that's always a good
reason for him to be there that has
137
00:14:03,810 --> 00:14:09,909
nothing to do with what he's doing and
that's a basic principle. Plausible
138
00:14:09,909 --> 00:14:15,899
deniability, how intelligence agencies act
in the so-called field. So meaning in your
139
00:14:15,899 --> 00:14:23,149
home or on the street, following you or
whatever. So over time, of course, if you
140
00:14:23,149 --> 00:14:27,820
have too much of this, you're seeing these
patterns, and that's probably mainly
141
00:14:27,820 --> 00:14:32,009
called paranoia. So you get like, you
know, suspicious of everything that
142
00:14:32,009 --> 00:14:36,400
happens that might be very legitimate, but
you get like the feeling that something is
143
00:14:36,400 --> 00:14:42,560
wrong and so on. And that can be, we could
also instead of paranoia, call it
144
00:14:42,560 --> 00:14:46,259
situational awareness at some points,
because if it really happens, it has
145
00:14:46,259 --> 00:14:51,540
nothing to do with your mind getting
crazy. It's just an accurate observation
146
00:14:51,540 --> 00:14:58,430
of patterns that happen around of you. But
you might know that and your two friends
147
00:14:58,430 --> 00:15:04,339
who experience the same might know that
your girlfriend, your partner, the normal
148
00:15:04,339 --> 00:15:07,970
people you deal with, they might all not
understand this and think that you're
149
00:15:07,970 --> 00:15:14,749
driving nuts. And this driving nuts is, of
course, an element that you always have to
150
00:15:14,749 --> 00:15:20,360
be self-critical, because on the one hand
side, you might indeed see too much things
151
00:15:20,360 --> 00:15:23,990
happening that do not really happen. And
on the other hand side, there's also the
152
00:15:23,990 --> 00:15:30,610
human drive that we don't want these CIA
guys to be in our life. We want everything
153
00:15:30,610 --> 00:15:35,320
to be fine. And to some extent, maybe
that's even healthy to not see the
154
00:15:35,320 --> 00:15:40,680
monsters all the time. But if they are
really there and you start denying them
155
00:15:40,680 --> 00:15:45,990
while they sit in front of you, that's
also not so helpful. So I found myself in
156
00:15:45,990 --> 00:15:51,959
this kind of weird environment where all
these kind of thoughts come up all the
157
00:15:51,959 --> 00:15:58,819
time. And I'm starting with the most
harmless stuff. So Internet attacks or
158
00:15:58,819 --> 00:16:04,829
well Internet incidents. I would... IT-
incidents, I called it here. Due to the
159
00:16:04,829 --> 00:16:11,499
pure volume of it, I will put this into a
separate presentation one day or report
160
00:16:11,499 --> 00:16:17,209
and in the next days or weeks or months.
And you can all have fun with it. But here
161
00:16:17,209 --> 00:16:24,079
is just some basic pattern. So devices you
use as communication terminals or
162
00:16:24,079 --> 00:16:28,860
communication devices, they always have
issues when you start to do encrypted
163
00:16:28,860 --> 00:16:35,399
stuff, and it's always when you do it with
specific people. So that's hm... Then,
164
00:16:35,399 --> 00:16:39,769
mobile phones with data service. At some
point, all of them have start to have
165
00:16:39,769 --> 00:16:49,259
issues. Very high volume of used data,
apps disappear if you use them at all. I
166
00:16:49,259 --> 00:16:55,970
stopped using them at all. High battery
usage. When you did nothing with your
167
00:16:55,970 --> 00:17:00,350
phone over hours and you were wondering
what's going on. OK, yes, we have buried
168
00:17:00,350 --> 00:17:03,949
their bags. We put them somewhere else.
But still, it's a little weird when your
169
00:17:03,949 --> 00:17:12,339
battery is empty half day. On LTE when I
configured my phone to be on LTE only it
170
00:17:12,339 --> 00:17:16,610
worked mainly fine. Next to that, I
couldn't make normal phone calls, but when
171
00:17:16,610 --> 00:17:22,670
I had to do the normal mode, it got
downgraded to 3G and there my encrypted
172
00:17:22,670 --> 00:17:28,110
connections started to have problems. On
my fixed lines, my VPNs when I tried to
173
00:17:28,110 --> 00:17:35,120
build up a VPN shows me certificate errors
and problems. And then of course you deal
174
00:17:35,120 --> 00:17:40,490
with journalists, which I'm doing with my
colleagues all the time. And they are not
175
00:17:40,490 --> 00:17:45,000
technical experts. They all have their
Macs and so on. So they have funny issues
176
00:17:45,000 --> 00:17:50,770
with their PGP keys not working anymore,
with their PGP setup not working anymore.
177
00:17:50,770 --> 00:17:55,630
Yes, it's also because it's open source
software, but there's also something going
178
00:17:55,630 --> 00:18:00,180
on. But this is kind of the world we all
know and we got used to it. You know, this
179
00:18:00,180 --> 00:18:05,840
is like, OK, IT doesn't work. Secure
connections break, well, happens all the
180
00:18:05,840 --> 00:18:16,730
time. From about mid 2017 when I still
regularly, like once or twice a month was
181
00:18:16,730 --> 00:18:21,810
flying over to see Julian in the embassy,
I realized that there was something
182
00:18:21,810 --> 00:18:25,950
changing with my treatment at the border.
That's of course, that's yeah, that's
183
00:18:25,950 --> 00:18:32,880
purely UK border police uncles. And they
like started to ask funny questions like
184
00:18:32,880 --> 00:18:37,120
"Do you live in the UK?", "What's your
occupation?", "How long do you stay?",
185
00:18:37,120 --> 00:18:41,850
"What do you do in the UK?". Before then
there was maybe one question, but not
186
00:18:41,850 --> 00:18:46,970
three or four of them. And the most
important was that I realized that he did
187
00:18:46,970 --> 00:18:52,060
not even listen to my answers. Sometimes
he started the first question after I
188
00:18:52,060 --> 00:18:56,280
answered the third, and it was feeling
like in a limbo, like with a machine who
189
00:18:56,280 --> 00:19:01,000
would randomly ask me things. But I then
realized he was just waiting for the green
190
00:19:01,000 --> 00:19:04,831
light on the screens to let me go. And
that green light probably meant that the
191
00:19:04,831 --> 00:19:12,350
team outside was ready to pick me up and
that's what happened. So I get into the UK
192
00:19:12,350 --> 00:19:17,770
and have people follow me like the whole
fucking day, not only on the way to the
193
00:19:17,770 --> 00:19:25,930
embassy, from the embassy back and so on.
