Tuesday, January 29, 2013

Meet the 'real' Robin Sage and Provide Security's "Senior Research Analyst"

Avatar for alleged "Provide Security" Senior Research Analyst "Anna Ferreira" was taken from porn site, just like "Robin Sage": Tom Ryan's infamous and "fictitious femme fatale"

Thomas Ryan sells himself on the Internet as a "20-year security veteran" but in real life he seems to do little else but pull pranks and make up fictitious agents using pictures from porn sites.

"Call her the Mata Hari of cyberspace," Shaun Waterman reported in his July 18, 2010 Washington Times article "Fictitious femme fatale fooled cybersecurity."
"Robin Sage, according to her profiles on Facebook and other social-networking websites, was an attractive, flirtatious 25-year-old woman working as a 'cyber threat analyst' at the U.S. Navy's Network Warfare Command. Within less than a month, she amassed nearly 300 social-network connections among security specialists, military personnel and staff at intelligence agencies and defense contractors.

A handful of pictures on her Facebook page included one of her at a party posing in thigh-high knee socks and a skull-and-crossbones bikini captioned, 'doing what I do best.'
"'Sorry to say, I’m not a Green Beret! Just a cute girl stopping by to say hey!' she rhymingly proclaimed on her Twitter page, concluding, 'My life is about info sec [information security] all the way!'

And so it apparently was. She was an avid user of LinkedIn - a social-networking site for professionals sometimes described as 'Facebook for grown-ups.' Her connections on it included men working for the nation’s most senior military officer, the chairman of the Joint Chiefs of Staff, and for one of the most secret government agencies of all, the National Reconnaissance Office (NRO), which builds, launches and runs U.S. spy satellites. Others included a senior intelligence official in the U.S. Marine Corps, the chief of staff for a U.S. congressman, and several senior executives at defense contractors, including Lockheed Martin Corp. and Northrop Grumman Corp. Almost all were seasoned security professionals.

But Robin Sage did not exist.

Her profile was a ruse set up by security consultant Thomas Ryan as part of an effort to expose weaknesses in the nation’s defense and intelligence communities - what Mr. Ryan calls 'an independent ‘red team’ exercise'
At DEFCON's Black Hat Technical Security Conference - held in Las Vegas during July of 2010 - Ryan gave a presentation called "Getting in bed with Robin Sage."

His bio at the Black Hat website claims,
"Thomas Ryan: A 20-year security veteran, Thomas Ryan is the co-founder and Managing Partner of Cyber Operations and Threat Intelligence for Provide Security. The company was formed with the concept of the convergence of both physical and cyber techniques for Executive Protection, Advanced Red Teaming, Crisis Management, Threat Profiling, Threat Assessments and Penetration Testing. In his role, Mr. Ryan leads a team called Black Cell, a team of the most-highly trained and capable physical, threat and cyber security professionals in the world. Prior to founding Provide Security, Mr. Ryan had functioned as a security instructor for US Army INSCOM, USNORTHCOM, USSOUTHCOM and several other military and government agencies. His corporate experience has evolved from working at numerous security consulting companies. Mr. Ryan's passion for information security had him elected as the Chapter Vice President for OWASP NY in 2004, Board Member for NJ Chapter in 2005, then merging the two chapters in 2007 while still retaining his Board Member role in 2010. His contributions include participating as a co-author's of the OWASP Test Guide v2, and speaking at several industry events including the OWASP, INFRAGARD, ICCS, and ISSA."
The briefing for Ryan's July presentation states,
Given the vast number of security breaches via the internet, the experiment seeks to exploit the fundamental levels of information leakage—the outflow of information as a result of people’s hap-hazard and unquestioned trust. The experiment was conducted by creating a blatantly false identity and enrolling on various social networking websites. By joining networks, registering on mailing lists, and listing false credentials, the conditions were then set to research people’s decisions to trust and share information with the false identity. The main factors observed were: the exploitation of trust based on gender, occupation, education/credentials, and friends (connections).

