Australian Lefty on Politics, Governance, Science and Info Management

Accidental honeypot

Posted by Dave Bath on 2009-01-06

I should have realized that my post arguing against decreased funding of road safety programs in Israel and for cessation of violence in Gaza would be targetted by the US security services… but I didn’t think they would be so obvious that I could locate the probable source of the snooping so easily.

"How to save Israeli lives with bombs: target the pubs" could in no sense be arguing for violence, indeed it explicitly argues that lives can be saved, but I can see why it got the attention it did.

For very similar reasons, I’d expect that Conroy’s push for content-based filtering without proper oversight of blacklists might (unjustifiably) censor my post.

The filters have no sense of irony.

My list of referrals included the following:

A quick whois and traceroute then zoom in on the embedded map revealed the referring site: a machine apparently owned by Google (in the same suburb as their Googleplex, but not the same address), in a building that does have a nice picnic area and what looks like a solar panel (suggesting it could be Google).

But next to it is the Moffett Federal Airfield (a joint military/civil airbase that is home to the 7th PsychOps Group Airborne unit) and NASA Ames Research Centre buildings, in Mountain View, California.

A few minutes later, the same query parameters (but using the direct link in a new browser session to MS Maps not Google maps) took me to Nellis Air Force Base in Nevada instead, but still gave the domain name as

Very interesting!  I’ve never seen that happen before with a traceroute and geographic mapping of a static address!

Doubtless, before too long, there will be another peek by the spooks, but at this post because it references the earlier one.

It seems that the spooks have not learnt to be any more subtle than when I was being secretly "positively vetted" (including a break-in to my place and my ex-wife’s place, nothing stolen) back in the late 1980s, just before being asked to be tech lead of a project at DEWADL (Directorate of Electronic Warfare, Salisbury, South Australia).  The offer the day after the break-in was the giveaway, but the guy sitting in a car outside my place every morning so long each day there’d be a new pile of cigarettes by his window had already raised my suspicions.

(I didn’t take the job: after saying that (a) I’d already taken a military oath as a cadet medical sergeant, so (b) I’d build a shield but not a sword, they didn’t ask again.)

Other dumb things are unmarked "trades" vans full of electricians gear, with the guy in a lumberjack shirt reading The Age, then The Australian, and similarly with a large pile of cigarette butts outside the window.

Seriously, if our security forces and those of our allies are so darned incompetent at keeping their operations from being obvious, you have to wonder how incompetent they are at analysis of any information they obtain, and deciding what information you need to hunt for.

Come on you guys!  Get a grip!  I’d like to think we had decent security.


  • No special cracker tools were used… just simple whois and traceroute tools run as web applications at sites of commercial services providers.  A similar query for points to Nedlands, WA, for example.  Clone the URL, change the domain name, and find out where your website is hosted.

2 Responses to “Accidental honeypot”

  1. Lyn said

    The world is full of murderous psychopaths but societies use their resources finding out what people think about Israeli pubs.

    I guess murderous psychopaths must go to pubs.

  2. Danielle said

    They’ve been searching my site, too. Honestly, are they just wasting their time? I wrote a post that teased about getting my ass kicked if I ever tried to enter the fabled “Area 51,” it didn’t mean that I would actually do it…
    It just seems like a waste of tax payers dollars. Is it fiscal incentive to keep people employed?
    Sorry, if you get any further hits because of me.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: