1993-05-26 - a reaction to Mycotronx intelligence data

Header Data

From: ““L. Detweiler”” <ld231782@longs.lance.colostate.edu>
To: cypherpunks@toad.com
Message Hash: 853b2c1d89e2e7b3ab52e7b9982e7f698b48af459b8ed81facdcb9908bf5d123
Message ID: <9305260322.AA26827@longs.lance.colostate.edu>
Reply To: N/A
UTC Datetime: 1993-05-26 03:22:55 UTC
Raw Date: Tue, 25 May 93 20:22:55 PDT

Raw message

From: ""L. Detweiler"" <ld231782@longs.lance.colostate.edu>
Date: Tue, 25 May 93 20:22:55 PDT
To: cypherpunks@toad.com
Subject: a reaction to Mycotronx intelligence data
Message-ID: <9305260322.AA26827@longs.lance.colostate.edu>
MIME-Version: 1.0
Content-Type: text/plain


I'm disappointed at the *nonexistent* serious response to the Mycotronx
postings on the list (I guess we do have some new algebraic formulas,
though.) Apparently, these are just to hot for anyone to handle. I
think these should be getting our utmost scrutiny as a group for
tactical rewards. Are we at war or aren't we?

So once again I have to do some dangerous limbwalking because all the
other cyphersheep are clutching mommy's apron :). Okay, here goes. I'm
sure there will be many inaccuracies but I think it is better here to
be loud and wrong than to be silent and let it die with a whimper and
nary a peep. I'd like to hear other reactions surely much superior to
my own unauthoritative wanderings.

I'll put in many questions; if anyone has insights into them please
forward them to me and I will summarize (writing about each point to
the list will probably take up too much traffic).

* Also, if anyone can independently *verify* *any* of these pieces of
information, please say so.
* If you have access to databases that record relevant info from
accounts listed and that kind of thing, and aren't at risk in doing so,
please query them.
* What about the people listed? Ever encountered them?
* Interpretations of codenames and numbers especially of interest.
* The possibilities for a little creative and ingenious `social
engineering' (esp. with all the phone numbers in part 1) are absolutely
unlimited for some really nervy cypherpunks, but I'm not going to encourage it...
* Have there been any `repercussions' to the posting on cypherpunks? We
need to know how afraid people are of us. Tighter security?
Disconnected phone numbers? New code names?

In sending me mail, please tell me if I can quote you or your address
in the summary or just attribute it anonymously. Also, do not assume
that email is secure. If a PGP key of mine will make the difference
between your sending me email and not, I'll send it to you.

* * *

First of all, as a very preliminary opinion, it all looks believable
and plausible.  Ironically, there is almost too *much* information!

The first document was forwarded anonymously to the list by
nobody@alumni.cco.caltech.edu. Both documents contain some comments
apparently inserted by the source, the first only at the beginning, the
second at the beginning and in the middle. In the first a statement is quoted

>the 
>government wants us to trust to keep the Clipper design
>secret, don't know jack shit about security.

this comment makes sense in the light of a later message that
purportedly revealed the source of the data. The statement also refers
to `general ledger' probably referring to the second posting. 

The second posting came forwarded anonymously from nobody@alumni.cco. 
The contributor talks of leaving out account numbers.  Also made two
comments on the employee bonuses.

* * *

In posting 1 we have a great deal of very critical information on
people involved in the company, current projects, company contacts,
amazingly detailed cost/finance records. We even know their bank and
banker!  NSA contacts listed!  It's not clear that all these diverse
records would be stored in one volume of information. They appear to be
pasted together from various sources, with some continuity in places. 
A later posting also suggests the reason for this long-term `snapshot'
of company activity at the highest level.

The most critical `big-picture' elements of posting 1 are probably the
companies mentioned. It paints a clear picture of Mycotronx as a sort
of `middleman' in coordinating and contracting other companies to do
chip fabrication and testing, apparently with the NSA as their sole
customer.  AT&T was paid $100K under `Capstone Financial Commitments.'
The companies VLSI Tech (fabrication?) and Exatron (testing?) figure
prominently. Technical documentation by ELITE.

Most amazing is the list of employees and their occupations. If it is
complete, then it is remarkable in the number of employees, 10. There
is a wide range of occupations from engineer to secretary to president
that suggests the list may be complete.

Chips: posting 1 refers to MYK80 for testing. Many references to KG44B,
with several hundred thousand dollars worth of deliveries to the NSA. 
KG-48B appears to still be in testing phases.  Part of the `Outrunner'
project.  The `Outrunner' project figures very prominently, what is it?
 Maybe a specialized chip for Air Force security (appears to be
cryptographic because of KG-46 `Tactical Decryptor').  Capstone shows
up at the end under `Financial commitments'. It's not clear if Clipper
is referenced anywhere. There are many product codes that may refer to it.

* * *

In posting 2 we have an incredibly detailed, perhaps complete,
financial ledger for the company listing everything from employee costs
to office supplies.  An accountant would probably find it much more
readable than me.  Because of the probable single source, the
information is more focused (into financial categories) than that in
posting 1.  There are three columns in each series, beginning balance,
debits, and credits, supposedly for first four months of 93.