By the end of this Experiment, Robin finished the month having accumulated 100’s connections through various social networking sites. Contacts included executives at government entities such as the NSA, DOD and Military Intelligence groups. Other friends came from Global 500 corporations. Throughout the experiment Robin was offered gifts, government and corporate jobs, and options to speak at a variety of security conferences.

Through this 28 day experiment, it became evident that the propagation of a false identity via social networking websites is rampant and viral. Much of the information revealed to Robin Sage violated OPSEC procedures. The deliberate choice of an attractive young female exposed the role that sex and appearance plays in trust and people’s eagerness to connect with someone. In conjunction with her look, Robin Sage’s credentials listed on her profile resulted in selection perception; people’s tendency to draw unwarranted conclusions in their attempt to make a quick decision. By acquiring a large number of connections, Robin had the ability to identify the individual who was positioned to provide the most intelligence based on their involvement in multiple government agencies. The false identity combined with carefully chosen false credentials led to a false trust that could have resulted in the breach of multiple security protocols.
Video of the hour-long presentation:

In July of 2010, Kelly Jackson Higgins reported at Dark Reading,
"Meanwhile, the real woman in the Robin Sage LinkedIn, Facebook, and Twitter profile photos has agreed to show up at Black Hat USA later this month to introduce Ryan for his presentation. Ryan says he confirmed that using her photo for the social network accounts was legal, as long as none of her personally identifiable information was used, and it was not. The woman apparently posed for photo shoots for a pornographic site, according to Ryan. He found the woman's photo by searching 'emo chick' via Google, a reference to the punk/indie style and music."
Ryan told a slightly different version of how he found the photos to Forbes reporter Kashmir Hill, who reported in November of 2011 that he "grabbed photos of a ­Lisbeth Salander-type from a pornography site after a Google image search for 'Goth girl.'"

In another article for Dark Reading - "Would 'Robin Sage' Have Made So Many Friends Without The Hot Pics?" - Higgins wrote, "In reality, the pictures were actually of a woman who posed on pornographic websites (but those who fell for her didn't know that part)."

Highlights [or high lowlights] from Old ReaperSec log /w Tom Ryan Lulz Nov 2011, posted on pastebin by former or still-current Project Vigilant "volunteer"/"hypertroll" Neal Rauhauser:
"Nov 21 20:46 wanna see Robin Sage's tits?
Nov 21 21:01 Only drug I have ever done was Ecstacy when going to raves
Nov 21 21:03 X is the shit !! A Few lady Gs , hot russian girls, some Deadmau5 or Armin Van Buuren
Nov 21 21:03 end up in numerous 3somes and 4somes
Nov 30 22:22 chif I feel like I need some drugs of somesort
Nov 30 22:24 we need them at a BlackHat Party
Nov 30 22:27 I hate the crash of MDMA
Nov 30 22:28 sleep 14 hours
Nov 30 22:28 I ended up in several 3somes and 4somes on MDMA
Nov 30 22:30 it's weird cause it takes like an hour to blow your load
Nov 30 22:31 One year at the DEFCON CDC Ninja Strike Force party they had nude hookers going around and these geeks paid them $20 to eat out hookers
Nov 30 22:32 I almost puked
Ryan posted a link to a profile of "Katya" at an alt porn site called Gods Girls. The @robinsage avatar can be found on her Personal Photos page.

I tried contacting the real "Robin Sage" on her real social media accounts, but she didn't respond. This is a more current photo of what she looks like today:

"Can you email me so I can ask you questions about Tom Ryan from Provide Security and your portrayal of Robin Sage for article that I'm working on?" I wrote the real Robin Sage, who never responded after I tried contacting her via Facebook and Twitter. "It's strange that no one seems to have actually reported on the woman whose photos were used to allegedly hoax Dept. of Defense and NSA employees...and I was surprised to see you protested Prop. 8 and would love to hear more about you."

In July of 2010, the pornographic model was asked, "[H]ow does it feel to be Robin Sage's alter-ego?"

"[T]otally kick ass! :)", Kat Karver aka "meeeowkat" responded in the July 7, 2010 formspring chat which linked to a myspace account called teez_bunny.

