How to Stay as Safe from the NSA as humanly possible

3 replies [Last post]
notballin
notballin's picture
Offline
Neophyte
Joined: 2011/06/18

EDIT: May 22, 2018: Salt removed.
-Also, I've just remembered that I still have the pictures and who they were sent by, that were taken by the camera of the person that offered to help me take pictures for insurance (with the Go Wild license plate... who shouldn't have known that I didn't have a camera and that I used a flip phone). The pictures were transferred to me via gmail. TWO EMAIL ADDRESSES WERE USED INSTEAD OF ONE TO SEND ME THE PICTURES (sloppy sloppy, she used her real email address by accident...). Screenshots below in the evidence section. Though... at this point, I'm pretty sure that more proof won't affect the outcome of the situation (even if the email addresses (smoking guns) and license plate lead straight back to the perpetrators).
EDIT: I may be mistaken, it should make all of the difference, this is as good as it gets. (DROP THIS)

EDIT: May 20, 2018 (10:36 PM EST): RaT, check your shit. This isn't supposed to keep happening. Smile
(And if it's supposed to be funny, I'm not laughing considering the fact that whoever did this should be locked up in jail for 20 TO LIFE considering everything else they've done to me)
http://i.thinimg.com/img/3cg2.png
http://i.thinimg.com/img/3cg3.png
Mid. Edit. Right as I pushed it. (Does your server still have the Intel Management Engine un-neutered, RaT? YOU didn't ban me... so who did?)

EDIT: May 17, 2018 (Email Drop Counter): I am sending Offensive Security an email once per day. OSCP would distract me from thinking about how the government tried to MURDER ME COVERTLY (and got sloppy because they thought they "had it in the bag," and tried to bury evidence from sloppiness/cover it up after I went public and started leaking what I've seen AND tried to use RedZone against me (pit me against RedZone) to distract from this fact so they could succeed in burying all of the evidence in time (even used multiple uniformed police officers to gaslight me at SGT). They failed to bury all of the evidence in time). Obtaining proof successfully should have been... impossible. Umad, NSA? Am I your first failure? HOW HIGH UP DOES THIS GO (or is this just a "one off")?

Picture of twitter notification to Offensive Security (Notifying them in this manner seems to be the only way to have the issue rectified so I can return to my education, SINCE MY EMAILS BEING DROPPED/MY COMMUNICATION BEING FORGED BY A THIRD PARTY SEEMS TO BE A COMMON TREND. This was not my first option. I just want to go back to the class that I love.):
http://i.thinimg.com/img/3c9q.png

Thus far, my emails have been dropped for: 7 days in a row (despite having paid for class).
I've lost: 5 days of class time.
(No, seriously. This is real life. I'm sending this email once a day (just creates more evidence that something is terribly wrong). Either my emails aren't making it (google's reliability is what... 99%?) or Offensive Security's responses back to me aren't making it. http://i.thinimg.com/img/3crs.png)

CONTROLLING MY COMMUNICATION (by preventing it from making it) SEEMS TO BE A COMMON TREND THROUGHOUT THIS ENTIRE ORDEAL. Attempting to indefinitely delay the return receipt from Senator Ben Cardin's office? Dropping Offensive Security communications? Imitating RedZone's lawyer? Imitating the response of Zuckerman (severance agreement lawyer)? Preventing my communications regarding my severance agreement being negotiated (to force me to sign it)? Imitating Offensive Security and the EFF (evidence on RedZone's servers)? Preventing my original request to Senator Anthony G. Brown from making it? FLAGGING MY GITHUB THREAD THREE TIMES TO TRY TO SUPPRESS MY VOICE, THINKING THAT IT WOULD KEEP ME SILENT? This seems to be the last remaining control tactic (and I'm curious as to why Congress is dragging their feet about this despite being presented with overwhelming evidence. Maybe they don't have a procedure in place for what happens if someone actually collects evidence? I don't think anyone's ever made it this far before). It would also explain why they broke into RaT's server to ban me. the URGE to CONTROL my communication is too strong. Fortunately for me, it only works if I let it work.

Isn't the NSA supposed to be "monitor only?"

And is this an attempt to distract from THE REASON WHY THE GITHUB THREADS WERE FLAGGED (GASLIGHTING VIA A NATION STATE ACTOR/ATTEMPTED COVERT MURDER)?

I ask again:

Is this an attempt to distract from THE REASON WHY THE GITHUB THREADS WERE FLAGGED (GASLIGHTING VIA A NATION STATE ACTOR/ATTEMPTED COVERT MURDER)?

I'll ask a third time.

Is this an attempt to distract from THE REASON WHY THE GITHUB THREADS WERE FLAGGED (GASLIGHTING VIA A NATION STATE ACTOR/ATTEMPTED COVERT MURDER)?

... this loud enough for you?
... misdirection?
Million Dollar (Face Mask Destroying) Question: Will Congress allow those that targeted me to get away with attempted murder (not just abuse of power), even in the face of overwhelming evidence (government program? Misuse of a government program? "Unrelated" incident regarding misuse of government power?)? And while I'm at it, I might as well upload the request that I sent as a demonstration that all of the correct steps were taken (request assistance from a source of power higher than those targeting me, and preserve/collect evidence to support the claims being made).
-Forum Sliding seems to be in full effect.

I am being targeted by psychopaths that use NSA hacking and monitoring capabilities as a tool to obtain Narcissistic Supply from the targets/victims that they monitor (and, again, I've obtained proof so fuck you) via their emotional/physical reactions (like a toddler playing with an action figure). This is the TLDR of my entire experience (and should ensure zero wiggle room regarding the truth of what was done to me, as everything I've experienced falls within the idealization and devaluation phase of the narcissistic abuse cycle. The discard can't come fast enough). This entire situation HAS NOTHING TO DO WITH NATIONAL SECURITY WHATSOEVER and is the end result of what happens when a cluster b is CAUGHT RED HANDED. Pardon me while I confirm America's worst nightmares.

EDIT May 1, 2018: My request for assistance (regarding government abuse) has been received by the office of Senator Ben Cardin (and the contents of this thread have been included with it).
EDIT: May 5, 2018: I'm awaiting the "return receipt" that was sent with my request to the office of Senator Ben Cardin. It seems to be "stuck in transit to the next facility" and has been stuck for over three days (and the original package made it within 24 hours). Note that the facilities are under 50 miles from each other. The USPS tracking number is: 9590940234387275232912 and this receipt is needed as proof to ensure that the request actually made it to the senator's office. I've made an inquiry about the return receipt and it was "mis-scanned for the incorrect zip code," so it's now stuck in the facility and, according to USPS, will be delayed for at least a week (I shit you not, this is real life).
THIS ISN'T THE FIRST TIME THAT THIS HAS HAPPENED (and is not the first time I've experienced abuse via delayed or missing mail/packages). I've experienced packages being re-routed to different states before, for the purpose of delaying its delivery, and I've experienced packages that would say "delivered" (electronically) but never made it to its destination (and they weren't stolen). The errors that have and are occurring with my packages are not "simple computer errors." (This is serious. I wouldn't be doing this if it weren't.)
EDIT: May 7, 2018: Return receipt obtained.
EDIT: May 16, 2018 (11:45 AM EST): Why is my IP ADDRESS being banned for 15 seconds (up to 2 minutes ago) and unbanned before I post more claims of abuse by the government (causing power outages)? Why has this happened multiple times? (TriGun 403? I'm not supposed to know what RaT's ban page looks like... and I'm not using TOR (I'm being watched like a hawk and I'm not using it anyway).) You feelin it, Mr. Krabs? (that makes three)

May 17, 2018: Let's try once more to return to obtaining my education so I can continue to forge my life (being jobless and debt increasing as a result of the bullshit be damned, I'M GOING TO OBTAIN MY EDUCATION REGARDLESS). I found the payment link through my old emails and it seems to have an option to provide a new email address. I have MADE THE PURCHASE for 3 months of class time, but have not received an email confirmation or any response from Offensive Security. My emails are still being dropped despite making the purchase. If my emails to the institution continue to get dropped, it's a result of how the action that I have taken to return to my education, despite the situation, makes someone feel (which is "HIGHLY INSECURE").

The email I just sent contains:
-Screenshot of purchase from bank account (PROOF OF PURCHASE (drop this). )
-Drivers License (proof of identity)
-Paystub from previous company (proof of previous employment/proof of identity)
http://i.thinimg.com/img/3bpf.png
http://i.thinimg.com/img/3bpg.png
(Documents out in the open, my fucks to give are zero. Unlike the people that targeted me, I have the luxury of being fully open and transparent due to my refusal to step out of integrity.)
-My emails to the institution are still being dropped, which prevents me from going to class. Senator Ben Cardin: What... the fuck? HOW MANY MORE RED FLAGS OF CLUSTER B ABUSE DO YOU NEED (and why are you allowing the abuse to continue)?

The above being said, I've come to accept that the situation at hand is out of my control. I'm actively being targeted by cluster b personality disordered individuals (a conclusion that was reached based on the collected evidence of government abuse and the purpose/nature of the abuse) that are employed by the government (with proof of abusive acts that have and are still occurring by their hands) and it's going to take an act of fucking congress to pull them off of me.

To Senator Ben Cardin: Government abuse of power is still on-going and is actively being carried out against me in a covert manner. The individual or group that has and is targeting me has no intention of facing accountability and will continue to abuse their power against me covertly, despite this thread being public and you being aware of it (instances that have already occurred include, but are not limited to, intercepting and dropping my emails, forging email responses to me/impersonation, interfering with court proceedings, financial abuse, property destruction, ambient gas-lighting, ambient gas-lighting via uniformed law enforcement, attempting to suppress my claims by flagging my threads in high traffic websites to reduce exposure of wrong-doing, evidence burial to avoid accountability, wrongful termination (to avoid accountability), the works... though I CAN safely say that the NSA will need to put a bullet in my brain if they wish to make this go away without consequence). In the words of Andrea Fitzsimmons, and I quote, "it's never going to stop." She is right. It's never going to stop on its own, unless someone that has the power to do so stops it. That someone, in this instance, is you.
EDIT: May 15, 2018: To Senator Ben Cardin: As of today, I've collected enough evidence that correlates with the posted claims of abuse that caused my threads to be flagged three times in a row (didn't even need to step out of integrity to do so either). Details are below in the "Financial Abuse Example/Primary Gaslighting Tactic" section. I'm going to make your job as EASY as possible. Smile

-This website may be subjected to "forum sliding" techniques as a result of this thread being posted here.
-Updates have been moved to their proper allotted sections.

A picture is worth 1000 words, so I've posted proof that the threads were falsely flagged (and that I am the original author of all three, which were created and subsequently FLAGGED IN RAPID SUCCESSION) and I've posted below correspondence with RedZone's lawyer, "Ed Hartman," AND the fake lawyer letter that was given to me by my former employers. These screenshots are in the bottom half of the thread.

Original link is here:
https://github.com/corna/me_cleaner/issues/51 (ACCOUNT FLAGGED BY THE NSA TO REDUCE EXPOSURE)
https://github.com/corna/me_cleaner/issues/190 (ACCOUNT FLAGGED BY THE NSA TO REDUCE EXPOSURE WITHIN 30 SECONDS OF REPOSTING THE THREAD)
https://github.com/corna/me_cleaner/issues/191 (ACCOUNT FLAGGED BY THE NSA TO REDUCE EXPOSURE WITHIN 15 SECONDS OF REPOSTING THE THREAD)

-Proof of old thread's existence and account being flagged (the formatting is not as nice as what's laid out on this website, but proof is proof and Corna gave me permission to continue the thread personally):

Original Thread:
http://i.thinimg.com/img/39i0.png (proof of account ownership and it being flagged)
http://i.thinimg.com/img/39i1.png (proof of thread ownership)

Second Flagged Account:
http://i.thinimg.com/img/39k8.png (proof of account ownership and it being flagged)
http://i.thinimg.com/img/39k9.png (proof of thread ownership)

Third Flagged Account:
http://i.thinimg.com/img/39ka.png (proof of account ownership and it being flagged)
http://i.thinimg.com/img/39kb.png (proof of thread ownership)

I'd estimate that all three accounts were sequentially created; immediately banned (within 30 seconds of re-posting the thread after account creation) within a 30 minute period (excluding the original account's creation).

Thread Contents (the second and third account were reposts of the original thread's contents):
http://i.thinimg.com/img/39i2.png
http://i.thinimg.com/img/39i3.png
http://i.thinimg.com/img/39i4.png
http://i.thinimg.com/img/39i5.png
http://i.thinimg.com/img/39i6.png (The thread was flagged immediately after adding this update (possibly out of panic, definitely to reduce exposure), which details the extent of RedZone's involvement and the instances of government abuse that I've experienced. It also may have been frozen due to the nature of what's required to successfully pull off an extended gaslighting campaign)
http://i.thinimg.com/img/39i7.png
http://i.thinimg.com/img/39i8.png
http://i.thinimg.com/img/39i9.png
http://i.thinimg.com/img/39ia.png
http://i.thinimg.com/img/39ib.png
http://i.thinimg.com/img/39ic.png
http://i.thinimg.com/img/39id.png
http://i.thinimg.com/img/39ie.png (Corna's personal blessing/PERMISSION to continue the thread. The thread has existed for quite some time.)
http://i.thinimg.com/img/39if.png
http://i.thinimg.com/img/39ig.png
http://i.thinimg.com/img/39ih.png
http://i.thinimg.com/img/39ii.png
http://i.thinimg.com/img/39ij.png
http://i.thinimg.com/img/39ik.png
-I was reminded today that a picture of proof is worth 1000 words, to the kind soul that reminded me of this: thank you.

The threads were frozen when I posted my experienced car loss and results thereafter, the manipulation of my court sentence via remote hacking, and the extent of RedZone's involvement in attempting to cover up evidence. Their issue isn't with my idea of "shell whitelisting" (the ability to identify terminals that don't belong to the user). Their issue is with the surrounding details regarding how it came about (through their abuse of power, belief that they're above the law, and their willingness to use their capabilities to systematically destroy the credibility of their target/destroy the targets sanity/overload the target with stress so they can avoid any accountability of wrongdoing). It's safe for me to argue that I'm one of their first failures regarding their "system" of escaping accountability (and I don't wish to think about how many people they've successfully driven to suicide/criminal activity).

Terminal Denial Script/SHELL WHITELISTING (I came to fuck shit up):

#!/bin/bash
#WolfHound: Wolf Killing Dog
#Script created by SIGTERM (h2kchicken/notballin)
#How to use:
#Ensure that you have multiple terminals open, be they individual windows, multiple tabs, or multiplexed via TMUX.
#This script has only been tested with "bash" and "sh" specifically. Other shells have not been tested (though testing should be as easy as adding another loop and adding the binary name).
(( $(id -u) == )) || { echo >&2 "Not Root."; exit 1; }
d=`date +%Y-%m-%d`
t=`date +%T
clear
echo "$(tput setaf 6;tput bold)Checking Installed Shells : $d $t $(tput sgr0)"
cat /etc/shells
echo ""
echo "$(tput setaf 6;tput bold)Forking Loops : $d $t $(tput sgr0)"                                                                                                                              
sleep 5

while [ true ]
do
        for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
        do
                sleep 1
                killall "bash" -q -v -y 5s > /dev/null 2>&1
        done
done &  

while [ true ]
do
        for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
        do
                sleep 1
                killall "sh" -q -v -y 5s > /dev/null 2>&1
        done
done &

echo "$(tput setaf 6;tput bold)Begin tests by opening shells (as both a regular user and as a user with root privileges). $d $t $(tput sgr0)"
#In denying yourself the ability to open new terminals, you deny an attacker the ability to open terminals. The terminal that an attacker relies on during a hack resides on the user's PC.

---------------

My name is Carlos Royal and I'm being targeted by psychopaths that are currently employed by the United States Government.

I've witnessed several zero day exploits used against my computer. As a result of this, I've been the target of government corruption AND an extended gaslighting campaign THAT IS BEING CARRIED OUT BY CLUSTER B PERSONALITY DISORDERED INDIVIDUALS/PSYCHOPATHS and is designed to undermine the fact that the government got caught red handed breaking into my pc (when I was using an end-of-life system that had no management engine) by means of both attempting to erode my sanity/make me question my memory and attempting to pull me out of integrity (so I hand my power away/do something criminal-esque due to provocation and end up in prison/lose liberties or rights... to undermine the fact that the NSA got caught red handed). This post, which spans an experience of at least three years, is meant to combat the governments method/tactic of gaslighting (to escape accountability/acknowledgement of misusing government capabilities), by means of making my experience a public record (since the techniques/tactics employed rely on me staying silent due to doubt, fear, and "what if's"), and is highly beneficial to any security professional that reads it.

Mandatory backstory:

A while ago, I decided to challenge myself by attempting to obtain the Offensive Security Certified Professional certification in an effort to break into the penetration testing field. Over the course of 120 days, I managed to successfully breach and escalate on 16 systems within the OSCP lab.

Firefox Zero Day:

During my progress, I noticed unusual activity on my computer. I make heavy use of the Linux terminal on an everyday basis and I noticed that the Konsole application that I was using wasn’t the first shell that was open (it was the second Konsole application open, and I only opened one).

Upon further investigation, I noticed two bash processes running on my PC. Upon closing the one that I wasn’t using, my Firefox browser closed at the exact same instant. This leads me to believe that I was targeted by the FoxAcid system due to my activity from the OSCP labs and that the zero day exploit didn't use the proper escape sequence.

Firefox Binary Forking Observed Behavior (Added March 26, 2018):

I've observed that the Firefox browser will crash if any binary that it forks to has been killed by the linux "kill" command. Binaries witnessed thus far that have crashed my browser when killed by the kill command are "bash" and "dbus-daemon." Adding this section, as it's very important regarding the behavior of the zero day exploit that was used against my PC.

Also, the original instance of Firefox crashing when I killed its shell occured on an end of life Fedora distribution (which should not require a shell to run Firefox) and NOT on Arch Linux (which requires a shell to run Firefox). However, killing the noticed dbus-daemon process also killed Firefox (an incident which occured when using Arch Linux, which required a shell to run Firefox but did NOT require dbus-daemon to run Firefox).

Firefox Tip on Arch Linux:

In a pinch, the Tor Browser Bundle can be used as a replacement for the version of Firefox that exists in Arch Linux's package manager. The Tor Browser Bundle can be ran in Firejail with "shell none" (directly started without a user shell) The one in Arch Linux can not.

Tor Malicious Node Zero Day:

I utilized an Open-WRT router as the base of my build. From behind it, I built an Arch Linux “transparent TOR router” with a Raspberry Pi that was designed to fail-close (where if my PC could not connect to the internet through TOR, it wouldn’t be able to connect to the internet whatsoever). From behind this router, I rebuilt and used my new PC using the Arch Linux distro and an AMD motherboard. A few weeks later, after my build was complete, in use, and thoroughly tested, I observed on the “check.torproject.org” page (which was a page that I would check compulsively) that I “wasn’t using TOR.”

This would lead me to believe that the government is in possession of a risky zero day exploit that exists to target TOR only users. Instead of targeting the TOR network directly, it would seem that this exploit works at the modem or on the Local Area Network (since Raspberry Pi's have a secondary operating system (VideoCore, possibly the Intel Management Engine of embedded systems) that the user can't access) and intercepts and possibly redirects the user to a malicious TOR node that’s not on the TOR network.

NOTE: If you "attempt to browse" the check.torproject.org page and it attempts to resolve for an extended period of time when using TOR, you should probably reset your circuit. You're probably being unmasked and/or (most likely or, if entry node monitoring is employed) your connection to the check.torproject.org page is most likely being dropped.

Google Nexus 5 Backdoor/Ubuntu Touch OS:

A few months before I became aware of "me_cleaner," I attempted to use Ubuntu Touch on a Nexus 5 (unaware of the dangers of proprietary secondary operating systems contained within hardware or binary blobs of firmware), with the scripts listed below running as root on Ubuntu's console application. I observed on my blackbox (custom built) router that my Nexus 5 phone, even when the Ubuntu Touch Operating System had its wireless capabilities disabled/was powered off, would still pull a DHCP lease via wireless, even if I manually deleted the active lease. I also observed that my Wireless and Cellular signal would alter and disable at random times.

At this point, it's safe to assume that most proprietary hardware has a proprietary environment of some sort that the user does not have access to, that can be exploited by nation state actors. As upsetting as it is that Intel bundles everything with a proprietary backdoor, it may be best to "stick with the evil that you know" for the time being.

(Given my experience, I've concluded that cellphones are almost impossible to fully secure. The hardware required to develop a cellphone that can be trusted doesn't exist yet/exists in an extreme scarcity.)

DBUS Daemon Socket Exploit/X11 Socket Exploit:

The "bash" and "sh" Linux binaries aren't the only things that the government can target. They are also capable of targeting other things, such as the DBUS-DAEMON socket or the X11 socket on a Linux PC, to create a secondary session for the purpose of viewing, and perhaps interacting, with the target's PC. Things that can be done include, crashing GUI tied processes (such as security scripts running in konsole), crashing the GUI in general, viewing your keystrokes and monitors, etc. A home user's browser is one of the primary avenues of attack and can be targeted by state actors to spawn shell binaries (or any binary) or use exploits against the DBUS-DAEMON socket or X11 socket.

NOTE: This can be rectified with pre-existing open source software, such as firejail (read the man page, USE THE AUDIT FEATURE. It will TELL YOU WHAT TO FIX.):

firejail --rmenv=DBUS_SESSION_BUS_ADDRESS --private=/root/a/fake/home/directory/ --x11=xephyr --quiet --net=ethernet1 openbox

(Best practice would be to run each application with as few required environmental variables as possible).

Alternative to openbox, adding "nolisten local" to the X11 options of the X server running on a users system will disable abstract sockets (which should be sufficient in combination with a private tmp directory and private network spaces to use the PC's gui instead of nesting it).

If you're concerned about sandbox escapes (which do exist), this can be combated with the "kill" command listed below, as well as with socket monitoring (such as running "ss," with extra parameters, in a loop to tie processes to IP addresses). I've also found that renaming "dbus-launch" and "dbus-send" to "dbus-launch.old" and "dbus-send.old (Steam uses DBUS)" as well as qdbus to qdbus.old serves to stifle the sandbox escapes that aren't covered by the shell kill script. On Arch Linux, I've found that "dbus-daemon" was too risky to move in the event of a system crash, and that it was easier to prevent it from spawning (outside of the system or session process of dbus-daemon) by moving /usr/share/defaults/at-spi2/accessibility.conf to /usr/share/defaults/at-spi2/accessibility.conf.old.

Theory: The 3 letter agencies connect to a users pc through google IP addresses.

Attacks on Blackbox Routers:

I've recently observed unusual activity coming from my Arris Modem, which is connected to my hand-built router/firewall (running Arch Linux, Management Engine removed, the shell kill-script listed below in use). DNSMasq was used as a DHCP server, particularly for my TOR only traffic. BIG MISTAKE, as it has access to X11 unix sockets and can make DBUS daemon calls. It also listens on every interface, providing easy access to an attacker that's connected to the WAN port.

During one of my attempted uses of TOR, I noticed that my circuit would flat out reset and webpages would fail to resolve. I would have to manually reset the circuit. I believe that using DNSMasq as the DHCP server for the TOR only interface allowed for a malicious actor to DDOS the traffic of the interface.

dhcpd should be used in place of DNSMasq for optimal safety if creating a blackbox router unless it's needed. Both should be sandboxed (firejail). Thus far, I've observed no negative effects with having wireless installed on the router.

Also, regardless of if you've deblobbed the Intel Management Engine/Disabled the HAP bit, don't use the built in motherboard NIC as the WAN facing interface. If you're using a motherboard as a router, don't use that interface at all. Stick to PCI NIC's (USB NIC's are prone to vulnerabilities that can be used to DDOS). That being said, the built in NIC of everything that sits behind the router should be fine to use if HAP disabled /deblobbed.

Zombie Tracking Cookies:

Firefox connects to the internet when opened, regardless of whether or not the user chooses to browse. Upon attempting to disable third party cookies, I noticed that there was a tracking cookie that was implanted in my browser despite the fact that I did no browsing. Previously, the only third party tracking cookie that I've witnessed was one belonging to "google." I theorize that the NSA's zombie cookies implant themselves when the user opens up their browser (which connects to the internet) and disguises itself as the site that the user visits first. Because I did no surfing whatsoever, the tracking cookie was disguised as a Mozilla tracking cookie. The Mozilla home page does not require third party tracking cookies. This exploit was spotted originally due to my use of an addon that self-destructs unused cookies after 1 minute. Before I found this cookie undisguised, I noticed that a "google" tracking cookie would continue to self-destruct every minute, despite me closing and re-opening the browser and not navigating to google. Catching it in it undisguised state some time later confirmed my suspicions that this was a zombie tracking cookie (which was most likely set to attempt to re-implant itself automatically whenever I opened my browser).

How Corna's Intel ME removal script no shit saved my skin:
AKA:
How to keep the NSA from breaking into your computer:

Because of the nature of the incidents that I've witnessed, I've designed a script that utilizes the killall command that will kill all processes specified that are older than 5 seconds.

killall "sh" -q -v -y 5s

This command, when run in a loop every two seconds, kills all shells ("bash" and "sh" specifically) that are younger than 5 seconds. So long as a terminal process that THE USER CONTROLS is already running, the user gains the ability to use their own terminals while denying access to terminals that are opened as a result of any exploits that are used against their computer. The terminal is THE HEART of pentesting, and in denying this resource to an attacker, it denies an attacker the ability to gain control over a users PC. The idea is to open a few terminal processes before running this command in a loop in a script (AS ROOT AND AS A BACKGROUND PROCESS, since a terminal manager's process can be "crashed"), and then connecting to the internet as normal. Your operating system is capable of defending itself (for free) with native tools.

This technique can be used for more than just stopping shells. It can also be used for sandbox escapes that occur through firejail. Common binaries that the 3 letters can target are "bash," "sh," "qdbus (kde)," etc. The kill command will work to stop the end result of Firefox forking to binaries on your system that it shouldn't fork to.

This can be tested ON YOUR OWN WITH A KNOWN VULNERABLE VM.
I actually ENCOURAGE anyone and EVERYONE to try this for themselves (I want to be proven wrong).

