CHAPTER 1
That was why I loved technology: if you use it right, it gives you power—and takes away other peoples’ privacy. I was on my sixteenth straight hour at the main telcoms data-center for Bltz, the capital of Slovstakia. Those are both aliases, obviously. Unlike certain persons I could name, I keep my secrets.
Sixteen hours, for what my boss had assured the client—the Slovstakian Interior Ministry—would be a three-hour job. You don’t get as high as she did in the Stasi without knowing how to be a tactical asshole when the situation demands it.
I just wish she’d let me recon the data-center before she handed down the work estimate. The thing is, the communications infrastructure of Slovstakia was built long before the Berlin Wall fell, and it consisted of copper wires wrapped in newspaper and dipped in gutta-percha. After the Wall came down, responsibility for the telcoms had been transferred to the loving hands of Anton Tkachi, who had once been a top spook in Soviet Slovstakia. There are a lot of decades in which it would suck to have your telcoms run by an incompetent, greedy kleptocrat, but the 1990s represented a particularly poorly chosen decade to have sat out the normal cycle of telcoms upgrades. Because internet.
After Tkachi was purged—imprisoned 2005, hospitalized with “mental illness” in 2006, dead in 2007—the Slovstakian Ministry of Communications cycled through a succession of contract operators—Swisscom, T-Mob, Vodaphone, Orange (God help us all)—each of which billed the country for some of the jankiest telcoms gear you’ve ever seen, the thrice-brewed teabags of the telecommunications world, stuff that had been in war zones, leaving each layer of gear half-configured, half-secured, and half-documented.
The internet in Slovstakia sucked monkey shit.
Anyway, my boss, Ilsa, She-Wolf of the SS, promised the Interior Ministry that I would only need three hours, and the Interior Ministry had called up the telcoms ministry and given them orders to be nice to the Americanski lady who was coming over to do top-secret work for them, and give her everything she needed. I can tell that they laid it on thick, because when I first arrived at the country’s main data-center, a big old brutalist pile that I had to stop and take a picture of for my collection of Soviet Brutalist Buildings That They Used to Shoot You for Taking Pictures Of—hashtags are for losers who voluntarily submit to 280-character straitjackets (and sentences can too a preposition end with)—the guy on the desk sent me straight to the director of telcoms security.
His name was Litvinchuk and he was tightly wound. You could tell because he had his own force of telcoms cops dressed like RoboCop standing guard outside his door with guns longer than their legs, reeking of garlic sausage and the sweat of a thousand layers of Kevlar. Litvinchuk welcomed me cordially, gave me a long-ass speech about how excited he was to have some fresh foreign contractors in his data-center (again) and especially ones from a company as expensive as Xoth Intelligence.
“Wait, that’s not right word,” he said, in a broad Yakov Smirnoff accent (he had a master’s from the London School of Economics and I’d watched him do a TEDx talk where he sounded like a BBC World Service newsreader). “Exclusive? Illustrious?” He looked to me—specifically, to my tits, which was where every Slovstakian official I’d met addressed his remarks. I didn’t cross my arms.
“Infamous,” I said.
He smirked. “I’m sure. Miss Maximow”—he pronounced the w as a v, as they always did as soon as I got east of France—“we are all very excited to have you at our premises. However, I’m sure you understand that we must be careful to keep records of which contractors work on our sensitive systems.” He slid a paperclipped form across his desk to me. I counted to seven—more efficient and just as effective as ten—and picked it up. Nine pages, smudgily photocopied, full of questions like “List all NGOs and charitable organizations to which you have contributed, directly or indirectly.”
“No,” I said.
He gave me his best fish-face, which I’m sure was super-effective against the farm boys cosplaying Judge Dredd in the hallway. But I’d been glared at by Ilsa, She-Wolf of the etc., etc., and had been inured to even the hairiest of eyeballs.
“I must insist,” he said.
“I don’t fill in this kind of form,” I said. “Company policy. Xoth has negotiated blanket permission to access your premises from the Interior Ministry for all its personnel.” This was true. I hated paperwork, and this kind of paperwork the most—the kind that asked you questions you could never fully or honestly answer, so that there’d always be an official crime to pin on you if you stepped on the wrong toes. Lucky for me, Xoth had a no-exceptions policy that techs were not allowed to fill in any official documentation at client sites. I’d take notes on my own work, but they’d go up the chain to my boss—Ilsa, She-Wolf etc.—who’d sanitize them and pass them back to the Interior Ministry for their own logs, omitting key details so that we would be able to bill them for any future maintenance.
I did my best to look bored—not hard, I was so bored my eyeballs ached—and stared at this post-Soviet phone commissar.
“I will fill it out for you,” he said.
I shrugged.
He worked quickly, pen dancing over the paper. Not his first paper-pushing rodeo. He passed it back to me. “Sign.” He smiled. It wasn’t a nice smile.
I looked down. It was all in Cyrillic.
“Nope,” I said.
He switched off the smile. “Madam.” He made it sound like missy. I could tell we weren’t going to get along. “You will not get into my data-center until we have gathered basic information. That is our protocol.”