Kat Karver's real name is Katharine Cole, and her Facebook account claims she was born in Chiang Mai, Thailand. The infamous Robin Sage avatar can also be seen on her Facebook account [Editor's Note: I removed the link because my blog post was mysteriously scrubbed. Mike Stack tweeted that Tom Ryan "reported" me. I also removed a picture taken from a public site of Jen Emick, since she might have "reported" me, too] and Cole wrote that it was from her "dready days...", and one of her friends implies it was taken when she attended the Fashion Institute of Design & Merchandising. Cole's resume indicates that - when she's not posing - she currently works in retail, and volunteers at a homeless shelter.

A few weeks ago, Ryan "disappeared" from Twitter @tomryanblog, but his @providesecurity and @robinsage accounts - which are mostly automated - are still active.

"@LeidermanDevine sometimes I think a witch cast a drama spell on me @backtracesec," was Ryan's penultimate tweet which was sent to a law firm known for representing hackers and a sketchy security firm that Jennifer Emick @AsherahResearch worked with to out Anonymous hacktivists. Emick is an aficiando on Paganism and calls herself an "occultist." Ryan, Emick and a woman known as Mi-chelle - who used to tweet @ZAPEM - all appear to be "working" together to "social engineer" and chase Anonymous activists, but they spread "convolution" and many Twitterers believe they engage in fake feuds.

In August of 2012, Emick sent a tweet to blogger Seth Allen aka "Socrates" @Prepostericity claiming she had filed a personal protection order against Ryan, but then deleted it. She has referred to the PPO on other occasions, but gave strange reasons, at the time, for why she scrubbed it, and then she made her public @asherahresearch Twitter account private for a few months. Emick was with Anonymous in the early Scientology battles before seemingly turning against them; Ryan "infiltrated" an Occupy Wall Street mail archive, but now is friendly with many OWS activists; Mi-chelle allegedly told Andrew Breitbart in an email dated February 29, 2012 hours after his fatal collapse that she wanted to infiltrate Anonymous and "cause a rift" by "provid[ing] them with enough information to ultimately attack the left," and may be a source for the emails and phone calls regarding InfraGard leaked to http://par-anoia.net.

A few days before his last tweets, @TomRyanBlog cryptically tweeted, "I wonder what the record is for the most amount of people and most amount of women trying to SE a person at one time."

Avatar for alleged Provide Security Senior Research Analyst was taken from porn site

According to her Linked In profile - which was just recently scrubbed but can still be viewed at this cache link - "Senior Research Analyst" Anna Ferreira began working at Tom Ryan's Provide Security in June of 2012.

Ferreira's profile claims she was a Crypto Tech - short for Cryptologic Technician - in the US Navy for 6 years and 1 month from May of 2006 to May of 2012, and attended the American Public University System. According to its website, APUS is a private online university, which "consists of two online universities: American Public University (APU) and American Military University (AMU)."
"APUS’ origins reach back to 1991, when James P. Etter, a Marine Corps officer who taught at Marine Corps Base Quantico, retired from active service and launched one of the first 100% online universities, American Military University. AMU was designed to meet the unique educational needs of the military – transient, working adults needing a range of program offerings from traditional courses such as criminal justice to unique courses such as counterterrorism and military intelligence, which are not readily available at most institutions.

In 2002, after ten years of growth and service to thousands of students and hundreds of graduates, AMU expanded into the American Public University System, adding American Public University. APU is designed to extend the system’s outreach to better meet the needs of those interested in public service related programs, such as criminal justice, public safety, national security and other adult learners seeking to advance their education through a robust, online curriculum.
Ferreira's LinkedIn profile also claimed that Anna spoke four other languages: Spanish, Portuguese, Persian and Russian.

According to a January 2008 European Union brochure, Anna Ferreira was a member of the Portuguese Permanent Representation or Portuguese Presidency, but it most probably is not the same Anna Ferreira, provided the one at Tom Ryan's security firm even exists.

