Thursday, 11 June 2009

Surveying les French surveillance societés...

It is an interesting company: Kargus Consultants, the company that constructed the hacking transaction into the French laboratoire LNDD. A company offering industrial surveillance, according to, Kargus Consultants was founded on November 14, 2003: it has been out of business since October 22, 2007, only two weeks short of its fourth 'birthday'. Paying the price of its success?

Kargus Consultants indubitably provided the sole alleged 'hacker' – Alain Quiros – offering an info–tech commando squad that has made news for three prominent French 'hacking cases': the LNDD–'Landis' affair, the EDF–Greenpeace case, and one involving an activist French attorney (counsel to a French association of small–shareholders), not in that order. The French magazine Médiapart published a detailed article [Ww: controlled access], which was re–posted on the website/forum

The Mediapart authors wrote that they saw the dossier compiled by French Judge Cassuto. The dossier asserts that EDF commissioned the infiltration of Greenpeace, that the attorney's computer was hacked on behalf of Vivendi (corporation), and finally, the LNDD 'attack' leads down a trail back to Floyd Landis. By the way: in a Spyworld article, EDF [ED: with Google-translate available, WADAwatch will not often provide long translations] denied (as a corporation) ordering any hacking, however admits that one relevant contract was taken from one of its manager's office (thus implying it to be the act of a 'rogue manager'?) when searched by the 'authorities', and mentions some € 45K for these one or two contracts. EDF also reminds readers that a great amount of EDF 'security' comes from the French military, as protection of its 'nationally strategic' nuclear facilities. Normal for a 'company' that is owned eighty-seven per cent by the French 'State' (87pc).

One man really was the 'go–to' pivot man for the entirety of these 'affairs': Jean–François Dominguez. He brought 'the clients' to Kargus for each of these three affairs.

He was introduced to Quiros by the founder of Kargus (Thierry Lorho), during the early part of summer 2006, to receive instructions (and € 2,000.00) to commence the hack on the attorney's system. Both Dominguez and Lorho have ties to 'French secret service' agencies, although it is not presumed that they knew each other through those associations. It was Dominguez who had the 'slips of paper', which contained, for each case, an email address and list of 'keywords'... and Quiros claimed the actual work (against the Attorney) only took 'a few days'.

That payment seems to confirm the 'going rate' for Quiros' services, and matches the LNDD hacking charges... if true, those facts shoot down one of our WADAwatch theories, proposed in our earlier post, regarding hacking fees. Quiros also appears to be a perfectly successful amateur: this article claims Quiros taught himself 'hacking' (training was as a fireman!), and Mediapart/Linuxquimper quotes Quiros as saying the 'attorney hack' was his first 'illegal penetration' of a computer system.

Dominguez himself eloquently denied having Vivendi as a client: 'I do not know Vivendi, neither from close nor afar'... (what else would he say?) although Lorho confirmed his introduction of Dominguez to Quiros. Monsieur Dominguez is apparently an adventure–junkie: time spent in Iraq and other war zones, as photographer (with proof through published books) or as (.....), and appears, to have substantial ties to the French Secret Service(s). His former employment includes years as a Legionnaire, and various French security companies.

Turning to the LNDD case, Mediapart claims that the hacking events shared identical modus operandi: Lorho stated that, in September 2006, Dominguez passed a paper to him, for Quiros, with an email address and certain keywords, Lorho even stated that he 'folded the paper' and 'wasn't concerned with the contents' of that sheet. Lorho was he who'd told Judge Cassuto that 'Dominguez' clients were 'Anglo–Saxon or American'. Mediapart covered the known 'affaire Landis' in two paragraphs, mentioning his 'guerilla juridique' (taking the Spanish meaning of 'little war'), and then states the most interesting part of this article (Ww translation):

It was in this context that the journal L'Equipe revealed, in November 2006, that the Agence française de lutte contre le dopage (AFLD) had filed a complaint for «intrusion informatique» – and indirectly launched the affair EDF/Greenpeace. In fact, since the end of October 2006, mail and emails designed to appear as if coming out of the LNDD and signalling analysis errors from the laboratory were sent anonymously to WADA, the International Olympic Committee (IOC) and to certain laboratories accredited by WADA. However, these false (mails) could not be fabricated without having access to the real LNDD documents.