What's important to note here is that THIS IS USELESS WITHOUT THE INTEL MANAGEMENT ENGINE REMOVED FROM YOUR COMPUTER. No software solution will ever be a good enough solution so long as hardware backdoors/secondary operating systems exist within a users system. The Intel management engine contains an Operating system that shares physical resources with the target machine. Without Corna's removal efforts, I would be up the creek with no paddle. To obtain a better stance on PC security, open source security solutions must be used IN COMBINATION WITH CORNA'S REMOVAL SCRIPT/the removal of the Intel Management Engine. Both hardware and software security solutions must be used together.

I leave my post here for the security experts to judge for themselves (all attempts to take the appropriate channels to close the leaks, have failed spectacularly). Critique this logic, spin up a vulnerable VM, and TEST IT FOR YOURSELF.

----------

EVIDENCE PRESERVATION

Github threads are flagged.

UPDATE: April 3, 2018

-I am no longer employed by said company, so full disclosure is now possible.
-Individuals from my former company are involved in a cover-up and evidence of their involvement and knowledge of the incidents that have occurred exist on their exchange server, on my laptop, in their exchange server backups, and possibly on my laptop backups.
-I have declined to sign a severance agreement (which would erase all evidence in exchange for a minuscule amount of money. Lawyers have taken an active disinterest in assisting me with the severance agreement as well.)
-The organization that targeted me is NOT ABOVE USING FINANCIAL ABUSE to render a target silent (and has tried in the past... quite often). I have concerns that they may interfere with either my ability to find employment (because I will) or will approach my next employer.

The company that I worked for is an MSP company, known as RedZone Technologies LLC (2444 Solomons Island Road, STE 219, Annapolis MD 21401), that provides SECURITY AS A SERVICE to several clients (ranging from firewall installs to Alert Logic deployments, to audits of Edge Networks and Active Directory domains, Varonis, network equipment replacements, the works).

The individuals that work for the company and are actively aware of this thread and its contents (and have been for quite some time, arguably since this thread's creation) and have even PARTICIPATED IN/FACILITATED ACTS OF GOVERNMENT ABUSE are:

Bill Murphy (Company Owner)
James Crifasi (Former Employer)
James Miante (Senior Systems Architect)
Andrea Fitzsimmons (Project Coordinator)

To my company's attorney: This is the active cause of my "stress."
(EDIT: April 15, 2018, the "Lawyer" letter that was given to me by my former boss before my laptop was seized is most likely fake due to it being dated for 1 year in the future, and they weren't expecting to actually need a lawyer. Now they do.)

Recently, my laptop was seized, my active directory account was disabled, and I was placed on paid leave due to "stress" (in reality, it's because I began to seek evidence outside of my company's advice). Because of the nature of how this incident is playing out, I'm now making it a public note that I REPORTED TO MY EMPLOYER THAT THE MANAGEMENT ENGINE (which has been exploited before and can be used to gain remote access to a users PC) WAS ACTIVE IN MY LAPTOP AND ACTIVELY PASSING TRAFFIC, and did this via company email (which should still exist in company backups and on my laptop... so I'm sure they won't go missing).

I will repeat: THE MANAGEMENT ENGINE WAS ACTIVE IN MY LAPTOP DURING WORK HOURS, THIS WAS REPORTED TO SEVERAL EMPLOYEES AT MY COMPANY VIA EMAIL AND NOT JUST MY EMPLOYER. MY EMPLOYER ACKNOWLEDGED THE EMAIL THAT I SENT AS WELL, BY COMING TO MY DESK TO RESPOND TO WHAT I SENT. IT ALSO TOOK OVER A WEEK TO REPLACE THE LAPTOP THAT HAD AN ACTIVE MANAGEMENT ENGINE IN IT (which I didn't bother to replace, as I had plans to manually disable the management engine).

The company that I work for that provided me the work laptop currently does not employ any software that would interact with the Intel Management Engine, nor have I installed any software that would do so on my own.

I repeat:

The company that I work for that provided me the work laptop currently does not employ any software that would interact with the Intel Management Engine, nor have I installed any software that would do so on my own.

My laptop was POWERED OFF COMPLETELY and the NETWORK INTERFACE CARD WAS STILL PASSING TRAFFIC TO AND FROM THE NETWORK DESPITE THE LAPTOP BEING OFF AND THE HARD DRIVE BEING FULLY ENCRYPTED. THE ONLY CAUSE OF AN ACTIVE TRAFFIC PASSING NIC ON A FULLY POWERED OFF LAPTOP WOULD BE THE SECONDARY COMPUTING ENVIRONMENT, KNOWN AS THE INTEL MANAGEMENT ENGINE.

MY EMPLOYER FAILED TO REPORT THE POSSIBLE DATA BREACH AND IS ACTIVELY AWARE OF THIS THREAD AND ITS CONTENTS (that the Intel Management Engine is a secondary computing environment that can be exploited to potentially gain unauthorized access to a PC). MY EMPLOYERS AND CERTAIN PEERS HAVE BEEN AWARE OF THIS THREAD FOR ALMOST A YEAR, AND MY EMPLOYER HAS BEEN AWARE OF THIS PROJECT FOR OVER A YEAR, AS WELL AS MY ACTIVE EXPERIMENTATION WITH DISABLING THE MANAGEMENT ENGINE DURING NON WORK HOURS. Also, due to the fact that the laptop was immediately seized by my employer due to me seeking legal proof of the NSA's misuse of their government capabilities outside of the advice that my company had provided me, the laptop can no longer be trusted forensically and can no longer be considered forensically sound.

Again, my laptop was immediately seized after I made it known that I would seek the evidence of government abuse of power at a customer client site due to my employers gross disinterest in reporting the data breach. I was inspired to act on my own accord to seek evidence on my own due to my employers disinterest in an incident that threatens the safety of their network environment and my employers disinterest in assisting me with the abuse of power that I witnessed at Stinger Ghaffarian Technologies sub site (THE DATE THAT THIS INCIDENT OCCURED EXISTS IN REDZONE'S RECORDS, AND THE TIME IT OCCURRED WAS BETWEEN 6 AM TO 8 AM), who's building no longer exists, who's video tapes no longer exist, and who's incident I originally reported to my employer less than 6 months after it happened (my employers actively performed behaviors that were designed to discourage me from pursuing evidence required to prove the incident when it first happened). This incident in question involves a female by the name of Melody Leighton gaining unauthorized access to SGT's sub building, GCP. The building required DataWatch keycards to enter and SGT's surveillance video retention policy is SEVEN YEARS. This individual has also stalked me in other public places and at other job locations, where the only knowledge of where I'd perform work for clients formerly existed on RedZone's SHAREPOINT SERVER, which is a server that SHE SHOULD NOT HAVE HAD ACCESS TO AND THAT IS LOCKED DOWN IN AN MSP ENVIRONMENT.

This could be considered a case of "Love Intelligence" (known as LOVEINT) gone wrong (and yes, we have a prior history). SNOWDEN WAS RIGHT. The NSA's culture ACTIVELY PROMOTES using their capabilities to spy on love interests or ex partners and it would appear that several NSA employees gain unauthorized access to government spying capabilities to TO SPY ON AND STUDY THEIR INTERESTS ON THE DAILY. Given the events that played out at Stinger Ghaffarian Technologies as well, it's safe to assume that not even STALKING, HARASSMENT, OR TRESPASSING are off the table and that THIS INCIDENT WAS ACTIVELY CARRIED OUT WITH ASSISTANCE AND NOT JUST BY MELODY LEIGHTON ON HER OWN.

This incident is NOT THE MAIN ISSUE.

This incident is THE SYMPTOM OF A MUCH LARGER ISSUE WITHIN THE NSA THAT WAS NEVER RECTIFIED AND MOST LIKELY NEVER WILL BE RECTIFIED FROM WITHIN: THE ENCOURAGEMENT AND ACTIVE PROMOTION OF ABUSE OF POWER WITHIN THE NSA'S "CULTURE"

(if you ever end up dating someone and they reveal that they work for the NSA: RUN. They already know EVERYTHING about you and have STUDIED YOU AND YOUR METADATA CLOSELY using NSA capabilities for a VERY LONG PERIOD OF TIME, similar to how a PSYCHOPATH/CLUSTER B PERSONALITY DISORDERED INDIVIDUAL studies their CHOSEN VICTIM/SUPPLY SOURCE. I can also safely assume that the primary motivation for THE MAJORITY that choose to join the NSA is to gain a sense of POWER AND CONTROL OVER ANOTHER PERSON/GROUP OF PEOPLE via hacking techniques and through collected virtual data (to include the targets potential weaknesses and pressure points that can be used against them in instances such as BLACKMAIL, SMEAR CAMPAIGNS, AND (if the first two either fail or aren't capable of being used against the target) GASLIGHTING). This is why my cares have dropped to zero and why I refuse to back down. This is personal.)

Because of my employers lack of interest in REPORTING THE DATA BREACHES, as well as THE LAPTOP THAT WAS PROVIDED TO ME BY THE COMPANY BEING SEIZED/MY ACCESS TO THE COMPANY'S BUILDING REVOKED ONCE I BEGAN TO SEEK THE EVIDENCE I NEEDED TO PROVE GOVERMENT ABUSE OF POWER ON MY OWN OUTSIDE OF THEIR ADVICE, I have reason to believe that they are ACTIVELY ASSISTING IN PREVENTING ANY AND ALL INFORMATION REGARDING THE NSA/OFFENDING PARTY (THAT GOT CAUGHT RED HANDED) FROM ESCAPING THE COMPANY.