I once spotted one of those persons like
194
00:19:25,930 --> 00:19:30,940
sitting at the street level on the other
side watching the whole time I was in an
195
00:19:30,940 --> 00:19:37,620
office, ground level. And because I had a
bit of experience with that in continental
196
00:19:37,620 --> 00:19:41,390
Europe, like in Germany, if you realized
these guys just go after you and you put
197
00:19:41,390 --> 00:19:46,220
your camera on your table or start even to
make photos of them, they're very quickly
198
00:19:46,220 --> 00:19:50,190
gone because they don't want to be
relocated, they don't like to be exposed
199
00:19:50,190 --> 00:19:56,530
and so on. But the British behaved in this
time, this scenario completely different.
200
00:19:56,530 --> 00:20:02,270
So he was like getting like, you know,
very aggressively body language, try
201
00:20:02,270 --> 00:20:09,570
spotting, looking back and so on. So that
was a little weird. That same day at three
202
00:20:09,570 --> 00:20:13,600
o'clock in the night when my friends drove
me to the place where I was sleeping in a
203
00:20:13,600 --> 00:20:19,280
one way street, there was still a car
following us, even in the one way street.
204
00:20:19,280 --> 00:20:25,990
So actually he had to turn back and so on.
That was no more covert surveillance. That
205
00:20:25,990 --> 00:20:33,860
was already at the edge to intimidation.
And then over the next months, I started
206
00:20:33,860 --> 00:20:39,030
to have new favorites, but not only in
England, also in other countries that I
207
00:20:39,030 --> 00:20:44,620
would see homeless looking like people on
the street level sitting there begging or
208
00:20:44,620 --> 00:20:50,790
leaning to some buildings. And at some
point I had to realize that the cheap
209
00:20:50,790 --> 00:20:55,130
plastic bags that they were wearing were
just a cover for cameras that were
210
00:20:55,130 --> 00:21:00,420
actually with Zoom and digital getting
into my direction. And so that felt a
211
00:21:00,420 --> 00:21:08,110
little, um. And so the idea of this
measures meant, if you look at their
212
00:21:08,110 --> 00:21:12,680
manuals, which you'll find somehow in the
Internet, is that the difference between
213
00:21:12,680 --> 00:21:16,570
discovered surveillance, which is to find
out where you are and to open
214
00:21:16,570 --> 00:21:22,410
surveillance, which I call intimidation
surveillance. The idea is you create in
215
00:21:22,410 --> 00:21:29,070
the person in this case and yeah, for me,
a state of distress. So you like
216
00:21:29,070 --> 00:21:34,170
constantly having this, like, you know,
looking around and you obviously have the
217
00:21:34,170 --> 00:21:39,170
idea that something is going on and they
let you know. They want to let you know
218
00:21:39,170 --> 00:21:50,450
and that's a little weird. So in April
2018, exiting in March 2018, I brought one
219
00:21:50,450 --> 00:21:58,260
of my Cryptophones, in this case a desk
phone based on a SIP phone called Snom 870
220
00:21:58,260 --> 00:22:04,940
back to our workshop here to repair. The
display had been exposed to heat and got a
221
00:22:04,940 --> 00:22:12,630
little melted. It's not so super high
quality LCD display, so I wanted just to
222
00:22:12,630 --> 00:22:17,900
replace the display. So I opened the thing
and I found actually a bug and that bug
223
00:22:17,900 --> 00:22:22,610
turned out to be a very sophisticated
thing. So there was a battery pack, there
224
00:22:22,610 --> 00:22:29,290
was a shielded thing. Behind that shielded
thing there was a module that had been
225
00:22:29,290 --> 00:22:36,460
soldered into. It was based on an FPGA,
some hardware crypto element. 16 GB of
226
00:22:36,460 --> 00:22:41,030
flash ROM. It was completely passive. So I
wouldn't have found it in any sweep
227
00:22:41,030 --> 00:22:47,970
because it just recorded whatever I talked
on that encrypted phone and would be
228
00:22:47,970 --> 00:22:54,850
triggered by high frequency to send out
the recorded stuff, encrypted in a signal.
229
00:22:54,850 --> 00:22:59,910
And you see here a URL to find more
pictures online. To give you an idea this
230
00:22:59,910 --> 00:23:06,230
is the thing I found. This is how it
looked like at the beginning. The phone
231
00:23:06,230 --> 00:23:12,130
itself has to PCB's one for the keyboards
and one for the connectors, processing and
232
00:23:12,130 --> 00:23:18,510
so on. This was the modified version of
the keyboard PCB with this battery pack
233
00:23:18,510 --> 00:23:25,170
in blue, the shielded module. And here
you get an idea of what was in there.
234
00:23:25,170 --> 00:23:30,030
That's pretty high tech. We did, of
course, look into what exactly do we have
235
00:23:30,030 --> 00:23:39,020
here, when were this chips produced, what
does it do and so on. But it's pretty
236
00:23:39,020 --> 00:23:45,850
obvious that this is like for those who
have read the Snowden documents intensely,
237
00:23:45,850 --> 00:23:50,070
it's what's called special collection
service. Inside there, there's a group
238
00:23:50,070 --> 00:23:57,340
called a target access operations TAO, and
they work together with a thing called
239
00:23:57,340 --> 00:24:03,760
PAG, the Physical Access Group because
someone and that was the thing, it was not
240
00:24:03,760 --> 00:24:09,400
only built into this phone, that phone had
been, of course, in a locked room. And I
241
00:24:09,400 --> 00:24:13,520
had to ask myself, OK, what happened here?
Here you see how they grabbed the audio
242
00:24:13,520 --> 00:24:21,160
with a glued mini PCB from the other main
controller into their little technology.
243
00:24:21,160 --> 00:24:26,830
And here you see a comparison picture, to
the right you see the original PCB
244
00:24:26,830 --> 00:24:30,860
keyboard, which has almost nothing on it.
And to the left, you see the modified
245
00:24:30,860 --> 00:24:40,710
version. A friend of mine made a bit of a
diagram and yeah, I'll just leave it for
246
00:24:40,710 --> 00:24:45,990
you. You can review it later. I'll upload
these PDF slides, of course. So here's
247
00:24:45,990 --> 00:24:52,320
some aspects of what was going through my
head over the time. Of course, the first
248
00:24:52,320 --> 00:25:01,590
question was: How long was this there? No
idea. Could be years. Um, the components
249
00:25:01,590 --> 00:25:10,600
we identified were produced around, oh no,
not earlier than April 2013. So if you
250
00:25:10,600 --> 00:25:16,630
remember, Snowden came with his revelation
mid of 2013 roughly. And I've been working
251
00:25:16,630 --> 00:25:21,840
for the Spiegel with others on the Snowden
documents next to that phone and
252
00:25:21,840 --> 00:25:28,980
coordinating a lot of it in the year 2013.