Mediapart does not expand their inflection regarding EDF and Greenpeace, and how the revelations of the LNDD affair brought forth that EDF/Greenpeace process. Intriguing, tantalizing, and yet unfulfilling, as to the interrelationships regarding the three French targets. Using the word 'anonymous' as to the emails described above, seems contradictory to the claims of Baker's involvement, which are discussed throughout the article.

It does pinpoint that, once the paper L'Equipe revealed this story, it didn't drop the bone: Mediapart claims L'Equipe 'assured that someone close to Floyd Landis was implicated in the diffusion of the false correspondence.' Yet this appears 'known' to all. Dr Arnie Baker never hid the fact that he sent OUT documents 'received from whistleblowers'. Anonymous falsified emails; Baker's whistleblowers' emails; which is it? Both?

One of the strongest arguments in Baker's favour could be this: anyone wanting to discredit some entity, to the point of sending out emails containing information that, as sourced, were acquired through clandestine operations, and if involved in their illegal acquisition, ought to be smart enough to take a CD to an Internet café, create a Gmail account, send out the documents to a list of email addresses, and then close the account, so as to sever any trace of the transactions.

Wouldn't only someone innocent send such emails out from his own computer?

Mediapart stated that:

The declarations of Messrs Lorho and Quiros support the thesis implicating the American cyclist's entourage in the pirating of the anti–doping laboratory. An implication that M. Dominguez refused to confirm. [Regarding a session in Judge Cassuto's court on April 7] he left it understood that, he himself, had done nothing but obey a mysterious order from a client ('commanditaire'), of whom he didn't offer the identity, who had given him 'une enveloppe kraft' that he'd only transmitted to [Quiros] via Lorho, the boss of Kargus.

Nowhere in the Mediapart article, is the crucial question asked: “to whom did Quiros physically give the information he procured through hacking into the LNDD email system?” Also unknown, is why Dominguez refused to state 'who' his 'Anglo – Saxon clients' were, when we know that Vivendi backed the hack into the lawyer's office, and EDF (or its rogue managers) paid for the hack into Greenpeace. One can only wonder if he was paid by 'someone' to 'state' that these were his clients, when in fact they didn't exist?

Continuing, Mediapart said:

“It was only after the fact, that we became aware of the gravity of the facts, and the nature of these actions, properly speaking,” affirmed Dominguez, who concluded: “We had discovered several months after reading L'Equipe that a laboratory had been the object of information piracy. We were perfectly conscious that this was an outlaw act, and that we were put in a position of indirect complicity of the infraction.”

The Mediapart authors didn't seem concerned enough by the evident contradictions to enunciate them: Lorho claimed a paper was handed to him, which he folded, while Dominguez claimed he'd passed an envelope. Dominguez, who'd paid cash for hacking by Quiros previously, apparently woke up 'months after' November 2006, when the L'Equipe articles regarding LNDD hacking began, to the 'reality' that his passing of requests for additional hacking may have legal implications. This from a man whose chequered past allegedly included time as a French secret service agent, a mercenary or war–zone photographer.

Rare, to find someone with an 'ON–OFF' naïveté button as distinguishable, apparently, as is that of Monsieur Dominguez. One thing that tweaks our 'Warning/Alert' knobs is that, apparently, these 'hacking' incidents weren't into the computer–filing–data systems, per se.