THIS IS AN ACT OF SELF PROTECTION ON MY PART, by reporting exactly what happened in a public space to ensure no corrupt or underhanded actions are taken on the part of my employers or anyone else involved with my employing company.

Why do I not have an exact date:

My Laptop was seized by my company and I do not have access to company email, which contains the date and time that the email notification of my laptop possibly being compromised was sent to my employers and fellow employees.

This makes two instances of me catching the NSA red handed, one of which occured ON COMPANY GROUND and was reported TO MY EMPLOYERS.

NOTE:

I WILL NOT STEP OUT OF INTEGRITY. I WILL NOT USE MY TALENT IN AN ILLEGAL FASHION. I WILL NOT SEEK THE EVIDENCE NEEDED TO PROVE MY CASE BY TARGETING REDZONE TECHNOLOGIES VIA HACKING TECHNIQUES OR ILLEGAL METHODS. EXPOSURE IS JUST AS EFFECTIVE IN FREEZING THE EVIDENCE REQUIRED.

OTHER SHADY INSTANCES OF ABUSE (will document as I think of them):

-I used VA Educational benefits to get certifications before ending up employed by RedZone. The ability of my school (The Vets Group) to take VA benefits was mysteriously taken away from them before I could complete the full certification course (leaving me "jobless" and without a source of money, similar to what is playing out now, which forced me to abandon the rest of my education via I.T. certifications to find a job, which I found at RedZone). Upon emailing this thread to Rhonda Smith, the program director (a few months ago), I received an email reply that said that their ability to accept VA educational benefits (THAT THEY NEVER SHOULD HAVE LOST) would be restored within a week to two weeks (evidence of this email should still exist in RedZone at the above specified locations).

-During my employment at RedZone, a "Mr. Robot" style cyber attack occured on one of RedZone's client's various servers (who I will not list publicly). It targeted several dozen Microsoft Server 2003 systems (end of life systems), deleted the system32 folder, and hopped from host to host. The attack left the client company crippled for a few days. The antivirus vendor was on the phone with RedZone all day trying to figure out how to neutralize the virus, and servers had to be restored from backup. This occurred BEFORE this thread existed and during this time I DID NOT HAVE A FUNCTIONING PC OUTSIDE OF REDZONE'S LAPTOP (which only contains work related tools) and I did not use TOR. I did not have a working personal computer during this time due to being in a "slump," trying to figure out why my various electronic devices kept "breaking." The end result of this attack proved to be very PROFITABLE for RedZone in the end, as a result of services rendered (end of life servers being upgraded) and new preventative policy programs (anti executable, RedZone had no prior experience with said software before this incident) being purchased and installed by the client for asset protection. This attack also occurred some time AFTER I made it known to my employers that I spotted the NSA in my home computer, created the "shell denial" concept (posted below), and experienced the TOR exploit (posted below) (their erratic behavior and questions the day after the firefox incident (listed below), as well as me being IMMEDIATELY ISOLATED from the main helpdesk area and placed into an office by myself, also makes me suspect they were ALREADY MADE AWARE OF IT before I even bothered to tell them).

-During my employment at RedZone, I've experienced various "unexplainable bugs" one of which occurred during a cutover for a company that I will not name publicly. This cutover involved a SonicWall SRA, to be used as a forward facing device that mediated between the internet and the client's various websites. Whenever I performed the cutover, a glitch would occur within the SRA that prevented traffic from passing (causing the cutover to fail). My former employers, James Miante and James Crifasi, knew what the issue was already (a corrupted ip address in the configuration, which required console access to the SRA to discover, and would be a sonicwall escalation ticket due to it being a bug), and the config file corruption only occurred whenever I gave the SRA internet access.

(Overtime, the agency that targeted me became better at hiding their abuse)

-OSCP Fake Ban/Falsified Emails: Thinking that it was a good idea to do so, I attempted to send Offensive Security (an organization that supposedly "champions" security and exploitation) details of the things that I had witnessed, but received no response. Months later after being prepared to return to OSCP, I found that I was banned and I wasn't given a reason why. Shortly after considering the release of all of this information (after inquiring about why they banned me), I received an email (still in my possession) from "Offensive Security Management" that they unbanned me and didn't want me to send them more details about zero day exploits. I theorize that my emails were either intercepted and that a shady agency was imitating Offensive Security Management (and, again, I'm in possession of the communications that have occurred between us. I wasn't given a reason WHY I was banned, and I was simply told to not send more zero day exploits to them). I also find it slightly suspect that I was immediately un-banned when I began to consider posting everything that I've discovered in a public space (such as this one). As I have zero cares left (I've gotten everything that I need from OSCP and care not if they ban me again), my student ID is OS-16134.

EDIT: May 3, 2018: I'm attempting to go back to OSCP (and I need to switch my email from a business email address that I no longer have access to to a free mailer. I'm getting no response from offensive security; my emails to OSCP seem to be getting dropped to prevent me from going back to studying hacking on my own. This isn't the first time that this has happened. (RedZone has provided me my emails from OSCP). Since the emails to OSCP (containing this thread) are being dropped, it is my belief that Offensive Security is not aware of the fake ban and fake emails that were sent during my employment at RedZone. It's also not in my best interest to pay for class until my email is switched, due to lab time starting immediately upon payment.)

EDIT: May 10, 2018: I've uploaded examples of emails that Offensive Security should have responded to. It is my belief that these emails are being dropped (and that someone is actively trying to prevent me from returning to my education). As a side note... if anyone is wondering, Offensive Security is the real deal and will give you a wealth of knowledge and capability in attempts to obtain a certification from them. (I'd estimate that 95% of the NSA's employees are rendered useless if a target doesn't have the Intel Management Engine on their system and they actually understand how penetration testing works).
http://i.thinimg.com/img/39uz.png (orders@offensive-security.com, this email should have made it and should have been responded to)
http://i.thinimg.com/img/39v0.png (help@offensive-security.com, this email should have made it and should have been responded to)

-Extended Gaslighting Campaign: I've been subjected to an extended Gaslighting Campaign (by nation state actors). I can assure every person that reads this thread that its contents have been SEVERELY WATERED DOWN. One verifiable instance of gaslighting with UNIFORMED POLICE OFFICERS would be on the day that I went to inquire about SGT's surveillance video footage and their retention policy (and on this day the person responsible for maintaining camera footage was not there, which halted the discovery of evidence burial for a day). There existed no good reason for uniformed officers to knock on my door on this specific day. This could be considered a mistake, which was made during a time of possible panic due to my act of seeking evidence outside of RedZone's "advice."

-Financial Abuse Example/Primary Gaslighting Tactic (THE UPDATE THAT GOT THE GITHUB THREAD FLAGGED, STARTING TO UNDERSTAND WHY... MISTAKES WERE MADE AND GASLIGHTING VIA A NATION STATE ACTOR -CAN- BE PROVEN):
--During the peak of the NSA's extended gaslighting campaign (before I made the mental shift of refusing to be broken down), after I crashed my vehicle due to a hit and run (being hit and ran) on the date of 09/04/2016, I attended traffic court (on the date of 10/27/2016). The judge was merciful (due to the fact that I lost my car) and sentenced me to pay a $50 fine. THIS FEE WAS DOUBLED IN THE ARLINGTON GENERAL DISTRICT COURT'S COMPUTER SYSTEM and the fee ended up being $100, despite what the judge ordered. The clerk of the court was "Steven R. Spurr," and this is NOT an incident of incompetence or a failure to enter the correct sentencing amount; the fine that the judge sentenced me to was ALTERED/INCREASED REMOTELY (this was not a computer glitch). I've attached the court receipt below, which will contradict the sentence that the judge gave me:
http://i.thinimg.com/img/3as0.png

--On the day of the car crash (on the date of 09/04/2016), there was a large utility vehicle with a giant arrow that was used (for "safety purposes"). I remember the driver of the vehicle expressing discontent and wondering "why he had to be out for such a minor accident (the entire road was clear and usable)." A "helpful person" also stopped and asked if I needed assistance taking pictures for insurance (I have a flip phone with no internet service package and no ability to pull photo's from it, the flip phone WASN'T OUT when she pulled up and asked if I needed help taking pictures. There were already emergency response vehicles on the scene and most people carry smart phones, which have cameras...). Her license plate read "Go Wild." I still have the pictures from her camera and the email addresses (there are two) that she sent them from.

maria.arnold06@yahoo.com (she accidentally used her real email, didn't she?)
http://i.thinimg.com/img/3cvy.png
http://i.thinimg.com/img/3cvz.png (this picture should also serve as evidence that the utility vehicle called to the scene was UNNECESSARY and that the driver of the vehicle's complaint was correct: he wasn't needed there. THE ROAD WAS NOT OBSTRUCTED BY MY VEHICLE.)

marias.stuff@yahoo.com (why switch what email was being used to send me pictures? U w0t m8?)
http://i.thinimg.com/img/3cxb.png
http://i.thinimg.com/img/3cx9.png
-It is my belief that the driver of the "Go Wild" license plated vehicle that asked me if I needed help taking pictures for insurance despite the fact that she should have had no knowledge that I DON'T CARRY A SMARTPHONE and CAN'T REMOVE PICTURES FROM MY FLIP PHONE followed orders without knowing why (where to go and what to do), but wasn't told to wait before sending the emails to my email account and, as a result, used her real email by accident (no really, why switch emails after being so "helpful...") and that THIS MISTAKE WAS POORLY MASKED by sending me a barrage of pictures in a separate thread from an alternative email address not tied to the owner of the original email address. It is also my belief that the purpose of the "Go Wild" license plate was to evoke an emotional reaction unfavorable to my situation, such as a VIOLENT OUTBURST, and that the purpose of the Utility Vehicle with the GIGANTIC FLASHING ARROW (despite the fact that the road was NOT obstructed) was to evoke emotional reactions of shame. Live bait? ...really?

If this isn't good enough for Congress to make a move, nothing ever will be. This is a smoking gun (and it has Cluster B written all over it).

Immediately after this incident, my cellphone's keyboard began to malfunction and spammed "7's" on the display with no input from me via the keypad. When I attempted to reboot the phone, it wouldn't turn on (I had to buy a new one, I purchased the same model) (not paying for internet != no internet connection).

--On the day that I junked my vehicle with a third party at the RedMan Fleet Services lot in MD (Redman Fleet Services, Inc., Shirlington, 2611 Shirlington Rd, Arlington, VA 22206), (easier than going through USAA insurance for a claim), a USAA car pulled in and parked next to mine (LICENSE PLATE: USAA19). I made an inquiry about why the driver was there. He stated that he was there to look at vehicles (then rattled off a list of vehicles that he was there to look at). 15 minutes later, the driver drove away and NEVER RETURNED (the tow truck that was sent to junk my vehicle was delayed for hours due to a traffic jam, and the towing facility was open during this time). The driver of the USAA vehicle NEVER LEFT THE VEHICLE THROUGHOUT THE ENTIRE EXCHANGE, despite being there to "look at vehicles." The driver seemed to not be from USAA and looked to be military (haircut style between the length of a high-and-tight and a medium fade; recognizable through the USAA cap and is regulation to be worn by active duty military, tattoo's similar to this image on the RIGHT forearm that tend to be picked up by Marines in Okinawa, weight of 150, light complexion).
EDIT: May 14, 2018: I have obtained the receipt from RedMan. While the exact date and time IS NOT CONTAINED ON THE RECEIPT OF PAYMENT DUE TO A "MIS-SCAN," the storage fee is $50 PER DAY and the vehicle arrived at the RedMan Lot on 09/04/2016. This would mean that I picked up my vehicle between 09/07/2016 to 09/09/2016 (most likely 09/08/2016). RedMan should still have camera footage of the incident (what is RedMan's video retention policy...). Here is the receipt (that has the date of my "purchase" cut off from the original scan at the BOTTOM LEFT CORNER, but should still be sufficient since the storage fee is $50 PER DAY):
http://i.thinimg.com/img/3arv.jpg

-Where is your shame?: Proof of abuse is more valuable than carrying the shame of falling into their abuse. I'D EVEN ARGUE THAT THE PEOPLE THAT TARGETED ME WERE RELYING ON ME HOLDING THE SHAME OF LOSING MY CAR AND STAYING SILENT ABOUT IT TO PRESERVE MY "SELF IMAGE," WHICH WOULD EXPLAIN WHY THEY MADE SO MANY MISTAKES AND HAD TO -F-L-A-G- -T-H-E- -T-H-R-E-A-D- TO REDUCE EXPOSURE.

-I believe that the proper term for the USAA vehicle driver and the "Go Wild" driver would be "FLYING MONKEYS," people who are unwittingly (or for a small sum of cash) following orders without understanding WHY. I also find it curious that military, specifically USMC (the branch that I used to serve in), was used in the gaslighting campaign ... this seems similar to the DEVALUATION stage of a cluster b abusive cycle.
-I have a few "gaslighting via metadata abuse" examples (with RedZone employee participation) but they're circumstantial at best and aren't solid proof. So they're being omitted.

--EDIT May 8, 2018: One more update (this update requires great emotional strength)
http://www.witn.com/home/headlines/39429132.html
I witnessed the incident that occurred in this headline (witnessed the death and how he died). I'm leaving the details of this out. What followed, however, was a stroke of bad luck. The first rescue osprey that responded to the scene broke down. A second osprey that responded to the scene transferred the corpseman to the hospital. So why is this relevant? DURING MY WAIT AT THE REDMAN LOT, TWO OSPREYS FLEW OVERHEAD WITHIN 5 MINUTES OF EACH OTHER (coincidence... right?). Again, I have nothing to lose by posting this.
The PRIMARY BREAD AND BUTTER technique of the NSA's ambient gaslighting is the use of vehicles. Overtime, the NSA has become better at hiding their abuse and has utilized utility vehicles (with several/an unnecessarily large amount of flashing hazard/utility lights, which were staged and used during my commute to and from work) instead of regular vehicles. While gaslighting by the NSA can't be proven (actually... at this point I'm pretty sure that it can be if it were to be investigated), I have nothing to lose by posting this. Posting this gives the general public a reasonable idea of how far the government will go to escape accountability (and they have an UNLIMITED BUDGET).

EDIT: May 11, 2018: https://www.theverge.com/2016/9/6/12813736/menwith-hill-gchq-nsa-satelli... ... I imply or suggest nothing short of: Aerial surveillance would prove to be very effective in launching a gaslighting campaign with vehicles against a target. An aerial satellite (unlimited budget/can afford to put a management engine in everything) would prove to be the most effective target tracking technique to exist on the planet. Better than "cellphone GPS" tracking, better than "car GPS tracking," better than manual tails, better than helicoptors. An "eye in the sky" would serve as one of the most effective ways to carefully position and arrange vehicles/teams of vehicles via cellphone orders. Nothing to lose by posting this either, I've gathered enough evidence and skill to get me THIS far, what have I to fear (and is this why my github thread was flagged three times in a row?)?

EDIT: May 13, 2018: Elements of the "techniques/tactics" of the "system" (it's a system, there's a method to the madness) used against me include, but are not limited to:
1) The end goal of making the target perceive a threat/perceive that their life is in danger
2) Maintaining a constant state of "Adrenal Fatigue" within the target
3) Instilling within the target the (false) belief that "there is no escape/nothing can be done about it and that the law can't help them" (examples include intercepting and forging email responses from lawyers, gaslighting with uniformed police officers via random tails and positioning officers directly outside of my window and near my vehicle, having armed security officers wait by the apartment complex's front door and open the door for me while staring blankly in the distance, the works)
4) Sleep deprivation techniques
5) The research of and repeated attempted exploitation of traumatic incidents in the targets past (discovered via monitoring the target and digging through the collected metadata of the target) to elicit a desired emotional state.
6) The end goal of the system used against me seems to be DESTABILIZATION: to cause an "outburst" or a repeatable pattern of "outbursts" in response to the perceived threats, constant stress, sleep deprivation, overloaded adrenal gland/adrenal fatigue, and constant "pressure" of having no rest from the techniques and tactics used. The end goal seems to be to manufacture the target as an artificial threat/to eliminate the targets credibility/to drive targets to eliminate themself.
This is the watered down version. Is this why my github threads were flagged three times in a row? I have a feeling that this system has been used multiple times against others (and if I didn't know any better, I'd theorize that the people using it enjoy it).

EDIT: May 13, 2018: It is my belief that the purpose of the abuse of power that I've experienced at the government's hands (which lead to me going public instead of being broken down) is to "MANUFACTURE" AN ARTIFICIAL THREAT to escape all possibility of being held accountable for any wrongdoing... and that this is being done due to nothing of worth being contained within my metadata to use against me. It is now also my belief that I'm not the first person that this tactic/technique has been used against, that this may be a STANDARD OPERATING PROCEDURE, and that the techniques and tactics are custom-tailored to the individual being targeted BASED ON THE TARGET'S METADATA AND DIGITAL FOOTPRINT.

The tactics and techniques used against me, unfortunately, have had the opposite effect vs what was intended (and I can rest easy knowing that the public should have a reasonable understanding of exactly how the government actually rolls).

Watered Down Accusation: given the nature of my experience and the events that have transpired, it would appear that the capabilities of the government are used for personal gain moreso than for national security threats (personal use outweighs job use) and have become much harder to justify.