He stared at me, fish-face plus plus, clearly waiting for me to lose my cool. Long before Ilsa began her regime of hard-core stoicism training, I had mastered situations like this. You don’t get far in the DHS if you don’t know how to bureaucracy. I turned boredom up by a notch. I tried to project the sense that I had more time to burn than he did.
He held out his hand. I’d assumed he’d be a short-fingered vulgarian, but he had pianist’s fingers, and a hell of a manicure, the kind of thing that made me feel self-conscious about my lack of girly cred. “ID.”
Xoth gives us fancy ID cards to wear on client sites, with RFIDs and sapphire-coated smart chips and holograms, props for impressing rubes. I could knock one up in an afternoon. I unclipped mine from my lanyard and handed it over.
The pen danced again at the bottom of the form, and he turned the paper to show me. He’d added “signed, per, Masha Maximow” to the signature line. Good for you, Boris. You made a funny. What an asshole.
“We done?”
He carefully made a xerox on a desktop printer/scanner/copier—one that I knew five different exploits for, and could use to take over his whole network, if I wanted to—and handed it to me. “For your records.”
I folded it into quarters and stuck it in my back pocket. “Which way?”
He said something in Russki and one of the Stormtroopers struggled in under the weight of his body armor and escorted me to the data-center. I took one look at the racks and racks of hardware, zipped up my fleece against the icy wind of the chillers, and got to work. It was going to be a long three hours.
* * *
By the time I finally finished, I was freezing and swearing. My hoodie was totally inadequate and I suspected that my long-fingered vulgarian had ordered one of his Armored Borises to turn the thermostat down to sub-Arctic.
But it was done, and the test-cases ran, and so I got up off the folding chair I’d been hauling around the data-center’s corridors as I moved from one rack to another, tracing wires, untangling the hairball of grifty IT contractor shortcuts and fat-fingering.
Surveying my work, I had a deep feeling of … Well, to be honest, a deep feeling of pointlessness. I’d labored for sixteen hours—fifteen if you subtract meals and pee breaks—getting the Xoth Sectec network appliance installed, and all I had to show for my trouble was an inconspicuous black one-unit-high server box, mounted on the bottom shelf of the furthest rack (this was Xoth policy—put our gear in the most out-of-way place, just in case barbarian hordes topple our dictator clients and storm the gates, looking for mediagenic evidence of collaboration with evil surveillance contractors) (that would be me).
But now I got to celebrate. I looked over my shoulder and made sure I was alone—the RoboCops had made a point of standing behind me, watching my ass, as I dragged my chair around—bent down and touched my toes, feeling the awesome stretch in my hamstrings and the unkinking of my neck and shoulders as my hair brushed the ground. Then I stood, cracked my knuckles, plugged my laptop into my phone, and tunneled out to a network box I’d left in my hotel room that morning, making sure it was all charged up and successfully connected to the hotel’s wifi, which (see above) sucked monkey shit. I fired up a virtual machine on my laptop, choosing a container with a fully patched version of the latest freebie version of Windows, and used its browser to connect to Facebook.
The Slovstakian uprising hadn’t figured out that the only real use for Facebook in a revolution was as a place to teach people how to use something more secure than Facebook. All their communications was in a couple of groups that they accessed over Facebook’s Tor Hidden Service, good old https://facebookcorewwwi.onion, which was pretty good operational security (if I did say so myself).
Their problem was that they were way, way outgunned—as of now, they were facing down the best Xoth had to offer (at least, the best Xoth had to offer in its middle-upper pricing tier). Things were about to get very, very bad for the plucky demonstrators of Slovstakia.
The virtual Windows box in my virtual machine connected through the hotel’s network to Tor—The Onion Router, a system that bounced network connections all over the world, separately encrypting each hop, making it much harder to trace, intercept, or modify its users’ packets—and to Facebook’s hidden service, a darknet site based in a much nicer data-center than this one, in an out-of-the-way corner of Oregon with remarkably low year-round temperatures (ambient chilling is the number one money-saver when it comes to running a building full of superheated computers).
I alt-tabbed into my monitor for the Sectec box beside me, using an untunneled interface on my phone’s native network connection. That Sectec box could handle ten million simultaneous connections, combing through all their packet-streams using machine-learning models originally developed to recognize cancer cells on a microscope slide (fun fact!). Sure enough, it registered the existence of a stock Windows laptop in the Sofitel Bltz, communicating over Tor. It profiled the machine by fingerprinting its packets, did a quick lookup in Xoth’s customer-facing API to find a viable exploit against that configuration, and injected a redirect to the virtual machine on my laptop. I pinned the monitor window to the top of my desktop and flipped back to the VM, watching as the browser’s location bar flickered to an innocuous-seeming error message, and by flipping to a diagnostic view of the VM, I could see the payload strike home.