So in theory, it could be even related to
253
00:25:28,980 --> 00:25:35,110
that. Who knows. The dimensions such as
Kadian nonmetric origin, the antenna
254
00:25:35,110 --> 00:25:43,520
would, you know, work in the range of 800
MHz. So you find a mentioning of a PDF
255
00:25:43,520 --> 00:25:48,520
that tells you something about these
groups. But I did talk to some people who
256
00:25:48,520 --> 00:25:54,880
do professional sweeping, meaning, looking
for audio bugs and so on in devices and
257
00:25:54,880 --> 00:26:00,050
rooms. And they told me from the
experience of the Cold War until today,
258
00:26:00,050 --> 00:26:05,100
the operation to bring something into a
room, into a device, that's quite an
259
00:26:05,100 --> 00:26:09,540
effort because you need to secure, you
need to ensure you don't get caught and so
260
00:26:09,540 --> 00:26:15,400
on. And so what you normally do is,
because technology can fail, is you do not
261
00:26:15,400 --> 00:26:20,840
install one bug, you install at least two.
And the Cold War people told me, from the
262
00:26:20,840 --> 00:26:25,721
elder generation, that the relationship
was one to eight, so that because
263
00:26:25,721 --> 00:26:32,140
technology failed a lot back then.
However, that made me, of course, think,
264
00:26:32,140 --> 00:26:37,810
OK, what else could there be? You know,
what can I do to find the rest and so on.
265
00:26:37,810 --> 00:26:43,110
Does it even make sense? Can I secure all
the rooms that I use to work here and
266
00:26:43,110 --> 00:26:49,380
there in such a way that I could be sure.
And of course, I can't be. So this was the
267
00:26:49,380 --> 00:26:54,540
first hard confrontation with my own
cognitive dissonance, because all that
268
00:26:54,540 --> 00:26:59,150
surveillance theater where I said, OK,
Julian has some trouble, I don't think I
269
00:26:59,150 --> 00:27:02,620
had something to do with it. And when I
traveled to England, OK, they follow me,
270
00:27:02,620 --> 00:27:07,890
you know, you get used to that kind of
things, but like something you can have in
271
00:27:07,890 --> 00:27:13,850
your hand and that's outside of IT
incidents. That means that all your
272
00:27:13,850 --> 00:27:20,200
encrypted communications have been
listened to. Well, that feels shitty. So
273
00:27:20,200 --> 00:27:25,720
that's what I call a hot confrontation
with my own cognitive dissonance. The next
274
00:27:25,720 --> 00:27:32,340
thing I want to talk about is very recent.
It's about one and a half months old now.
275
00:27:32,340 --> 00:27:39,600
When here in Berlin, um, I went out
actually very early in the morning to get
276
00:27:39,600 --> 00:27:43,810
some stuff from a grocery in a time of
pandemic when no one is in the shop at
277
00:27:43,810 --> 00:27:48,830
seven or something in the morning. I come
back half an hour later and the key to my
278
00:27:48,830 --> 00:27:55,700
apartment door does not fit in the
cylinder anymore. That felt a bit shitty.
279
00:27:55,700 --> 00:28:02,320
Um, it was not a normal cylinder. It was a
so-called stealth cylinder. You might want
280
00:28:02,320 --> 00:28:06,960
to look in the Internet what it is. It's a
Swiss company, it's doing nice keys that
281
00:28:06,960 --> 00:28:12,540
you cannot photograph and copy because it
has inner elements with a sophisticated
282
00:28:12,540 --> 00:28:20,210
mechanical, a way of opening. I did,
however, when I bumped into my door and
283
00:28:20,210 --> 00:28:25,810
had to first I called my locksmith dude or
my friend from the lock picking industry,
284
00:28:25,810 --> 00:28:34,300
I could say, who had advised me to buy
that cylinder. I talked with my lawyer and
285
00:28:34,300 --> 00:28:38,560
we agreed it's a good idea to call the
police, to put it on the other list of
286
00:28:38,560 --> 00:28:43,700
things they had collected until then. I
then realized that I had been followed
287
00:28:43,700 --> 00:28:48,140
that morning, but I didn't take any
attention to it because I was just
288
00:28:48,140 --> 00:28:52,560
walking, you know in half-automatic mode to the
grocery and there was a couple talking
289
00:28:52,560 --> 00:28:57,890
such a bullshit. They will probably listen
to this talk and will remember the dialog.
290
00:28:57,890 --> 00:29:03,400
It was just not making any sense, but I
was too polite to point it out. And they
291
00:29:03,400 --> 00:29:08,190
were very closely. So it was not about
where I was going. It was about that I was
292
00:29:08,190 --> 00:29:12,870
not at home. So they ensured that in the
time frame that I was there, the other
293
00:29:12,870 --> 00:29:18,680
guys could operate and so on. Yeah, that
is an ongoing investigation. But I can
294
00:29:18,680 --> 00:29:26,160
tell you, this is the next incident where
like cognitive dissonance and the illusion
295
00:29:26,160 --> 00:29:30,700
you want to give this of, you know, I'm
not important in this game. Yeah. This
296
00:29:30,700 --> 00:29:34,730
guy is following me here and there. And this
feels kind of different. This is no more
297
00:29:34,730 --> 00:29:40,490
nice. Um, here's a little bit to get the
idea of the cylinder. You cannot really
298
00:29:40,490 --> 00:29:45,790
see the object that was inserted. But at
the end, we didn't get it out. For
299
00:29:45,790 --> 00:29:50,350
forensic reasons. We had to drill. Police
went through the apartment and so on.
300
00:29:50,350 --> 00:29:58,810
Yeah. Another interesting day you can
have. Um, so here's some aspects that I
301
00:29:58,810 --> 00:30:06,690
asked myself. Um, so was it even my
cylinder that I couldn't open? Maybe they
302
00:30:06,690 --> 00:30:14,600
could not lockpick the original stealth cylinder
I had. They had to open it in a violent way.
303
00:30:14,600 --> 00:30:21,570
They were in the apartment to whatever put
another bug in there. Um, but as they
304
00:30:21,570 --> 00:30:25,711
couldn't replace it with the original
cylinder as they had destroyed it, like
305
00:30:25,711 --> 00:30:31,700
they put another one in. And that's why my
key wasn't fitting. It's an option. Next
306
00:30:31,700 --> 00:30:36,740
option: Was it maybe a trap to make me
replace the broken cylinder with a cheaper
307
00:30:36,740 --> 00:30:43,360
one with a more simple one that they could
open then afterwards, when I was gone. The
308
00:30:43,360 --> 00:30:50,590
next option, or maybe was it not about the
door at all? Was it maybe just to freak me
309
00:30:50,590 --> 00:30:56,230
out? Um, of course it feels not so great
if you can't open your own apartment door
310
00:30:56,230 --> 00:31:01,930
and so on. And the first question was, of
course: How much time did I spend that day
311
00:31:01,930 --> 00:31:07,230
with, you know, with the police, drilling
open the door with all that kind of
312
00:31:07,230 --> 00:31:16,100
things? It more or less cost me a day. And
what maybe happened to my machines,
313
00:31:16,100 --> 00:31:22,630
meaning my computers, my other things,
maybe? Where was my attention not in that
314
00:31:22,630 --> 00:31:27,380
time frame? Because it could be, was a
pure distraction thing. It would freak him
315
00:31:27,380 --> 00:31:31,280
out a little bit. And while he's freaking
out, we do other things in his office or
316
00:31:31,280 --> 00:31:38,000
whatever, I can't rule it out. And then of
course, I mean, the police sent me some
317
00:31:38,000 --> 00:31:41,750
funny questions. I'm still working on
that, like, yeah, should I name Pompeo as
318
00:31:41,750 --> 00:31:49,860
a suspect? Not sure, but maybe I should.
Discussing it with my lawyer and so on.
319
00:31:49,860 --> 00:31:55,600
And also is it maybe related to the date?
This was the 3rd of November, just in case
320
00:31:55,600 --> 00:31:59,400
to have it said the 3rd of November is the
election day, or was the election day in
321
00:31:59,400 --> 00:32:03,740
the United States. And there were some
accusation that had something to do with
322
00:32:03,740 --> 00:32:14,220
the election some years ago. Um, so
however, the next event, incident number
323
00:32:14,220 --> 00:32:18,710
three, has to do with something that
happened in between, because on Monday,
324
00:32:18,710 --> 00:32:23,330
the day before they messed up with my
door, I had shipped some documents to
325
00:32:23,330 --> 00:32:29,260
Spain, I realized then. That was legal
documents that required me and a friend
326
00:32:29,260 --> 00:32:35,170
going to the Spanish embassy. We gave
power of attorney and so on because we are
327
00:32:35,170 --> 00:32:40,110
also accusing this company, UC Global,
which I talked about last year, which was
328
00:32:40,110 --> 00:32:45,500
the company running the surveillance or
the protections/surveliance at the
329
00:32:45,500 --> 00:32:48,910
beginning on behalf of the Ecuadorians in
that embassy and later turned out to be
330
00:32:48,910 --> 00:32:55,680
working, for (inaudible)'s company or at
least having a site arrangement there,
331
00:32:55,680 --> 00:32:59,070
which is still subject to an ongoing
lawsuit. And we participate in that
332
00:32:59,070 --> 00:33:03,790
lawsuit because not only Julian was spied
on, everybody was spied on, who was
333
00:33:03,790 --> 00:33:10,560
visiting him and so on. So I had shipped
documents on that Monday, almost six
334
00:33:10,560 --> 00:33:16,480
o'clock on the local post office here by
DHL Express. I put that documents in a
335
00:33:16,480 --> 00:33:21,740
sealed bag, that's like a bag was a serial
number and so on. That went together with
336
00:33:21,740 --> 00:33:27,640
the describing list what's inside the bag
into a white envelope that again, I sealed
337
00:33:27,640 --> 00:33:31,770
with, you know, seal tape. Then I gave
that to the post office. But they insisted
338
00:33:31,770 --> 00:33:37,180
that it gets in a DHL Express back. That's
what you get for the 70 Euro to be
339
00:33:37,180 --> 00:33:46,840
arriving within two days. So, yeah, the
stuff arrived on Wednesday, but all opened
340
00:33:46,840 --> 00:33:53,510
and the Spanish lawyers freaked completely
out. They were very sure that this was a
341
00:33:53,510 --> 00:33:59,850
meddling. You would see that it was sliced
open and so on. Yes. You see this funny
342
00:33:59,850 --> 00:34:06,410
duct tape here called Zoll. But why would
the German customs open a document
343
00:34:06,410 --> 00:34:11,200
shipment within Europe? That just not
makes a lot of sense. It's still on the
344
00:34:11,200 --> 00:34:16,580
way to be checked. In theory, they could
do that. But also this incident has some
345
00:34:16,580 --> 00:34:21,310
aspects. It's a breach of attorney client
privilege. That's why the Spanish lawyers
346
00:34:21,310 --> 00:34:26,399
insisted as we bring this to a criminal
complaint. They did on their end right
347
00:34:26,399 --> 00:34:32,550
when they received it and they made those
photos. So was German customs even
348
00:34:32,550 --> 00:34:38,610
involved or was just their duct tape used
by some funny people. Why when I emailed
349
00:34:38,610 --> 00:34:43,870
all this to my lawyer with the picture
sent to one, why did he not receive the
350
00:34:43,870 --> 00:34:51,020
email until he realized on Monday that it
somehow ended in his trash? He also
351
00:34:51,020 --> 00:34:56,710
freaked out. And then I talked with DHL of
course, I made a big fuss there and they
352
00:34:56,710 --> 00:35:02,210
were like, no, we cannot tell you on which
legal grounds the shipment was opened. We
353
00:35:02,210 --> 00:35:06,800
cannot tell you who did it. But if you
have an inquiry, why don't you send it to
354
00:35:06,800 --> 00:35:11,620
the customs? So without giving me even
which customs entity it would be or
355
00:35:11,620 --> 00:35:17,450
whatever. And again, of course, this is
kind of an interesting story, but I have
356
00:35:17,450 --> 00:35:21,730
normally other priorities in my life. So
I'm asking myself, oh gosh, how many days
357
00:35:21,730 --> 00:35:26,960
shall I waste here with finding out who
opened the fucking shipment. But, you
358
00:35:26,960 --> 00:35:31,930
know, this is, again, the state of
distress. This is, again, the effort. And
359
00:35:31,930 --> 00:35:36,340
it's, again, a reminder. We are after you.
We check your things. We don't like
360
00:35:36,340 --> 00:35:43,790
your're suing the CIA, a suspected company
and so on and so on. So coming to a bit of
361
00:35:43,790 --> 00:35:51,160
a conclusion of this talk, as we also want
to have time for questions and so on. I
362
00:35:51,160 --> 00:35:54,190
want to talk about three aspects. The one
is the elephant in the room and the
363
00:35:54,190 --> 00:36:01,610
problem of the missing socks. So at some
point, I don't want to say that I have
364
00:36:01,610 --> 00:36:07,280
been completely not in a state of
distress. And so I don't know how this
365
00:36:07,280 --> 00:36:13,250
affects my sanity and those people
surrounding me. So your cognitive systems
366
00:36:13,250 --> 00:36:19,810
get kind of otherwise triggered and you
start to see these things everywhere. And
367
00:36:19,810 --> 00:36:26,730
when then you wash some socks and it turns
out there's a sock missing. The other
368
00:36:26,730 --> 00:36:32,270
person in my life was like, OK, CIA.