"Cryptologic Technician (CT) is a United States Navy enlisted rating or job specialty," an article at Wikipedia notes. "he CT community performs a wide range of tasks in support of the national intelligence effort, with an emphasis on cryptology and signal intelligence related products."

"Most CT personnel are required to obtain and maintain security clearances. Due to the highly classified work environment, it is not always possible to share resources with other commands, leading to their shipboard nickname, 'spooks'. Almost every detail surrounding the CT world from administration to operations to repair requires dedicated technicians with appropriate security clearances"
The LinkedIn profile also claimed that Anna Ferreira resided in McLean, Virginia, and a search on Google turned up a document posted under that name and location called "The Queen v. Julian Paul Assange," which was posted on July 7, 2012. Assange is the founder and editor-in-chief for the whisteblower website WikiLeaks, and Ryan frequently bashed both at his Twitter account.

The document is the transcript of a December of 1996 Melbourne, Australia hearing where Assange pleaded guilty to 24 computer-related hacking charges. "Justice Ross said he was satisfied Mr Assange had not used his skills for personal gain and so he would not hand down a jail sentence, instead ordering him to pay a reparation order of $2100," the Herald Sun reported in January of 2011.

A Google image search on the avatar on Ferreira's scrubbed LinkedIn profile reveals that it belongs to another porn model who calls herself "Bashful Brittany."

The photo was a crop of this picture of "Bashful Brittany" taken from the adult website hottystop.com or from her eponymous website:

The short bio for "Bashful Brittany" says nothing about working for Provide Security or serving as a Crypto Tech in the US Navy:
"Hey guys, glad you found me! Let me tell you a little about myself. I turned 18 six months ago, i'm only 5 feet tall and weigh 97 pounds!! I'm a true socal girl who loves the sun, shopping, hiking, and partying with my friends whenever I get the chance. I also LOVE modeling, it's fun to get dressed up, dressed down, and as you can see not dressed at all!"
More risque photos of "Bashful Brittany" can be viewed at her website - where she claims to be 19 years old - provided you become a member and trust her security enough to pay with a credit card.

Another LinkedIn profile for an "Anna Ferreira" appears to be taken from the same "Bashful Brittany" photo shoot, and can presently be seen at this link. This "Anna Ferreira" also appears to be wearing the same top, same earrings and posing in front of the same colored background.

The second "Anna Ferreira" LinkedIn page claims she currently works as a recruiter at Express Employment Professionals in the London, Canada area, and that she was formerly the Website and Social Media Manager for London Therapeutic Massage Clinic, but the only language she speaks is English. This profile is more detailed than the scrubbed one for Provide Security, and doesn't include anything that matches it.

Perhaps if Tom Ryan returns to Twitter under his name, he can provide a reasonable explanation for why the "Senior Research Analyst" for his security firm filched her photo from a pornographic website.

Wednesday, January 9, 2013

Did Adrian Lamo lie at Manning pretrial about calling police in 2010?

During his sworn in testimony on December 20, 2011, at the US v Pfc. Bradley Manning, Article 32 Pretrial, Adrian Lamo - who was convicted of computer crimes in 2004 - was asked about his institutionalization in April of 2010, weeks before he chatted with the former Army intelligence analyst stationed in Iraq who allegedly leaked documents and a video to the controversial whistleblower website WikiLeaks.

On the same day Manning is said to have first emailed Lamo, Kevin Poulsen reported for Wired.com on May 20, 2010, "Last month Adrian Lamo, a man once hunted by the FBI, did something contrary to his nature. He says he picked up a payphone outside a Northern California supermarket and called the cops."
"Someone, Lamo says, had grabbed his backpack containing the prescription anti-depressants he’d been on since 2004, the year he pleaded guilty to hacking The New York Times. He wanted his medication back. But when the police arrived at the Safeway parking lot it was Lamo, not the missing backpack, that interested them. Something about his halting, monotone speech, perhaps slowed by his medication, got the officers’ attention.