-Another Financial Abuse Example: On the day that I went to purchase a new car, the original deal that the salesman offered was $280 a month for a 2017 Toyota Corolla LE. My credit score was acceptable. This had to be sent (through a computer system) to "Toyota HQ." The response came back through their computer system and I ended up paying $333 a month and was bumped one model down (to their base model, in comparison to the original offer of $280 for an LE Increasing the payment amount, sure... reducing the model in tandem with increasing the payment??????). THIS CAN BE INVESTIGATED, the numbers were COMPLETELY OFF in comparison to the original deal that the salesman wanted to make with me AND THE SALESMAN'S NUMBERS WERE CORRECT UPON ENTRY. This would be a good example of stealth financial damage: slowly nickle and dime the target overtime.

-Failed attempt at Crazy Making: I grew frustrated at RedZone for not taking the incident at SGT seriously. After James Crifasi failed to give me proper legal advice, I decided to speak to Bill Murphy about the incident. During the conversation, when I mentioned the github link, he expressed that he "wasn't aware of any github link" (evidence that I sent him the link to this thread exists at RedZone in the above specified locations). He also stated, when I asked about seeking legal action, that "that's SGT's issue." On this day, James Crifasi and Bill Murphy spent time "making phonecalls." They ended up passing me to someone from "warrior2warrior," and the female that began asking me unnecessary questions turned on a tape recorder (and I was very careful with how I answered them). One such unnecessary question was "do I own a firearm (I don't)." The angle that RedZone wished to use/build on was "PTSD" from Afghanistan. It failed MISERABLY.

This technique was QUICKLY SCRAPPED AND NO LONGER USED ONCE I MADE IT KNOWN THAT I WOULD SEEK EVIDENCE FROM SGT ON MY OWN ACCORD OUTSIDE OF THEIR "ADVICE." WHEN MY LAPTOP WAS SEIZED (which contains all of my collected evidence of NSA abuse of power) AFTER MAKING THIS KNOWN TO THEM, I WAS GIVEN A FAKE LAWYER LETTER THAT WAS DATED FOR 1 YEAR IN THE FUTURE (which I am still in possession of). On the day that my laptop was seized, the entire office was told to work remotely. The only person in the office was James Crifasi and myself. James Crifasi is the one that handed me the lawyer letter (that was dated for 1 year in the future and stated that they weren't aware of any person involved in the SGT incident and that they were concerned about my stress) after taking the company laptop into his posession. Because the letter that he handed me is dated for 1 year in the future, I can safely assume that their lawyer didn't actually write the letter (and had no prior awareness of it until I sent this thread to him directly).

-Redzone was aware that evidence of criminal wrongdoing was being buried at SGT (government abuse of power).
-I was fired because RedZone did not (and does not) intend to acknowledge the data breach that occurred on their servers or any of the incidents that affected me while I was employed by them. Moreso, they ACTIVELY ASSISTED the agency that targeted me on more than one occasion.
-I'm going to assume that they thought that firing me and pressuring me into signing a 4k severance agreement (no lawyer wished to help me with it) would let them legally bury the rest of the evidence of any wrongdoing in an easy fashion. I was supposed to believe that "I couldn't do anything about it." I was supposed to feel "powerless." I was supposed to stay "silent" and let them get away with it.

"Supposed" to, anyway.

DIFFICULTY IN FINDING LEGAL ASSISTANCE:

-Every lawyer that I approach (that responds) tries to direct the conversation away from legal action and towards non-legal action, similar to what my job did to me while trying to cover up evidence (I was told to contact the OPM, file a police report, call the FBI, file a restraining order, and the second I go to find that they're covering up evidence and that my employers don't want to acknowledge the data breach is the second I got fired). This is me making the ballsy statement that the organization that targeted me is actively approaching everyone that I ask for legal advice and asking them to not assist me (and that they approached every lawyer that I sent an email to asking for help with the severance agreement as well). I'm currently looking into finding a lawyer for wrongful termination as a starting point and I'm willing to bet that even this will be made difficult because of the claims involved.

One such example of gaslighting with lawyers would be:
Jason Zuckerman (Zuckerman Law), someone that I asked to assist me with the severance agreement that RedZone's "lawyer" sent me.
-After telling him that I would not need his assistance, he told me that he would "delete the emails that I sent him."
-After asking him for legal advice regarding my situation, I was told by "him" that "I do not know of any attorneys who handle this type of matter. Maybe try the ACLU." This is similar to the tactic that RedZone used against me, referring me to an organization that will not help me with the situation (I still have the emails).

-It would seem that posting the various abuses carried out by the state actor that targeted me in a public setting is the only thing that gives them pause. From what I've observed, the tactics used are designed to encourage me to believe that they "control the law" and are designed to encourage me to simply "give up" so they can get away with their crimes without facing accountability.

I've also experienced covert gaslighting/scare tactic techniques from RedZone's lawyer, for asking its clients (that I personally performed work for) to act as job references, despite following the lawyers instructions (and I question where the lawyer got most of the information of his "reports" from, because they weren't from RedZone's clients). They didn't work.

EDIT: May 4, 2018: Yesterday, I asked RedZone's lawyer to cease all forms of emotional communication with me during our email correspondences and to keep his answers to any requests that I make, which are reasonable requests, such as "can I have my emails from class (considering the fake Offensive-Security PWK ban and my communications not making it to the educational institution, the request was beyond reasonable)," to a simple "yes or no" (classic tactic: "get a rise out of/rile up" the plaintiff by appealing to the reptilian brain, collect evidence from the "emotion-fueled" responses of the plaintiff to discredit the plaintiff and the plaintiff's character). I had to rephrase this from "emotional communication" to a simple "yes or no" and my request was not acknowledged at all in any email response from RedZone's lawyer AND the responses seemed borderline psychopathic in nature so I'm keeping a paper trail. This tactic is similar in nature to RedZone's abandoned "PTSD" technique (that failed), and I'VE BEEN PONDERING WHY REDZONE'S LAWYER IS USING MANIPULATION TACTICS SIMILAR TO BOTH WHAT REDZONE STANDS ACCUSED OF (whom he represents) AND TO MY PREVIOUS EXPERIENCES (such as the court sentence manipulation of the sentencing fee that the judge passed down (which can be proven), which was designed to target my emotional state), despite "having been a lawyer for 35 years." The responses are uncharacteristic of a lawyer and his supposed legal experience would dictate that attempting emotional manipulation in this specific case (particularly because his clients have already been accused of using the same technique) would be a bad idea. THIS LEADS ME TO SUSPECT THAT HIS EMAILS ARE BEING FORGED (vs him not being good at his job... RedZone gave me a fake lawyer letter before seizing the laptop that contained evidence of NSA abuse of power (I still have the letter), so government abuse of power via imitating a legal representative doesn't seem infeasible) in a similar manner to the forged email responses sent to me from OSCP (that still exist on the laptop).

The name of RedZone's lawyer is "C. Edward Hartman, III" (Hartman Attorneys at Law) (116 Defense Highway × Suite 300 × Annapolis, Maryland 21401)
Below are screenshots of the request and subsequent responses (to the request to keep his responses to my future requests to a simple "yes or no").

http://i.thinimg.com/img/39ja.png (Emotional Bait)
http://i.thinimg.com/img/39lk.png (Emotional Bait, Full Context. Best if I include the request that I made, which was made in a reasonable and logical manner. Nothing to hide, nothing to fear right?)
http://i.thinimg.com/img/39jb.png (Request to cease using Emotional Bait)
http://i.thinimg.com/img/39jc.png (Failure to acknowledge my request)
http://i.imgs.fyi/img/39j3.png (After rephrasing the request to terms that even a 6 YEAR OLD could process and understand ("a simple yes or no"), the request is still completely evaded despite the request being explained in a REASONABLE and LOGICAL manner. The last sentence of his response (and the second to last sentence) is also nonsensical, resembles word salad, has zero context in relation to the request, is composed of vague and open ended deflective statements aimed at getting me to defend myself, and is uncharacteristic of a lawyer.)
(Either RedZone's lawyer is TERRIBLE AT HIS JOB or THIS ISN'T REDZONE'S LAWYER)
Bold Accusation: The severance agreement and the subsequent interception and deletion/manipulation of my emails to find legal assistance was intended to pressure me into "signing away all evidence" for a minuscule amount of money, and the severance agreement WASN'T SENT BY REDZONE'S LAWYER.

EDIT: May 10, 2018: I've uploaded the lawyer letter that was given to me by James Crifasi on the day that my laptop that contains evidence of forged emails, attempts to find legal assistance, notification that the management engine was active and in use on my PC, and correspondences that have occurred regarding this situation was seized. Note that the only person in the office when this letter was handed to me was James Crifasi and myself, everyone else was told to work remotely for the day. My active directory account was disabled the morning of (I checked before I entered the office). Also, keep in mind that, after my laptop was seized, I discovered that evidence of government abuse of power (that I notified my employers off... and observed their lack of concern thereof) was ACTIVELY BEING BURIED. SGT invested a lot into improving their network architecture... I personally performed the infrastructure changes with James Miante. I installed a Cisco 3850 switch stack to replace their end of life hardware and turned it into a wireless controller. A LOT OF MONEY WENT INTO IMPROVING THEIR BUILDING'S NETWORK INFRASTRUCTURE, and I went ABOVE AND BEYOND TO ENSURE THEY GOT WHAT THEY PAID FOR. The nature of their contract (which I will not post here) with RedZone means THEY SHELLED OUT A LOT OF MONEY TO MAKE THIS IMPROVEMENT. They were INVESTING in the building. Why suddenly close the building and destroy video footage that has a retention policy of SEVEN YEARS?
http://i.thinimg.com/img/39rb.png (High quality scan, observe that the date of this letter is addressed for ONE YEAR IN THE FUTURE)
(Nothing left to hide, I have enough proof gathered and posted to not care about any negative opinion towards me regarding this letter. Proof is proof.)