However, I did suspect the bed sheets and we
369
00:36:32,270 --> 00:36:37,320
found one of the socks in a bed sheet. So
when you know, the problem is socks get in
370
00:36:37,320 --> 00:36:40,820
the drum sometimes, Hanging, then you wash
something different then like a bed sheet
371
00:36:40,820 --> 00:36:45,310
and a bed sheet is an excellent place to
hide things that have been in the drum.
372
00:36:45,310 --> 00:36:50,330
Get into the bed sheet and you just try it
with it and you don't even realize it and
373
00:36:50,330 --> 00:36:57,040
so on.. So while I'm a complete, I for
entertainment reasons and also for, you
374
00:36:57,040 --> 00:37:02,020
know, you need to relax your brain in such
a situation once in a while, I'm totally
375
00:37:02,020 --> 00:37:06,990
OK to say the CIA is responsible for
everything, including the missing socks,
376
00:37:06,990 --> 00:37:11,620
but I suspect the bed sheet first and
realize that yes, this is a joke and this
377
00:37:11,620 --> 00:37:18,200
is escapism and it helps you maybe to stay
sane for a little moment. But in the long
378
00:37:18,200 --> 00:37:23,620
term, I don't know. So and that's the I
don't know part is the other two slides
379
00:37:23,620 --> 00:37:27,130
that are coming now. So what should I do?
And I should invite some friends and
380
00:37:27,130 --> 00:37:34,520
declare my office here like a laboratory
for surveillance. Yeah, it has been
381
00:37:34,520 --> 00:37:38,110
before. I looked at one technology, but
this case is surveillance technology,
382
00:37:38,110 --> 00:37:43,900
looking at me and my friends. So it's
slightly different. And it's maybe also
383
00:37:43,900 --> 00:37:51,270
important to not get into some kind of
auto response mode when things happen.
384
00:37:51,270 --> 00:37:55,200
Because I was thinking also, what the
fuck? Why are they doing all these things?
385
00:37:55,200 --> 00:38:00,220
It cost them money. It costs them effort.
Is it to freak me out? Is it that they
386
00:38:00,220 --> 00:38:06,560
think that like like like I'm seriously in
such an evil mode organization that, you
387
00:38:06,560 --> 00:38:11,480
know, they will escalate things and I will
start to throw bombs at the U.S. Embassy
388
00:38:11,480 --> 00:38:18,650
or I don't know. I have no idea what their
idea is, but I just try to stay like slow
389
00:38:18,650 --> 00:38:27,720
motion and think about it. The next aspect
is how ever do I infect other people? And
390
00:38:27,720 --> 00:38:32,270
now I'm not talking about my paranoia or
my situational awareness, as I would call
391
00:38:32,270 --> 00:38:40,750
it, which, of course, at some point it's
ongoing and it's no more sometimes. But
392
00:38:40,750 --> 00:38:48,080
when I talk with normal people, with other
journalist, with people I deal with for
393
00:38:48,080 --> 00:38:55,630
normal things, and they visit me and we do
whatever kind of social things, like
394
00:38:55,630 --> 00:38:59,750
normal things, like having food. And
afterwards, the way they call me a day
395
00:38:59,750 --> 00:39:04,840
later and say, oh, finally my phone
started rebooting twice yesterday and
396
00:39:04,840 --> 00:39:09,860
these kind of things so that you think,
OK, it's not my paranoia that is
397
00:39:09,860 --> 00:39:15,510
infectious. It's actually they obviously
want to not only know what kind of people
398
00:39:15,510 --> 00:39:18,960
I'm dealing with and look into their
technology, they also want to freak them
399
00:39:18,960 --> 00:39:27,080
out. So this is not cool. And it also
means that the type of ignorance you could
400
00:39:27,080 --> 00:39:31,950
normally apply and say, well, ignorance is
a bliss. Come on, let's have have a nice
401
00:39:31,950 --> 00:39:38,420
day and forget about all this. That's kind
of limited. That's no more an option. Um,
402
00:39:38,420 --> 00:39:44,050
and also while I've been dealing with that
type of stress and that type of thing for
403
00:39:44,050 --> 00:39:51,040
a while now, and I can say, yeah, well,
that's how it is. And, um, it doesn't mean
404
00:39:51,040 --> 00:39:56,030
that everybody dealing with you can do
that. There's people that are seriously
405
00:39:56,030 --> 00:40:02,440
freaked out by such a situation and it
creates fear, it creates anger, stress and
406
00:40:02,440 --> 00:40:08,060
so on. So that's not cool. So, um, my last
slide that ends up with a question to you
407
00:40:08,060 --> 00:40:14,882
guys is how to get out of this mess. So,
you know, option one, I managed to get
408
00:40:14,882 --> 00:40:20,810
proper authorities to make the CIA stop
acting illegal. OK, I heard the laughing.
409
00:40:20,810 --> 00:40:27,930
I know this is ridiculous, but, you know,
it would be so beautiful. Justice
410
00:40:27,930 --> 00:40:32,630
prevails. The German authorities, the
European ones pick it up. I finally
411
00:40:32,630 --> 00:40:35,940
managed to escalate it to the
Generalbundesanwaltschaft. And I do not
412
00:40:35,940 --> 00:40:39,550
have to talk with the German intelligence
services as I'm not sure they would be
413
00:40:39,550 --> 00:40:47,680
helpful in this game. And they make the
stop, the CIA stop acting illegal and
414
00:40:47,680 --> 00:40:52,830
against me and the other person
surrounding beautiful dream. But OK, not
415
00:40:52,830 --> 00:40:59,690
very realistic. Maybe option two, Pompeo
realizes Jesus loves WikiLeaks and
416
00:40:59,690 --> 00:41:04,680
whatever shall become true will become
true. He reads it on the Bible. Pompeo
417
00:41:04,680 --> 00:41:08,890
seems to me if you look at his Twitter
account, reasonable believe in Jesus
418
00:41:08,890 --> 00:41:13,830
Christ and all that thing. So he realizes
it's all wrongdoing against Julian,
419
00:41:13,830 --> 00:41:20,040
WikiLeaks and all the people targeted in
that context and stops it. I know. OK,
420
00:41:20,040 --> 00:41:26,930
shit happens. What? But if that's
realistic, I don't know. You tell me. And
421
00:41:26,930 --> 00:41:31,460
the third option. I don't know. Maybe you
have some ideas. And that's my question to
422
00:41:31,460 --> 00:41:39,190
you at the audience and that's the end of
my prepared part of the talk.