An ambulance arrived. 'After a few moments of conversation, they just kind of exchanged a look and told me to get on the stretcher,' says Lamo.
At his blog, Bailey Carlson argued on June 16, 2011, that "Adrian knowingly included falsifications in his story."
"To put an end to wild speculation I decided to try to obtain a police report. I got in contact with Adrian (@6) on twitter and eventually had a short phone call with him about the incident. He provided me with very little and stalled when pressed about what led officers to authorize his detainment under a involuntary psychiatric hold law. He also dumbfounded me with circular logic on twitter when explaining why he didn’t remember the events leading up to his forcible hospitalization. Adrian was willing to give me the location and the sheriffs office to contact for further information – so I did.


I contacted the public records office of the Sacramento Sheriffs office and they were able to confirm that they had a record of the incident I described, however they were not able to release the police report due to HIPAA privacy laws. After some research online I had found enough evidence to convince me that HIPAA applicability to police reports were questionable at best so I contacted the Public Information Officer at the Sheriff’s Office and outlined my case.


The Sacramento Sheriff PIO told me that on April 27, 2010 at 3:40pm the Sheriff’s Office received a call from Adrian’s father who notified officers that his son had been over-medicating on his prescription medications and that Adrian had threatened to phone the police if his father were to take his meds away. He told the officers that Adrian was at the Safeway on 4040 Manzanita Avenue in Carmichael, CA just blocks from his home, and had been slurring his words and acting erratically. The officers were dispatched and looked for Adrian near the Safeway, however they did not find him and instead Adrian was picked up at 4:09pm by an ambulance belonging to American Medical Response. It is likely he was detained under Section 5150 of California Law which allows psychiatric hold for 72 hours, although it is unclear who authorized it and what happened after it expired and apparently Adrian was transferred to another psychiatric hospital. Sacramento Country Sheriffs office did not authorize a 5150 and can’t verify that that was the reason he was hospitalized. Paramedics and the fire department were also likely involved and could have made the decision
On July 29, 2011 - fourteen months after publishing Poulsen's exclusive on Lamo's institutionalization - Wired added an update which attributed some of the "details" in the first three paragraphs to Adrian, and noted that the Sacramento County "Sheriff's office was unable to find a record of Lamo phoning the police himself."
"[Update 7/29/11: We've clarified the headline of this story, and modified the text to clearly attribute the above details to Lamo. Since reporting this story, we've learned from police that Lamo's initial hospitalization in April 2010 came after Lamo's father phoned the Sacramento County Sheriff's department three times in as many days to report that Lamo was over-medicating with his prescription drugs, which may have had a profound impact on his speech and coordination. The Sheriff's office was unable to find a record of Lamo phoning the police himself. Lamo stands by his original explanation of the incident.]"
On May 23, 2010, as a search at archive.org reveals, the first two paragraphs of the Wired story appeared as follows, under the headline "Ex-Hacker Adrian Lamo Institutionalized for Asperger’s" which was later changed to "Ex-Hacker Adrian Lamo Institutionalized, Diagnosed with Asperger’s":
"Last month Adrian Lamo, a man once hunted by the FBI, did something contrary to his nature. He picked up a payphone outside a Northern California supermarket and called the cops.

Someone had grabbed Lamo’s backpack containing the prescription anti-depressants he’d been on since 2004, the year he pleaded guilty to hacking The New York Times. He wanted his medication back. But when the police arrived at the Safeway parking lot it was Lamo, not the missing backpack, that interested them. Something about his halting, monotone speech, perhaps slowed by his medication, got the officers’ attention.
"Your parents became concerned and called the cops numerous times about your drug usage?" Lamo was asked at the December 20, 2011 pretrial by Manning's civilian defense attorney David Coombs, according to journalist Alexa O'Brien's transcription.

Lamo answered, "That took place, yes."

"In April 2010, you were involuntarily institutionalized after you called the police?" Coombs asked, and Lamo replied, "That is correct."

Defense (Coombs): Remember why you called the police?

Lamo: Due to dispute over the possession of my medications.

Defense (Coombs): Thought someone stole it out of your backpack? In fact, you thought someone stole your backpack?

Lamo: Yes.

Defense (Coombs): Police did show up?

Lamo: There was an officer response.

Defense (Coombs): You were arrested?