Quiros was given email addresses; thus he was hacking into email systems, probably installing a 'Trojan Horse' spyware program, and sifting the resulting data for applicable content, or attachments via the list of selected keywords. This is important: in our previous WADAwatch posts, our focus and thinking was directed toward the 'computer system' at LNDD itself. We presumed (wrongly) that the 'hacking' performances targeted the computer files of original accumulated data. One article, in fact, states that Quiros hacked into LNDD "... to recuperate the Landis dossier." But then, journalists often misplace 'facts': WADAwatch believes Quiros' statement itself.

So: 'documents in transit' were targeted – the contents of in–boxes and out–boxes – not the source locations of the files themselves. This is worthy of noting: the 'information' they 'hacked', was information that had already been sent either internally between one or several of the complainants' LNDD computers, or outward: to the parent Ministry, WADA, UCI or... to LNDD's favourite newspaper? Hmmmm... doesn't this increase the credibility of a theory that a true 'whistleblower' had acted? After all, we aren't informed how many people, in how many institutions, had received emails from LNDD prior to the hacking event(s).

WADAwatch finds it disconcerting that Pierre Bordry and L'Equipe want the world to believe that former French government secret service 'dudes' would take as clients, some 'mysterious Anglo–Saxons', and operate a hacking attack against their own government, who were the main source for their contacts and business. Given the idea of spending time, if 'caught', in a French prison, and given the concept that these men were otherwise protecting major French political and commercial interests against NGOs and activist lawyers, their leap across to Landis' rescue seems outrageously unbelievable.

Evidently, if 'Anglo–Saxons' paid for this, Dominguez should have charged some steeper fees, of which the € 2,000 payment to Quiros would be a mere fraction. We aren't told via the press if Lorho/Kargus received a cut as well, either above or from that € 2,000. If it happened as we are led to believe, perhaps it's no wonder that Kargus Consulting had to shut down operations in the Fall of 2007... their legal defense fees in these three cases may be higher than what they charged(!)...

However the events could have hypothetically come about through a different, perhaps slightly more logical scenario.

If LNDD evidence was as thin as we now know it to be (a T/E test thrown out by AAA arbitration; only one of four testosterone metabolites positive, and only within the margin for error, etc etc), certain French 'factions' that support LNDD in everything it 'achieves', could find it very easy to 'plant' a trail of evidence, via the use of former French secret service personnel, that would create 'damning evidence' (circumstantial) that would 'taint' the bad boy from Pennsylvania: especially after publishing those allegations via L'Equipe, whose unique role in the world of sporting/cycling news obviously remains a source of corporate pride.

Remember, on behalf of Dominguez' commands, Lorho/Kargus arranged for Quiros to hack:

  • an attorney who represented an association of 'small–number' citizen–shareholders, seemingly by command from one (Vivendi was named) multinational French corporation;
  • the French Government, in the 'moral person' of LNDD, by 'command of Anglo-Saxons' (aka 'Landis' entourage'), and;
  • an anti–nuclear NGO (Greenpeace), ostensibly by 'rogue managers' employed full–time by nuclear power–oriented, overwhelmingly State–owned (87pc) EDF.

Fishy? Not bloody likely? Or...?

Bordry wants Baker extradited (our presumption: he actually proposed requesting an 'international arrest warrant') to recount to Judge Cassuto 'his role' in the LNDD hacking affair. Perhaps Bordry should remember the phrase 'Follow the money'? How did Dominguez get paid, if paid from San Diego? Moreover, why did L'Equipe publish that Landis or his entourage was involved in the hacking, before the OCLCTIC (French 'Info–Tech police') knew that Kargus was the corporate source of the computer invasion? Having a 'link' to the receipt of emails from Baker is not evidence itself that Baker financed any hacking efforts. However, there's more than ample evidence of 'obsessive-compulsive' behaviour throughout these revelations.

Maybe 'the clients' were just another fiction, supporting the long line of (... vindictive?) stories from L'Equipe? Only Monsieur Dominguez really knows...


copyright 2009 Ww

No comments:

Add to Technorati Favorites