423
00:41:39,190 --> 00:41:47,940
Herald: And with these words. Thank you,
Andy, for the brilliant talk. In the
424
00:41:47,940 --> 00:41:53,250
meantime, I received some messages. A
third option would be to have a great
425
00:41:53,250 --> 00:41:59,430
vinyard, vinyard. Sorry, I personally
Andy: Yes, yes it's completely right. I
426
00:41:59,430 --> 00:42:02,780
considered actually maybe I should do
something with goats, become a farmer or,
427
00:42:02,780 --> 00:42:08,800
you know, yeah, there's these options. But
I thought before I give it up and find my
428
00:42:08,800 --> 00:42:14,640
way on the countryside, I outsource the
problem to the community and see what they
429
00:42:14,640 --> 00:42:20,020
think.
Herald: In the meantime, I think there is
430
00:42:20,020 --> 00:42:28,090
plenty of time for a great white wine, but
to our questions, we have indeed plenty of
431
00:42:28,090 --> 00:42:33,400
questions. The first question would be: How
would you compare the surveillance of the
432
00:42:33,400 --> 00:42:40,170
CIA or other to surveillance of the DDR?
So for the Deutsche Demokratische
433
00:42:40,170 --> 00:42:45,100
Republik.
Andy: Well, I'm born in Hamburg in West
434
00:42:45,100 --> 00:42:50,630
Germany. I lived in East Germany when the
government was already falling into
435
00:42:50,630 --> 00:42:57,920
pieces. It was technically still there. So
I'm not the best person to compare it. But
436
00:42:57,920 --> 00:43:04,210
I did talk with a person I know who worked
for the foreign intelligence services
437
00:43:04,210 --> 00:43:08,130
because there was, you know I simplified
here, of course, the incidents a little
438
00:43:08,130 --> 00:43:13,619
bit. There was one scene when later I went
into my kitchen that day when my door lock
439
00:43:13,619 --> 00:43:19,960
got tampered with and I found a blue
plastic glove and I don't have blue
440
00:43:19,960 --> 00:43:24,420
plastic gloves. And I asked my locksmith
guy, he was like, no, it's not for me. And
441
00:43:24,420 --> 00:43:28,830
the police had black ones. So I thought,
what the fuck? Maybe the guys have been
442
00:43:28,830 --> 00:43:32,510
inside the apartment, which I didn't
thought earlier because of a second look
443
00:43:32,510 --> 00:43:38,800
and the police checked and so on. Um, and
then I talked to discuss it with this
444
00:43:38,800 --> 00:43:43,490
person I know. He's a quite friendly man,
was working in the foreign intelligence of
445
00:43:43,490 --> 00:43:48,610
that country. And so and he was like, you
know, you have to look at it from a cost
446
00:43:48,610 --> 00:43:54,000
effectiveness point of view, like that
piece of plastic costs you ten cents,
447
00:43:54,000 --> 00:43:59,650
nothing, and it freaks you out three
months. So see how much how cost effective
448
00:43:59,650 --> 00:44:07,430
it is. And I mean, that's a good aspect.
That's a good point. And so I think that
449
00:44:07,430 --> 00:44:12,830
the East German Stasi, the guys, the East
intelligence guys, they also they knew
450
00:44:12,830 --> 00:44:18,110
very well the difference. And they had
both instruments in there, you know, in
451
00:44:18,110 --> 00:44:24,390
their program to either do covert
surveillance really like not let you know.
452
00:44:24,390 --> 00:44:29,640
And the department for "we let him know
and see how he reacts" or "we let him know
453
00:44:29,640 --> 00:44:34,840
because he's ongoing doing things that we
want him to, you know, stop it and get
454
00:44:34,840 --> 00:44:39,400
intimidated". And so on, and get scared
maybe or his wife gets scared or this kind
455
00:44:39,400 --> 00:44:48,180
of thing. So I think it is comparable.
Herald: Cool. Well, not cool. Speaking of
456
00:44:48,180 --> 00:44:54,210
covert versus overt civilians.
As you now know, does it still
457
00:44:54,210 --> 00:45:00,540
bother you emotionally?
Andy: Um, well, what bothers me sometimes
458
00:45:00,540 --> 00:45:06,420
is, you know, it's also it has a sometimes
it's nice to be alone and it's sometimes
459
00:45:06,420 --> 00:45:14,150
nice to not think about the CIA guys being
in the apartment next door or in my case,
460
00:45:14,150 --> 00:45:21,720
an apartment under me or in the
surrounding environments. Um, but thinking
461
00:45:21,720 --> 00:45:27,720
about normal things like playing a puzzle
or seeing some funny spy movies. Oh,
462
00:45:27,720 --> 00:45:35,030
that's almost relaxing. No, seriously, at
some point it sucks a little bit. I get my
463
00:45:35,030 --> 00:45:41,580
kind of deal with it. But I mean, this
20/20 era has of course, complicated or
464
00:45:41,580 --> 00:45:46,790
has made it almost impossible to travel.
So normally I escape my intensity of my
465
00:45:46,790 --> 00:45:54,080
work situation with travels. Maybe I can
do that this year. So it feels a little
466
00:45:54,080 --> 00:46:00,410
more intense and annoys a little bit.
And I would like to get these guys out of
467
00:46:00,410 --> 00:46:05,150
my life and do something useful with their
life or whatever.
468
00:46:05,150 --> 00:46:17,450
Herald: Now, the next question, he or she
or the person or creature probably missed
469
00:46:17,450 --> 00:46:20,930
it: Do you dissemble all your devices on a
regular basis?
470
00:46:20,930 --> 00:46:29,740
Andy: No, I usually do just regular and
seal them. In this case, the seal had
471
00:46:29,740 --> 00:46:35,410
an issue with with the heat as well. So,
and I was lousy on checking it. I have to
472
00:46:35,410 --> 00:46:42,360
say so. Yes, that's something. I mean, if
you have one office, you can do that. I
473
00:46:42,360 --> 00:46:48,530
tend to work on different continents even,
and that turned out to be a bit of an
474
00:46:48,530 --> 00:46:53,880
issue. So, yes, you need to have safes
everywhere and seals and duh, duh, duh,
475
00:46:53,880 --> 00:47:01,230
duh. But even then, you know, Pompeo
seems to have justified or have given
476
00:47:01,230 --> 00:47:07,490
orders to do these things no matter the
costs. And my expectation to have like a
477
00:47:07,490 --> 00:47:15,630
"private" or "secure" encrypted channel so
is very limited for a while, watching that
478
00:47:15,630 --> 00:47:20,730
effort. The encryption of the cryptophone
obviously was good. Otherwise they
479
00:47:20,730 --> 00:47:25,980
wouldn't have had the effort to, you know,
build something in. But at the end of the
480
00:47:25,980 --> 00:47:33,210
day, for me, it has the same impact. It's
like, well, you know, it's a phone, it's a
481
00:47:33,210 --> 00:47:38,400
piece of device, it's in a room. The room
has windows. We've seen what they've done
482
00:47:38,400 --> 00:47:44,040
with the embassy windows and so on. So
it's like, yeah, security. What a nice
483
00:47:44,040 --> 00:47:51,140
idea, but it doesn't really exist.