Lamo: That is consistent with the course of events.

Defense (Coombs): You were institutionalized?

Lamo: As is usual in the state of California.

Defense (Coombs): May 7, 2010 you were discharged?

Lamo: That should tend to be correct.
Lamo seemed to have trouble answering questions with a simple "yes" or "no" at the pretrial, and his response "[t]hat should tend to be correct" stands out since it isn't a firm affirmative reply.

Since there doesn't seem to be any evidence that Lamo ever called the police, it's possible that he lied under oath, which at a civilian trial could be considered perjury, a felony offense. However, Lamo - a civilian - had volunteered to testify at a military hearing for the prosecution, and I'm uncertain about the possible ramifications or potential penalties, if a military judge agrees he lied.

There are other answers that Lamo provided while sworn in at the December of 2011 Article 32 pretrial, along with responses in press interviews - before and after Manning - and in an interview he conducted with a friend of Brad's which may be considered mendacious or deceptive.

As I noted in my October 4, 2012 article, "Bradley Manning Facebook friend was a security and risk management expert", Lamo interviewed Manning's friend Danny Clark, while he might have been working as a CID informant, and he appears to have misled him about the privacy of their chat.
"According to the December 20, 2011 Article 32 Pretrial hearing in U.S. v Pfc. Manning transcript, published by Alexa O'Brien - which she wrote 'was obtained from a respected journalist in attendance that day at Fort Meade' who 'wished to remain anonymous, but wanted the transcript to be made public - Bradley Manning defense attorney, military-appointed JAG Captain Paul Bouchard asked Special Agent Edwards, 'Anyone from law enforcement direct Lamo to have communications with Clark? Suggest it?'

'No,' Special Agent Edwards replied. 'No. We said he has no specific guidance to search, but if he does collect information, he should let us know. I think he knew there were other individuals involved and opportunities in that community with other hackers. If he was to discover anything, he should share that information.'

Captain Bouchard then asked, 'Was Mr. Lamo encouraged [to speak to Danny Clark, while acting as a confidential informant for the Army Criminal Investigation Command (CID) in late July of 2010]?'

'If he found something, yes of course we're interested,' Edwards responded. 'But tread lightly. Do not be deceptive. Don't do anything illegal.'

However, since Lamo later admitted while under oath that he had told Clark on July 21, 2010, 'Let's agree neither of us is gonna share these logs,' Lamo was deceptive, and, yet the Army CID retained him as a confidential informant for a year.
In a commentary The Guardian published on January 3, 2013, Lamo oddly wrote about "truths" as if it varied in the eyes of its beholders: "As with most things, there's more to it than the facts: I write this with the intent that you factor this into your narratives and truths on this issue as you best see fit."

Lamo bizarrely added that he couldn't necessarily "tell [the public] the truth."
"It wasn't that I didn't want people to know the truth. It was that I couldn't tell them the truth. I could only tell them facts, and facts without meaning are the very enemy of truth. I said once that lies have no rights against truth. I was wrong. In daily life, it's the truth that's disenfranchised. What fits the popular narrative, what makes an observer happy with the consistency of events, is what is believed.

I could give people facts, but only in a disjointed, abrupt way that would be absorbed by their perception as they best validated their respective storyline – for I had no better one to give them. Against that kind of validation, the truth is only ever a fringe theory. More convenient beliefs are the incumbent.
As I noted in my article, "Adrian Lamo and FBI Cyber Squad computer scientist Russell Handorf," Lamo wrote in a December 1, 2001 comment at Geek.com, using the header "i'm not a preacher or a traveling salesman," that "[t]wo people can look at the same event or person and come away with different conclusions without either having to be wrong — as long as this is the case, the world is probably still ticking."

