ATS History: COINTELPRO and "WhispersInTheDark"

THE RETURN OF COINTELPRO

Play ominous music here

From the depths of the Internet comes a reminder of an interesting few weeks in the ancient history of ATS that almost cause the end of it all.

Yes... that's right... we're talking about... WhispersInTheDark!




(Posted with permission from www.illuminatirex.com...)

Well, there are certainly lots of rumor and mayhem related to this event that seems to have caused the first rumblings of claims we are "COINTELPRO". Since these are awesome efforts (and a riot), I asked permission to post these here so we can discuss this event.

For reference:
The WITD Whispers Thread
Whispers in the Dark--The real deal
POLL: WITD
COINTELPRO and ATS?

Let's take a walk down memory lane... Springer, myself, and any mods who were here during the WITD episode will do our best to answer your questions.

Good stuff SO

I was browsing this site back then and roughly remember this. Although I wasn't a registered user, I remember reading about it.

Nice post.

The "trike" notwithstanding, this is a great example of how to apply talent to conspiracy theory.

Honestly, the first time I saw this I was amazed that someone would put this much effort into such a loony idea. Upon further reflection it occurs to me that we shut down the WITD hoax so fast in order to keep the script kiddies from attempting to exploit the hole in the software that many questions were probably still "out there".

We didn't have the professional security services/software we have now when this happened. That was the main concern, the overall security of the site. There were several "back doors" in the early versions of the php stuff and people with less than honorable intentions were finding them everyday.

In any case this was brought to our attention by Pantha yesterday after she came accross it, I had forgotten about it and was very happy to see it was still around. It's a great historical piece of the "ATS Story".

Springer...

Ah... SOTT...

I think among all things, that was the worst fall-out from our heavy-handed attempts to shove the WITD episode out of view.

Our size and "success" will tend to make some people consider us a target in one way or another.

We never even paid much attention to SOTT until they used ATS content in a manner contrary to our Creative Commons License. The fiasco exploded into epic proportions after a simple request to comply with our CC license.


However, I wasn't aware of ATS=COINTELPRO going on at GLP! That's a new one.

So why do you think they are posting this now? Has it been up for a while?

It seems strange to me to accuse a site of “disrupting political dissidence”, when if anything it is encouraged.

Otherwise, I think the caricatures are funny. How did they know Simon was an alien?

LOL...I love the comic strip. Characatures are the highest form of flattery you know.

At least I think that's how the saying goes.

Good stuff.

It's been up for a while.

This seemed a very creative way to approach a subject that continues to inspire a lot of speculation from various sources.

And... I like his work!

I think that the big questions are 'who is witd', did the DoD IPs ever pop up again on the website? Why would the DoD send someone to pretend to have prophesized/leaked information such as that?

And also, while everyone knows that SO is a whizkid when it comes to computers, why was it so easy to stop the DoD's attempt to stir up problems here?

Also, did DR leave the site because of WITD, as is implied in the cartoon? If so, why?


Props to the person that made the cartoon!

"Who" is still unkown. It's clear that "he" was well-versed in all things ATS, as well as one or two obscure intel details that helped his "credibility". But in the end, he was nothing more than a script kidding taking advantage of exploits in an old version of XMB 1.6 still on the server at the time.



Since WITD was able to INSERT anything he liked into the database, we can assume he inserted interesting IP's with his posts. As we dug as deep as we could, it was clear that each of his posts had a unique IP address. I doubt any of them were his actual IP.



They didn't... he was just a hoaxer.



I just fake it real well.

Since "he" wasn't from the DOD, then all is moot. We blocked all the associated IP's, including his registration IP which was from a proxy server in the northeast. In addition, we altered one key database attribute which put a halt to simple XSS exploits that he seemed to be using.



Indirectly. He went "sour" because he never accepted our explanations for the event. It seems as though he made contact with WITD and was somehow convinced of his story, and that we (ATS admin) had a level of involvement. We tried (over and over and over) to explain how the database exploits were done, how WITD was able to read U2U's, how WITD was able to read posts in the moderator forum, and use all that information to really mess with people.

It's sad really. He was a productive poster and made some excellent contributions. In the end, he didn't believe us and it went bad from there.

A fascinating read on the history of ATS. It must have been an amazing time on the board, despite the unfortunate outcome. Though probably good in a way that the exploit was discovered.

My question is, how long did it take for you to realise that it probably was a hoax? Did you sit around for a while going "Wow, this is so cool!", or did you immediately smell a rat?

I guess a couple of points to finish off. Just because a user has a DOD or other interesting IP address doesn't necessarily mean they are here at the behest of their employer. I know a few people who surf ATS from such places, but out of personal interest only.

