OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Full-disclosure] The Harry Potter hoax, or manipulating the mass media for fun and for profit.

From: PSYOP HARRY POTTER (psyop.harry.potterSafe-mail.net)
Date: Fri Jun 22 2007 - 16:02:51 CDT


#####################################################################
Title : The Harry Potter Hoax
 
Class : Social Engineering / Denial Of Service
 
Severity : Critical
 
Solution Status : Unpatched
 
Vendor : The Media
 
Affected versions: The People
 
#####################################################################

- OVERVIEW:

Harry Potter book has not been stolen.

It has been an homebrew experiment of a well known military tactic named Psychological Operation (PSYOP), applied to Information Warfare.

In less than 48 hours a fake news has realized 200 newspaper publication (including BBC, CNN, REUTERS) , 10.000+ blogs, many TV reportage, from the India to Southamerica.

PSYOPs can be summarized as: the creation of a fake information, a partial description or censorship applied to mass media.

PSYOPs are widely used by non-democratic governments in different countries around the world and by big political-economical lobbies in western countries.

Our goal was to provide the world with a Proof of Concept of how vulnerable is today information society and let you think seriously about that.

- DESCRIPTION:

The Harry Potter book apparent theft has been made up as a simple exemplification of the power of PSYOPs in polluting mass media information flow with fake and useless news, distracting the attention of the masses from real problems and their solutions.

PSYOPs are well known since world war II and widely used to influence the perception of evenements. A wide literature on the subject is available on and offline, from military, intelligence agencies and governmental sources.

The mix that allowed a completely fake news to gain in less than 24 hours the honors of primetimes allover the world is as cheap and simple as terrific in its efficacy:

.a futile but really widespread subject for which an high expectation is already set worldwide

.a salad of religion, technology and language

.an accurate choice of the entry point in the information flow

Far more articulated Psyops are conducted on a daily basis in different countries around the world, manipulating the reality perceived by millions of people and, with that, manipulating you, The People.

Could we distinguish what is true from what is manipulated?

Are you aware that information warfare is for real and not only a good subject for best sellers' novelists?

- EXPLOITATION METHODS:

Targets of PSYOP can be different: in our scenario we choose to target ordinary people, in order to demonstrate how little effort is needed in order to achieve the worldwide diffusion of wellbuilt news.

Controling the masses is a formidable tool for putting under pressure the
decision makers.

What we see everyday in the news, in a way that is indipendent from the media streaming them, is a battle for the control of our perception of facts.

Let's see how PSYOPs can be deployed, by leveraging on the global media stream:

1) by building fake information for primary effect: a fake, or a partial true news is spread along the more influencial media. The better this news is built and sustained, the more impact it will have on the perception of originating facts among the media consumers. An important effect is that the attention is distracted from the fact and its eventual witnesses.

example: The man on the moon

2) by building fake informations for manipulating large consensus. It is possible to create news for attracting attention around a person, a society, a trend. The apparent targets are the news consumers intended in terms of "public opinion". This way is possible to foster support to unpopular governmental decisions or to damage the consensus towards someone or something. The latter being the actual target of this kind of operations.

example: 911

3) by building fake attribution of an anonymous action: when an unpopoular action bring the attention, the attribution or the linking to a certain organization, society, etnicity, produces a negative view of the target. Even if the news is later denied, the first perception made a strong point in conditioning the media consumers.

4) by manipulating the timing of news disclosures in order to attract and/or retain the media consumers attention: time control the publication,

insist on old notice, expose with strong emotional language.

example: Osama Bin Laden releasing videos just before or after something important is gonna happen in the Bush administration

5) by censorship, both implicit and explicit. Explicit censorship can be acted by suppressing news from the media stream.

Implicit censorship is better acted on internet by low ranking in search engnines, blog manipulations and/or restriction, limitating by technical means the access to uncontrolled sources of information.

A drawback effect of this form of censorship is that, for its nature, internet is yet for the great part not controllable.

example: The China Firewall / Pics of USA soldiers' coffins not allowed to enter the media stream.

All the mentioned techniques are used by a plethora of selfdefining democratic countries to control the way we perceive their lobbyistic management of collective goods. We quoted the United States just as the most selfevident example. Others are not better.

"The sleep of reason produces monsters." Francisco Goya

The motivation: Religion as opium of the people (Karl Marx)
The soidisant thief is motivated by religious concernings expressed by the actual Pope of the catholic church about Harry Potter.

The "undeniable news"

The theft of the last book (7 millions of copies are expected to be sold the first day of its appearance on the bookstores shelves) of Harry Potter's saga, one months before its publishing date.