In his 2013 commentary, Lamo claims that he "developed a disclaimer for conversations that might be entering dubious territory, involving elements of legal privilege available to the clergy and to the press."
"On its face, it is understandable that such a disclaimer, if not adhered to, would be overtly duplicitous. But when it was offered, there was no reasonable expectation that merely sentences later, I would be faced with the choice between interdicting the freedom of the man in the IM window, or gambling that no part of literally hundreds of thousands of classified documents would intersect harmfully with the life of any person affected by their contents."
In an accompanying Q and A, Guardian interviewer Ed Pilkington asked Lamo, "Early on in your chat with Manning you reassured him about your trustworthiness, telling him you were a journalist and a church minister and that either way he'd have legal protection against his identity being revealed. That was clearly misleading, as things transpired, and your critics have accused you of lying to Manning by promising him protection. Do you regret having done that?"

In his initial response, Lamo kind of ducked Pilkington's question:
"Professionally and personally speaking, it's not my function to have people arrested. That's something that would ideally fall to law enforcement. In this matter, the harm from the subject's continued freedom appeared to objectively be greater than the harm of interdicting him. The offer was never meant to be construed as a suicide pact, and no one had ever mistaken it for one.

In the specific context of the logs, it's also relevant to note that the offer was never affirmatively accepted – it proposed two possible conditions, and one was never chosen.
Pilkington then tried again: "I want to press you on this point. If a priest, or a journalist, promises to protect someone's identity or confession, they can't then turn round and say: 'Oh, you've told me something bad, therefore I'm going to turn you in.' By telling Manning you would protect him (whether or not he accepted your offer) didn't you make pact, a vow, that couldn't be broken? If I tell a source of mine that I will protect his or her identity, I mean it."

"The two choices aren't fungible," Lamo argued. "They're distinct things, each with their own set of boundaries."

Lamo again used the term "suicide pact" to explain his choice to leak the chats with Manning to the authorities and the media.
"In each case the law relating to privilege has exemption for exigent situations as the conscience sees them. Assuming the offer had been taken up and we'd gone forward – if I'd been a doctor or a counselor, the same would have been true – the law recognizes that privilege is not, as I said, a suicide pact. Meaning that once you enter into it, you're not bound to it no matter how much harm will arise. I'd have a much harder time saying with a straight face: 'Well, he told me about the largest classified material breach in the history of western intelligence, but I wasn't supposed to tell anyone.'"
Random House - via Dictionary.com - defines "suicide pact" as "an agreement between two or more people to commit suicide together," which - at the very least - seems to be an exaggeration of events, since Lamo's life wouldn't have been at peril if he - for example - leaked the conversations to the media, but kept Manning's name secret.

It's not the first time Lamo has used "suicide pact" when interviewed about Manning. In June of 2010, a blog called "Adrian Lamo – And ye shall know the truth" at www.adrianlamolies.wordpress.com referred to a BBC interview where he also deployed it.
"Still, now, Adrian is leaving us with quotes to the media that indicate he is tangled in his own web of lies. Specifically, as seen in a recent article by the BBC, after pitying himself and trying to defend his actions, he goes on to say 'I did tell him that I worked as a journalist. I would have been happy to write about him myself, but we just decided that it would be too unethical.' OF COURSE Adrian would be happy to write about Manning himself. It shows clear disregard for the seriousness of this case. It shows Adrian is instead too caught up with his own profiteering to realize the degree of severity that his selfish actions could result in. Adrian said himself that as soon as Bradley Manning gave him the information, that it was a 'suicide pact.' And yet he is quoted elsewhere saying that the decision was agonizing. Come on. Adrian has been so deep in his own shit for such a long time, that he can’t smell it anymore. The hacker community knows this.

Adrian says he feels bad and that he agonized over the decision to out Manning. But the truth is, he doesn’t feel bad and he knew right away what he was going to do with this opportunity. And, among other reasons, he says he went public with it because he felt Manning should know who flipped him? Come on, come up with something better. Manning would have known this straight away anyway- whether through logic or Adrian’s testimony in future court hearings. Adrian is a pathological liar.
"At the moment he gave me the information, it was basically a suicide pact," Mr Lamo told the BBC.
"He handed his name to US authorities because of concerns over US national security and because he did not want to be found to have been 'obstructing justice' in the course of any investigation.