It used a 0-day for Tor Browser—always based on a slightly out-of-date version of Firefox and thus conveniently vulnerable to yesterday’s exploits—to bust out of the browser’s sandbox and into the OS. Then it deployed a higher-value exploit, one that attacked Windows, and inserted some persistent code that could bypass the bootloader’s integrity check, hooking into a module that loaded later in the process. In less than five seconds, it was done: the virtual machine was fully compromised, and it was already trying to hook into my webcam and mic; scouring my hard drive for interesting files; snaffling up saved password files from my browser, and loading its keylogger. Since all that was happening in a virtual machine—not an actual computer, just a piece of software pretending to be a computer—none of that stuff really happened, thankfully.
Now it was time to really test it. Sectec has a mode where it can scour all the traffic in and out of the network for specific email addresses and usernames, to locate specific people. I gave it Litvinchuk’s email address, and waited for his computer to make itself known. Took less than a minute—he was polling the ministry’s mail server every sixty seconds. Two minutes later, I controlled his computer and I was cataloguing his porn habits and downloading his search history. I have a useful script for this; it locates anything in my targets’ computers that make mention of me, because I am a nosy bitch and they should know better, really.
Litvinchuk was into some predictably gross porn—why is it always being peed on?!—and had googled the shit out of me. He also had a covert agent who’d searched my room; they had put a location logger on my phone using a crufty network appliance I’d already discovered in my epic debugging session in the data-center. I could have fed that logger false data, but I turned it off because fuck him sideways. I downloaded half a gig of videos of Litvinchuk in full-bore German heavy latex, gleaming with piss, then stood, stretched again, and shut my lid.
* * *
I’d started my adventure at 4 p.m. the day before. Now it was 8 a.m. and that meant that the demonstrations in the main square would be down to skeleton crews. Anyone interesting only came out after suppertime and worked the barricades in the dark, when the bad stuff always kicked off. That’s when the provocateurs and neofascists came out—often the same people—and the hard-core protesters had to work extra hard.
I called the Sofitel on the way back and ordered room service. All they had was breakfast and I wanted dinner, so I ordered triple, and gave up on explaining that I only needed one set of cutlery.
I arrived at the room’s door at the same time as the confused waiter. I waved at him and carded the door open, then followed him and his cart in. He was one of those order guys you saw around the hotel, someone who’d once had a job in Soviet brute-force heavy industry but ended up pushing room service trolleys when it all went to China. Those guys never spoke English, not like their strapping sons, who spoke gamer-international, the language of Let’s Play videos and image boards. “Dobre,” I said, “Pajalsta,” and took the folio from him and added a ten-euro tip—everything at the Sofitel was denominated in euros, ever since the local currency had collapsed. I hadn’t even bothered to change any cash on this trip, but I had bought a 10,000,000,000-dinar note from an enterprising street seller who’d been targeting the tourist trade. I liked the engraving of the opera house on the back, but the Boris on the front was a unibrowed thick-fingered vulgarian straight out of central casting. I kept forgetting to google him, but I was pretty sure he was being celebrated for something suitably terrible, purging Armenians or collaborating with Stalin.
My alarm went off four hours later. I found my bathing suit and underwater MP3 player and the hotel robe, made sure all my devices were powered down with their USB ports covered, and headed for the pool.
Swimming—even with loud tunes—always churns my subconscious, boredom forcing it to look inward at its neglected corners. So somewhere around the fiftieth lap (it was a small pool), I remembered what was happening that day. I did the time zone calculation in my head and realized there was still time to do something about it. Fucketty shitbuckets. I hauled myself out of the pool and toward a towel.
I perched, dripping, on the room’s desk chair and powered up my phone for a quick peek at the pictures of the screw-heads on my laptop. I had covered all the screws with glitter nail polish and shot clear pics of each one, with a little label beside it, so that I could easily verify whether someone had unscrewed my laptop lid and done something sneaky, like inserting a hardware keylogger or, you know, some Semtex and packing nails. I used an open-source astronomy package designed to match pictures with known constellations to verify two of the seven screws. The glitter patterns had become old friends by this point, since I checked them every time I’d been out of sight of my computer before powering it up again.
I booted it, pulled the towel over my head (to defeat hidden cameras), and keyed in my passphrase while going “AAAAH” medium-loud, just to defeat anyone trying to guess my passphrase from the sounds of my fingers on the keys. Xoth had an airgap room for really sensitive stuff, walls shielded with a Faraday cage, full of computers that undercover Xoth techs bought by walking into consumer electronics stores and buying computers off the shelf without ever letting them out of their sight. After being flashed with a Xoth version of Tails, a paranoid Linux distro, and having their wifi cards and Bluetooth radios ripped out with pliers, their USB ports were covered with 3-D printed snaps that couldn’t be removed without shattering them. You brought your encrypted data in on a thumb drive, requisitioned a machine, broke the seal, plugged in your USB stick and read the data, then handed the machine back to a tech to be flashed and resealed. Compared to that shit, I wasn’t all that paranoid.
Litvinchuk had been a busy Boris: my computer downloaded and sorted his own wiretap orders as he took the Sectec out for a spin. I looked through the list, and yup, I already knew a lot of those names. They were the people I was planning to meet for drinks in a few hours. I made a few quick revisions to my Cryptoparty slides.
Copyright © 2020 by Cordoc-Co LLC