Undeniability is because "if the editor had ufficially answered to the rumors, maybe they're real!", but also in absence of official answers, rumors continue to appear credible.

Such a news can be passed mouth by mouth, link by link all over the world

The information stream entry point

The "undeniable news" is posted on a mailing list on internet. This mailing list is read primarily by information security professionals and hackers of different kind.

- TOOLS

tor

free webmail account

Put together all the ingredients. Glue them with the poor english of the medium young bored wannabe and a minimum of technical depiction of the theft.

By using TOR (http://tor.eff.org) to anonymize the connection, create an account on a free webmail and post the message on the selected entry points.

Wait for the news to appear on mainstream media, leveraging on the fact that Harry Potter is a wellknown subject among people of all sort, that journalists love hackers related news, and that religious motivation is another intriguing attractive.

- CREDITS

http://news.bbc.co.uk/2/hi/entertainment/6225910.stm
http://www.reuters.com/article/entertainmentNews/idUSN2028966520070621
http://news.yahoo.com/s/nm/20070620/wr_nm/harrypotter_hacker_dc
http://money.cnn.com/2007/06/20/news/newsmakers/harrypotter_hacker.reut/index.htm?section=money_topstories
http://abcnews.go.com/WaterCooler/wireStory?id=3302244

http://lfpress.ca/newsstand/Today/Entertainment/2007/06/22/4280784-sun.html

http://www.news.com.au/entertainment/story/0,23663,21948797-7485,00.html

http://www.smh.com.au/news/books/hacker-reveals-potter-ending/2007/06/21/1182019255700.html

http://economictimes.indiatimes.com/News/News_By_Industry/Infotech/Internet__Telecom/Hacker_reveals_Potter_ending/articleshow/2140753.cms

http://www.ilmessaggero.it/articolo.php?id=3792&sez=HOME_SPETTACOLO

http://www.corriere.it/Primo_Piano/Spettacoli/2007/06_Giugno/21/harry_potter_finale_storia.shtml

http://www.metro.co.uk/fame/article.html?in_article_id=54200&in_page_id=7&in_a_source=

http://www.stuff.co.nz/stuff/thepress/4104229a6009.html

http://www.zataz.com/news/14333/Harry-Potter-and-the-Deathly-Hallows.html

http://www.elperiodico.com/default.asp?idpublicacio_PK=46&idioma=CAS&idnoticia_PK=417675&idseccio_PK=1026

http://www.elcomercioperu.com.pe/EdicionOnline/HTML/olEcUltimas/2007-06-20/olEcUltimas0411400.html

http://www.eldia.com.ar/edis/20070621/20070621180304.htm

...and counting...

this is reported from http://insecure.org

June 21 -- Our web servers are struggling to keep up with the load after press reports that a hacker posted Harry Potter spoilers to a mailing list we archive. We have no idea if the spoilers are true or not, and reading it could affect your enjoyment of the book! So you might prefer to pre-order the book and try to be patient until July 21 instead. But if you really want the spoilers, [...]

http://news.google.com/news?ncl=1117416748

108 news published talking about Harry Potter, the number of blogs reporting them is at the moment 9.791, may be it will continue going up.

Many TV news had reported it and the security guru Schneier wrote an entry on his well known blog http://www.schneier.com/blog/archives/2007/06/seventh_harry_p.html

- WORKAROUND

Stop believing everything you read in the news.

- NOTE FOR JOANNE ROWLING AND OTHERS WHO MAY BE CONCERNED

If you are pleased about the publicity feedback received from our operation and/or you have found our recipe useful, make a public greetings by donating to:

Electronic Frontier Foundation: http://www.eff.org

Free Software Foundation: http://www.fsf.org

TOR Project: http://tor.eff.org/donate.html.en

- NOTE FOR HUMAN RIGHTS ORGANIZATIONS

If you are a human rights organization you should care about psycological operation and information warfare mainly related with the right of free speech.
Please help keeping the provided PSYOP MATERIAL both in pdf and zip format available trough your website. The risk is that they disappear from the internet.

The documents
http://rs114.rapidshare.com/files/38768457/WAR-dot-COM_-_the_internet_and_PSYOP.pdf
http://rapidshare.com/files/38768826/PSYOP_in_21_century.pdf
http://rapidshare.com/files/38769127/information_operations_and_cyberwar.pdf
http://rapidshare.com/files/38769308/PSYOP_-_coordinating_worldwide_psychological_operations.pdf

The collection of all documents in PSYOP_MATERIAL.zip
http://www.momoshare.com/file.php?file=3e1e54d89867046019cb4c3a0ad0234b

This is our last communication about Harry Potter Hoax

Luther Blisset

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/