Update: May 10, 2018 (Burn Notice):
As a side note, I have suspicions that "Sydney Cromwell (Front Desk Clerk/James Crifasi's assistant)," "Stephanie (Accounting assistant)," "Chris/Christopher (Bill Murphy's assistant)," and "Anthony (MSP phone clerk's assistant, who also dropped a hint that his "girlfriend" used to work for the NSA at RedZone's annual party)," (employees of RedZone at the time of my termination) work for or are associated with the NSA (what is RedZone's video retention policy?). I was also given "advice" by Sydney to contact the OPM to file a complaint so it could be handled "in house."

So... Redzone assisted SGT with evidence burial (who has a video retention policy of 7 years, the only way to make the tapes disappear is by closing the building), the OWNER of RedZone, Bill Murphy, lied to my face about being aware of the thread (evidence of the sent email was saved by me, and within 15 minutes of sending the email to him originally, he had an "emergency meeting"), James Crifasi and Bill Murphy attempted to paint my experience and concern over the incident as PTSD related (despite being aware of the instances of government abuse of power), the "warrior2warrior" representative (who turned on a tape recorder to record my responses) gave me fake legal advice to "file a restraining order," JAMES CRIFASI GAVE ME A FAKE LAWYER LETTER BEFORE SEIZING THE WORK LAPTOP THAT CONTAINED EVIDENCE OF ABUSE OF POWER when the PTSD angle failed (after I made it known that I would find out if the tapes still existed myself), the POLICE OFFICER THAT RESPONDED TO MY CALL AT SGT seemed UNCONCERNED WITH THE BUILDING BREACH and gave me fake legal advice to "file a restraining order," RedZone fired me when I confronted them about the evidence burial and the management engine being ACTIVE AND IN USE ON THE WORK LAPTOP (RedZone knows what it is/what it does and silently tried to slide me an AMD laptop a week later), THE EMAIL RESPONSES FROM REDZONE'S LAWYER ARE BEING FORGED (meaning they haven't actually involved a lawyer AT ALL) AND MY ATTEMPTS TO FIND LEGAL ASSISTANCE ARE BEING INTERCEPTED AND DROPPED. Also BEFORE ALL OF THIS, DURING THE PEAK OF THE GOVERNMENT'S ABUSE, several instances of abuse were carried out to include THE ELECTRONIC MANIPULATION OF A COURT SENTENCE PASSED DOWN BY A JUDGE (good luck making this disappear). It would seem that the government will go to great lengths to prevent their abuses of power from being exposed, and the tactics that I've experienced seem to be psychopathic in nature. (Someone's bound to get the hint...)

-Where does the "liquid courage" stem from: My metadata is clean (as clean as it gets, the closest to an illegal data breach I've ever gotten was "licking the skin of an apple." I have yet to bite the forbidden fruit, so I, quite literally, have "nothing to fear" because I've done nothing wrong of worth and no-shit have nothing to hide), I avoid TOR for the time being (and previously, before I was aware of the management engine's existence, nothing observed via exposed TOR metadata is of any significance) due to this situation being unsolvable via "hiding" or "secrets" (the game is rigged and the deck is stacked via metadata abuse so the only winning move is NOT TO PLAY; being open and authentic is the only path that works here), and my -threat- level to national security SHOULD be relatively low/nonexistent. My crime is "catching the government red handed." Given the nature of the events that have played out, I've also began to question the nature of how the government picks and chooses its targets. From what it looks like, one could have nothing to hide and nothing to fear... and STILL BE TARGETED REGARDLESS OF NOT BEING A THREAT TO BEGIN WITH (LOVEINT nonwithstanding, this doesn't make you a -target-). It's almost as if THE THREAT IS BEING MANUFACTURED ARTIFICIALLY.
EDIT: May 20, 2018: The techniques and tactics used against me seem to have been designed to murder me "covertly." So there should be no threat to me physically.


TLDR:
1) The NSA's employees use their capabilities to spy on/study their "interests" so they can "increase their odds" of getting their dicks wet/muffs stuffed (LOVEINT).
2) If caught (using their capabilities in an unauthorized manner) or if they run the risk of exposure (as a result of getting caught), they use their capabilities to try to control "the situation (and the person)" by invading several facets of the life and social/employment circles of the person that caught them, so they can avoid all accountability. This is why RedZone was approached when I caught the NSA in my PC.
3) If this fails, the NSA then resorts to systematically destroying the target by any means necessary, be it financial abuse, inviting the target out of integrity, or mental torture via ambient-gaslighting to erode the target's perception and sense of reality, so they can avoid all accountability.
4) When trying to figure out the proper course of action, the person being targeted will be mislead and discourage, and emails will be intercepted and dropped, intercepted and a response to the email forged, or the person the email is sent to approached.
(The proper course of action is to go above them to someone that they shouldn't be able to manipulate)
5) It didn't work, and now I'm here with evidence, some of which has been buried, some that I managed to legally freeze, and some that they gave me for free in their failed attempt to reduce exposure by freezing my github thread and subsequent threads.
(Timestamps exist that will demonstrate that the threads were frozen when I posted my experienced car loss and results thereafter, the manipulation of my court sentence via remote hacking, and the extent of RedZone's involvement in attempting to cover up evidence. This occurred again during the first repost of my second created account, and with the second repost with a third created account. After the creation of the third account, I waited for two minutes before reposting the thread and its contents. The account was flagged within 15 seconds of being re-posted.)
6) The NSA has an unlimited budget.
7) The abuse is still on-going and is carried out in a covert manner. They seem to not care that this incident is public and they seem to not care that evidence has been collected.

EDIT: May 9, 2018: The techniques and tactics that are being used against me currently seem to be designed to "freeze me out." Despite being fully qualified, I've received no call backs regarding employment. Despite having every right to continue my education, I've received no email-responses from Offensive Security regarding getting my email address changed (and I want to continue my education). If anyone has any advice on this that doesn't involve "just work for the feds that tried to fuck up your life, bro (I'd rather be homeless or shot in the face)," please email me at carlos.a.royal@gmail.com (I don't care if it's done anonymously via guerilla mail over TOR). Any and all advice is welcome (because I also don't trust Congress to do the right thing and this may be a very long wait).

To RedZone:
Were you targeted too? Did you help them out of fear and CONSTANT reminders that you are being watched? Did you fall for the false perception and believe that it was better to not get involved/that nothing could be done about it? Did you believe the ability to prove abuse via a nation state actor to be "impossible?" Because it wasn't.

Andrea Fitzsimmons: Previously comfortable with who you were and what your weight was, then began going to the gym. Despite results, I noticed you unjunk messages from the SonicWall Email Security on more than one occasion, which was among several "spam" messages that were semi insulting, aimed at your weight, some of the titles straight had the word "fat" in them (one read, and I quote, "No one likes a fatty"), etc. How often have you had to un-junk SWES emails that would normally make it to your inbox, and how much junk mail related to your weight did you see? Do you use your RedZone email to buy products related to weight, or a personal email, where spammers shouldn't know to send weight-loss emails to your work email? Also, what was the name of the "OPM" investigator that you talked to? Did they leave contact information?"

Bill Murphy: After I sent you the link to the github thread, and "Sydney Cromwell" and "Stephanie" cleaned up the front conference room for your "emergency meeting" 15 minutes later, what was the meeting about? Was your car damaged randomly for no reason? What type of damage was it? This has happened to several people that I know, a friend who had his side view mirrors broken immediately after I considered going public with this information and a sister who had her apartment door kicked in. Did they threaten to ruin your business? Were you given a letter of National Security or was the entire thing off the books as a result of threats/intimidation? Also, WHAT IS REDZONE'S VIDEO RETENTION POLICY... because the faces of those that you had an emergency meeting with should be on camera (and the exact date and time of the meeting can be estimated based on the email that I sent you with the link to the github thread, which is stored in the evidence folder in the above specified locations... figured saving it would be useful).

RedZone In General: What is your opinion on the constant BGE power outages that affected your infrastructure? What is your opinion on the various BGE power outages that affected my ability to perform work while I was at client sites? There were too many power outages to consider them to be a coincidence.

Why am I asking these questions?
-It completely removes the ability of everyone involved to lie about the situation. The power used against me (and against RedZone) resides purely in the ability of the perpetrators to LIE.

"Would you believe that my first hacking interest involved breaking OUT of a network rather than breaking into one?"