'I didn't want any more FBI agents knocking at the door,' he said.
At her blog, O'Brien observed, "Lamo admitted in his sworn testimony that while he told bradass87 that none of their conversation was for print, he had already reached out to law enforcement on 21 May 2010."

On Twitter Pilkington told me that "Lamo was not paid for his commentary published by The Guardian or for the IM chat that I had with him," and that he "offered us his commentary, & we suggested an additional IM in which we could put direct questions."

In July of 2012, I asked Lamo some questions over Twitter about Neal Rauhauser, a Democratic operative who claims to have ties to the FBI, and who is notorious for spreading disinfo and outright lying. Rauhauser once "volunteered" for a security firm called Project Vigilant and told me in an email, "Lamo I have seen a couple of times in text chats hosted by PV. Never met him, never talked on the phone, we occasionally exchange sly insults via Twitter."

"After a search, it appears my NDA prevents me from confirming or denying whether any party has been CC'd on any PV e-mail," Adrian Lamo told me on Twitter, after first claiming otherwise, when asked about communications with Rauhauser regarding working on projects together, based upon his "general memory."

Lamo added, "I can say with authority that I have never received an e-mail concerning or addressed to that individual, with the exception of replies to queries concerning him from third-parties, spurred by this kind of inquiry."
"Lamo also told me, prior to checking his email account, 'I've never collaborated with Mr. Rauhauser directly or by proxy on any issue insofar as I'm aware.'

In another tweet, Adrian Lamo told me, '@ronbryn You can deny anything when you focus on explaining what you don't say at the expense of actually saying anything you'll back.'
On September 27, 2012, when asked about inconsistencies in interviews, Project Vigilant director Chet Uber told me in a Direct Message, "SPIN THE MEDIA OR THEY WILL SPIN YOU."

Before the "whole, unedited" [Editor's note: Many journalists and bloggers have argued that there appear to be sections missing.] chat logs were finally published by Wired.com, Lamo told Elinor Mills in a story published on June 7, 2010 at CNET.com - as I noted in my article, "More members from secretive, oddball Project Vigilant group revealed" - that, as she paraphrased, "sensitive information" Manning gave him "had to do with code words," and in his own words was "top-secret sensitive, compartmentalized information."

However, as O'Brien reported at her blog, "none of the charged documents in US v Pfc. Manning are TOP SECRET/Sensitive Compartmentalized Information."

"The logs are not in dispute," Lamo told The Guardian's Ed Pilkington in the recent Q & A.

As Lily Kuo reported for Reuters in December of 2011, "Investigator David Shaver said the chat logs from the computers of Manning and Lamo were identical except for occasional network drops that affected one computer and not the other. One set of chat logs had been modified slightly and may have been those leaked to the media, he said."

"Yes, at some point, chat log had been enabled, and they basically matched," Shaver testified - according to O'Brien's transcript - but it's unclear when exactly the log was "enabled" on Manning's end, and Lamo does have a history of hacking AOL.

As O'Brien noted, Special Agent Antonio Patrick Edwards, CCIU testified on December 20, 2011 that he was provided two thumb drives by an individual named George W. Shreik or Street [Editor's Note: I asked O'Brien a few months ago if any one knew the correct spelling of this "individual" but a year later she still hadn't learned it.] because "[c]hat logs provided during earlier interviews with Mr. Lamo were not the complete record."

O'Brien reported at her blog, "Adrian Lamo testified that he gave two thumb drives to SA Edwards, CCIU, which contradicted SA Edward's, CCIU, own testimony. When the military prosecutor examined Lamo, Lamo testified that he could not answer the military prosecutor about who he gave the two thumb drives containing the alleged chat logs."

Yesterday - on January 8, 2013 - Ed Pilkington reported for The Guardian, "Coombs said that the defense would be calling as a witness Adrian Lamo, the hacker who alerted military authorities to Manning's WikiLeaks activities, to give evidence about the web chat he had with Manning shortly before the soldier's arrest in Iraq in March 2010. The content of the web chat, Coombs suggested, would be used by the defense to show that Manning selected information to leak that 'could not be used to harm the US or advantage any foreign nation.'"