Herald: Yeah. Do you try giving a few
484
00:47:51,140 --> 00:47:57,260
coins to the homeless looking people to do
either some reverse intimidation or good
485
00:47:57,260 --> 00:48:03,869
deed if they are not CIA?
Andy: Yeah, that's, I mean, I had this one
486
00:48:03,869 --> 00:48:11,550
particular situation where I was waiting
for someone on kind of a shopping street,
487
00:48:11,550 --> 00:48:18,570
and I just said something is wrong with
the guy. But when I saw the camera and saw
488
00:48:18,570 --> 00:48:24,060
and he also rushed away. So, no, I didn't
give them the money. The second
489
00:48:24,060 --> 00:48:31,070
scenario... No, but it's a good idea. Um,
the thing is, what I started to do is to
490
00:48:31,070 --> 00:48:35,890
always have a camera with me. That turns
out for me to be important, to be able to
491
00:48:35,890 --> 00:48:40,800
document things. And also most of them,
except the British, don't like it when
492
00:48:40,800 --> 00:48:45,250
they are being photographed. And you
either, they, it's very interesting
493
00:48:45,250 --> 00:48:49,430
because normal people do realize when they
are being photographed. But these guys are
494
00:48:49,430 --> 00:48:54,610
either pretending, no, I don't see that
you photograph me. You know, they look a
495
00:48:54,610 --> 00:49:01,700
little bit with too much energy away from
it or they are seriously disturbed and go
496
00:49:01,700 --> 00:49:05,060
away.
Herald: So the best solution would be to
497
00:49:05,060 --> 00:49:09,630
have the boldest, biggest, largest camera
always in hand.
498
00:49:09,630 --> 00:49:14,340
Andy: Yeah, let me say it like this. I
mean, I've not been a fan of surveillance
499
00:49:14,340 --> 00:49:21,150
technology and for sure not of CCTV for a
long part of my life. But I start to like
500
00:49:21,150 --> 00:49:27,350
the idea of CCTV at some places in my own
environment. I'm sorry to say that, but
501
00:49:27,350 --> 00:49:31,590
there's compromises you can make like
surveil feet, you know, other parts you
502
00:49:31,590 --> 00:49:37,110
don't always need the faces. If you need
the faces , yeah there's options.
503
00:49:37,110 --> 00:49:43,280
Herald: And still, analog photography is a
great thing. But that's my personal
504
00:49:43,280 --> 00:49:48,870
opinion. Um. You maybe you want to, you
can talk, maybe you cannot talk about: Do
505
00:49:48,870 --> 00:49:54,190
you use other counter measurements you
want to talk about or can talk about?
506
00:49:54,190 --> 00:49:58,960
Andy: You know, I obviously don't want to
talk about it. But I mean, I've been, um.
507
00:49:58,960 --> 00:50:09,330
But I was wondering myself how, um, why I
had this rather intense things going on. I
508
00:50:09,330 --> 00:50:13,680
mean, I was wondering, is it the time
frame? Is it me as a person? It might have
509
00:50:13,680 --> 00:50:20,320
to do with actually being in this funny
scene? Of course, I've learned. I mean, I
510
00:50:20,320 --> 00:50:25,470
know lock picking persons, I've always had
an eye on having good locks based on their
511
00:50:25,470 --> 00:50:30,380
advice, and understanding how easy it
would be otherwise. And using encryption
512
00:50:30,380 --> 00:50:37,980
was also not always about, like, hiding
something. It was just good practice of
513
00:50:37,980 --> 00:50:43,450
having privacy and operational security.
So for me, that was very normal for many
514
00:50:43,450 --> 00:50:48,150
years to do that. And maybe, you know,
compared to other persons, that made me
515
00:50:48,150 --> 00:50:54,480
more interesting. I don't know. I'll find
out one day. But I think it's a good idea
516
00:50:54,480 --> 00:50:59,520
for everybody involved to think about
these three aspects: physical security,
517
00:50:59,520 --> 00:51:06,430
encryption, and also what kind of ways do
you have to realize if something is being
518
00:51:06,430 --> 00:51:08,630
tampered with.
Herald: Yeah -
519
00:51:08,630 --> 00:51:13,490
Andy: And that's not necessarily
monitoring. I mean, monitoring can help,
520
00:51:13,490 --> 00:51:17,570
but on the other hand side, yeah, with
monitoring systems, they can also deal
521
00:51:17,570 --> 00:51:22,090
with.
Herald: Like physical checksums(?), kind
522
00:51:22,090 --> 00:51:28,300
of. Our next question: Do you ask the
police at the border if everything is
523
00:51:28,300 --> 00:51:33,950
prepared now?
Andy: You know, the British border,
524
00:51:33,950 --> 00:51:38,470
probably that's a reference to, I don't
travel to the UK anymore. I decided, you
525
00:51:38,470 --> 00:51:43,200
know, after they dealt with Julian there,
I don't like that place anymore. I never
526
00:51:43,200 --> 00:51:49,840
felt so well there. And actually, maybe I
forgot to mention that, after this kind of
527
00:51:49,840 --> 00:51:55,920
treatment at the border started I also
started avoiding sleeping in the UK. So I
528
00:51:55,920 --> 00:52:01,200
made day trips sometimes, in order to get
the last plane out of the country. I was
529
00:52:01,200 --> 00:52:05,100
flying to Zürich first, because it was a
late flight to Zürich and then the next
530
00:52:05,100 --> 00:52:09,650
morning to Berlin. I felt in Zürich better
at the bar of a shitty hotel than in
531
00:52:09,650 --> 00:52:16,000
London Central City with, yeah, this
special relationship, as it's called,
532
00:52:16,000 --> 00:52:21,280
between the intelligence of the UK and
those of the US.
533
00:52:21,280 --> 00:52:28,790
Herald: I see. Speaking of sleeping, or in
this case concerning your apartment, the
534
00:52:28,790 --> 00:52:33,730
question would be: Would some home
surveillance system bring some relief, for
535
00:52:33,730 --> 00:52:37,260
example?