And I couldn't help but notice that after the copyright for the cartoon, Chris has written "For Disinformation Purposes Only". Hmmmmmm...

It actually took a while to figure it all out... but many of us noticed a strong rat smell right off.

Several members believe they saw the infamous Jakarta post before the event, and it contained no warning. I didn't see it, but a few moderators agreed... so somehow WITD was modifying the database.

Here's the part that had my brain in a twist for a while...

The traffic logs didn't show any activity to pages that a script kiddie would use to insert or modify database entries. In fact, they didn't show any traffic data from WITD on his posts. I was trying to find his actual IP in the traffic logs, since it became clear no data in his posts was reliable.

So, for a short-term fix, I simply altered one key attribute in the posts database table, making it nearly impossible for an XSS exploit to work. That stopped the madness.

Some weeks later, when I was doing some server housekeeping, I noticed an old directory... abovetopsecret.com/xmb ... It contained all the old, super-sloppy XMB 1.6 code from the previous server that I put in place when we moved to the new server, and XMB 1.8! I forgot about it... but some members where using it during our first move to a dedicated server. It was still functioning. That's where he accessed the exploitable scripts.

I think when it finally came to a head for me is that I was in a religion discussion forum thread with a member who I had been conversing with on religious matters for some time. I had come to know him fairly well (as far as electrons go) and adamantly felt he would have no part in this shinanigan. Anyway, this was a multi-page thread and I went back to find one of his posts to quote it in a post I was about to make and at the bottom of his post - just like in the WITD post! - was "Watch Jakarta" and there was NO edit tag in his post. Well, I had read the post before (that's why I was going back to quote it) and it had been made BEFORE the whole WITD Watch Jakarta fiasco and I knew damned well "Watch Jakarta" had not been in that post.

I u2u'd SO about it and I don't personally know how much that played into him finding out the database had been hacked, but I can tell you it played 100% into me realizing some one had jacked with people's posts!

[edit on 10-23-2006 by Valhall]

This is damn crazy stuff! Interesting like hell!

Anybody aware of this thread?
Bizarre Thing in Post
Starts like this:

Excactly one year ago on this date the above thread started and ran over an amazingly 39 pages, 763 posts and almost 20.000 views.
Except for he last two pages all the comments where placed within 72 hours. It was in the forum of "ATS Sponsored Games & Events", and the subject was figuring out strange messages appearing in posts.
The agenda of the thread soon became to solve the riddle, as litterally hundreds of members have had the same experience of strange messages appearing.

What is most amazing is this WitD showed up four times on the thread to post complete black blocks, that only when highlighted would reveal a sequence of numbers. Hence his name, I guess.

On page 37 of the thread, pid: 1790757, kenshiro2012 compiled them all, i.e. all that was reported to the thread, beside the four ones. A most extensive compilation.

Whatever message, if any, nobody figured out. Only goes to show WitD is still around.

Anybody noticed anything similar, faint grey letters coming and disappearing in their posts?
Or blocks of black, where the hidden text only come whispering when highlighted?

That thread was an ATS game.

Game over

Ahhh... 'the name which must not be mentioned'-

I remember trying to find some background info on this mysterious drama after first finding ATS (the start of my 3 years of lurking).

My interest was peaked, after seeing veiled references, every once in while, to "the member which must not be mentioned',and Gubmint involvement .

But alas,(IIRC?), the thread had already been removed.

Great to finally get the Readers Digest version.

And thanks for throwing the old threads out there, again, SO .

It will be great fun to read over it, especially, now that I know a little more about the site, and can recognize some of the names. (esp. since most of the names I recognize , are all Mods or SMods, now)

I remember really getting into that WITD game...I bet I logged 50 posts on that thread alone...it was great fun.

The thing I remember best was getting all wound up about anything out of place that I saw.

One thing that caught my eye was in wecomeinpeace's posts (I think) because there was always a dot in the bottom left hand corner which I sure took to be a clue.

It looked just like this...

.

Hmmm... Skeptic , do we need to be a RATS member to view these 3 threads?

Whispers in the Dark--The real deal
POLL: WITD
COINTELPRO and ATS?

I'm getting -

'Sorry, you are not permitted to view this forum'

when trying to access them??

I moved them out into Skunk Works.

Cool. Thanks SO , workin' , now.

BTW, I dig the new colors.

What's the occassion?

Further reading of the cartoon suggests that Dragon Rider was banned from ATS, which matches with their profile. Was the banning directly related to WITD, or was it a result of a "negative" attitude fostered by the belief that something was being hidden by the Three Amigos? The cartoon certainly suggests



What were these questions, and were they never answered, or was the answer simply not what DR wanted to hear?

I realise discussing the reason members are banned is unusual, but it is an unusual and interesting story. Thanks again for sharing SO!