Andy: Well, that's like, that's like
536
00:52:37,260 --> 00:52:42,720
exchanging the devil with the other dude,
right? I mean, no, I'm not really a fan of
537
00:52:42,720 --> 00:52:46,610
that. But yes, of course, I had to at the
end of the day, at least check with my
538
00:52:46,610 --> 00:52:55,480
door and so on, what I can do to detect
and record things and so on. But it's not
539
00:52:55,480 --> 00:53:00,640
a pleasure. It's not like, I don't know. I
mean, yes, you end up doing that kind of
540
00:53:00,640 --> 00:53:03,920
shit. But that's not how life on planet
Earth should be.
541
00:53:03,920 --> 00:53:10,550
Herald: Yeah, yeah. It's, it's a kind of a
trade off, for what return. And yeah -
542
00:53:10,550 --> 00:53:14,830
Andy: I mean, the thing is, I mean, look,
I'm a German citizen. What I'm doing is
543
00:53:14,830 --> 00:53:19,940
constitutionally protected. I live in the
governmental district of Berlin. It's
544
00:53:19,940 --> 00:53:26,080
fairly safe here. But, you know, I have
friends in other places, other situations,
545
00:53:26,080 --> 00:53:34,270
their life is completely different there,
and that is more what worries me. That I'm
546
00:53:34,270 --> 00:53:37,869
in a relatively cool position, secure
position. That's why I can talk about
547
00:53:37,869 --> 00:53:43,221
these things. But I have friends who have
a more severe situation and they are not
548
00:53:43,221 --> 00:53:48,220
sure they should talk about it, to not
escalate things. And that's a very tricky
549
00:53:48,220 --> 00:53:56,250
choice to make, maybe.
Herald: Yes, indeed. Um, that brings us to
550
00:53:56,250 --> 00:54:02,290
another question. And I think this is a
perfect point to mention that. Can we do -
551
00:54:02,290 --> 00:54:06,830
What can we do to support you in getting
out of this mess? And what can we do in
552
00:54:06,830 --> 00:54:10,240
general for this?
Andy: While I really appreciate the
553
00:54:10,240 --> 00:54:16,119
question, I don't have a good answer. But
I think, yes, I would like to discuss more
554
00:54:16,119 --> 00:54:22,710
with people about what can be done. I
mean, for the moment, I'm dealing with
555
00:54:22,710 --> 00:54:29,890
police, with lawyers, the Spiegel guys I'm
working with, they also find some ways
556
00:54:29,890 --> 00:54:37,240
maybe to address it. Um, but it seems like
at least if it comes to Julian's
557
00:54:37,240 --> 00:54:42,410
situation, things are, yeah, badly
escalated and it's all a bit interrelated.
558
00:54:42,410 --> 00:54:49,340
So I don't have a good answer at this
moment, but I think it's a good idea to
559
00:54:49,340 --> 00:54:55,720
discuss it more and also maybe identifying
other people who are in some kind of a
560
00:54:55,720 --> 00:55:01,060
risk situation because these things
happened. And so maybe, hopefully was able
561
00:55:01,060 --> 00:55:05,940
to show it's not that difficult to get
into such a mess. It's - it happens.
562
00:55:05,940 --> 00:55:11,160
Herald: Yeah, and speaking of discussing,
you mentioned earlier, there is a Big Blue
563
00:55:11,160 --> 00:55:17,210
Button to discuss any further. You will
find it in the 2D area, in the 2D world in
564
00:55:17,210 --> 00:55:21,850
the Whistleblower Wiki. Is that right?
Andy: Yes. In the tent, actually, I was
565
00:55:21,850 --> 00:55:26,710
told. In the tent is the URL to the Big
Blue Button or somehow it's interlinked
566
00:55:26,710 --> 00:55:32,300
there.
Herald: So again, please go out, explore
567
00:55:32,300 --> 00:55:37,599
the 2D world. And of course, the
whistleblower tent. We still have some
568
00:55:37,599 --> 00:55:45,330
minutes left. How do you do mentally? Did
you use any method to keep your head clean
569
00:55:45,330 --> 00:55:52,520
or clear and, did you freak out?
Andy: Yeah, that's a good question. Um. I
570
00:55:52,520 --> 00:56:00,490
drink too much vodka, but I try to keep
it with good quality. Um, let me say it
571
00:56:00,490 --> 00:56:08,599
like this. The real trouble is maybe that
while in this scene here, people have a
572
00:56:08,599 --> 00:56:18,230
rough understanding of this type of things
already. Um, I also liked to have, to be
573
00:56:18,230 --> 00:56:22,400
around with people who have nothing to do
with IT, with security, with all these
574
00:56:22,400 --> 00:56:28,100
kind of things. So-called normal people.
Sometimes it's refreshing to be with them,
575
00:56:28,100 --> 00:56:38,400
but their ability to understand this mess
is a little bit limited. So it's, I think
576
00:56:38,400 --> 00:56:43,320
others judge better how I'm doing
mentally. I'm trying to keep my head up
577
00:56:43,320 --> 00:56:50,650
and finding a good way out. But if anyone
has a good idea, I am really all for
578
00:56:50,650 --> 00:56:57,160
listening and see what's possible.
Herald: In this case. I can can come back
579
00:56:57,160 --> 00:57:03,810
to the vineyard and it's pretty relaxing
to have work in the late autumn.
580
00:57:03,810 --> 00:57:11,330
Andy: All right. Even during a pandemic.
OK, you just find a way there. Yeah.
581
00:57:11,330 --> 00:57:16,520
Herald: It's outside and it's a lot of
distance between the people. I think this
582
00:57:16,520 --> 00:57:21,740
will work. So the last question: Red or
white wine?
583
00:57:21,740 --> 00:57:26,350
Andy: Red, red wine.
Herald: Red.
584
00:57:26,350 --> 00:57:32,050
Andy: Yeah, definitely. And I mean, thanks
for all this. Just to point out, please,
585
00:57:32,050 --> 00:57:36,200
we also have to work on to getting Julian
out there and others who are in this mess
586
00:57:36,200 --> 00:57:41,511
who can't even talk about it. I really
appreciate the opportunity to talk to you
587
00:57:41,511 --> 00:57:48,470
guys, but it's also about the others. And
let us get Julian out here, please. Out
588
00:57:48,470 --> 00:57:52,490
that shit there.
Herald: With these great words, Andy,
589
00:57:52,490 --> 00:58:00,700
thanks for your time. Thanks for being
here at the remote chaos. As mentioned, we
590
00:58:00,700 --> 00:58:07,130
still have the opportunity to ask you some
questions in the whistleblower tent. And
591
00:58:07,130 --> 00:58:16,229
with this, have a nice evening. Try to
relax and see you latest - next time.
592
00:58:16,229 --> 00:58:18,730
Andy: Goodbye.
593
00:58:18,730 --> 00:58:39,220
postroll music
594
00:58:39,220 --> 00:58:57,310
Subtitles created by c3subtitles.de
in the year 2020. Join, and help us!