Series are probably some Federal or IRS categories for reporting.  It
is organized into `series' with 1000 recording various brokerage
agencies. This may reflect that employees have stock options in the
company. Other entries are customer and employee accounts receivable.
2000 series records employee benefits with `accued bonuses' of $341K
for the period (given 10 employees, this could be astronomical for
someone). Payroll is $343K for the period -- bonuses are as much as
salaries.  These are very high numbers for 10 employees.  Probably the
`upper echelon' of a few is making six figure salaries. 

3000 series lists more stock. 4000 series lists sales of $2.5M for the
4 month period.  5000 lists consultant fees at $47K, subcontracts at
$932K debited and $110K credited.  Direct labor for Engineering came to
186K, Technician 93K, Administrative 37K.  6000 lists a lot of
different categories (miscellaneous) mostly debits.  7000 series lists
another `special bonus' $132K debit, $123. 

Net money debited and credited at the end of the statement is given as
$12.5M for the four month period.  Finally the source lists some
`outstanding VLSI purchase orders'. It is not clear if these are owed
to Mycotronx or Mycotronx owes someone else, but in the first posting
the same figure $100K is mentioned for AT&T under `Capstone Financial
Commitments', so these are probably payments by Mycotronx.  In this
document we see that `Compass' is software, a total of $160K. Motorola
$76K, VLSI Tech (for the Capstone project) $212K. 

Myk78 (Clipper?) figures prominently with VLSI Tech:  $66K, fix $68K,
78A prototype $11K, 78A production $220K.  Also Myk 80 #1 and #2 $48K
and $33K, and Myk82 and Myk 79 (80K and 79K).  VLSI Tech `Expoteniator'
(sic?) $163K. The exponentiator might be a general purpose digital
exponentiator suitable for integration with many cryptographic
techniques (Diffie Hellman, RSA, etc.)

* * *

Battle plan: *If* Mykotronx is to be harassed, the things that might be
useful to focus on are the large bonuses. Where is all that cold cash
going? If it ended up in the hands of a few (or even one) it would not
be good PR, to say the least. Also, Mykotronx is clearly heavily
dependent on VLSI Tech, and the company does not appear to sell to
anyone other than the NSA currently.  So those are the jugular veins, so to speak.

I suppose if we were really extremists, like animal rights activists,
we might individually harass members of the company. I don't encourage
anyone to do this unless they do something to provoke it. However, a
little friendly getting-to-know 'em type interaction might be
interesting and help make sense of our current horde or glean other
information. In particular, if anyone in the company feels (shall we
say) undercompensated that could be another Achilles heel after they
hear how much bonuses are coming out (bonus? I haven't heard about any
bonuses! You heard of any bonuses?)

Following is the mostly raw undistilled stuff. As noted, please comment
on *anything* to me personally in email, and I'll try to organize,
compile, and make sense of it all.

Special thanks to the `anonymous' individual who was willing to risk
potentially severe repercussions to bring the outrageous secrecy
concerning the chip to glaring lighted public exposure and those who
went out of their way to help `him'. Hey, even though this person could
greatly benefit from Introductory Espionage 101 we love you anyway.
You'll probably be the main character when Cypherpunks get their own
sitcom or Monday Night Movie...

posting 1
========

* address, phone, FAQ of company
* bank that holds company account(s)? Shearson Lehman Brothers. Acct
#509 24261 12011.
* Fed Ex Acct #1122-7492-8
* List of employees names and occupations. There are 10 employees listed.

>Bob Gottfried, CEO
>Leonard J. Baker, President
>Ralph O' Connell, aka "The Father of COMSEC", NSA Lobbyist
>Mike Furusawa, Space COMSEC Manager
>Patti Linahan, Executive Secretary
>Kikuo Ogawa, Buyer
>R. Todd, W. Greenfield, KG-44B (Outrunner) Project
>John C. Droge, Personnel
>Bob Todd, Manufacturing Manager
>Landy Riley, Engineering

* Has anyone heard of an `NSA lobbyist'? This is very interesting.
Later O'Connell is listed as `NSA Contact'.
* Also, `COMSEC manager'? 
* `Buyer' of what? All major parts?
* What about the code KG-44B Outrunner project?

Under `Principle NSA Technical Contact' we have the NSA address
(`Maryland Procurement Office) and code 

>Attn: N244 (CEB) (MDA904-92-G-0354/J.O. 5001)

* Code names: what are these? People involved are clues. We already
know KG-48B is also `Outrunner' and 48B and 46 are related somehow. 
* 46 is a `Tactical decryptor unit' -- sounds like a military
application. Involvement of Air Force agents confirms it.
* What is `Computer Systems Command'? That would really nail it, probably.
* Capstone is being built by Mycotronx, right? It's likely Clipper and
Capstone are also named KG-?. I don't think KG-46 and 48B are Clipper
and Capstone due to the `tactical' Air Force involvement. Also, Clipper
is MYK78, right?

>KG-46 Tactical Decryptor Unit and
>KG-48B Outrunner Provisioning Conference participants:
>Robert Todd, Mykotronx
>Bill Greenfield, Mykotronx
>G. Burgio, NSA
>J. Gochnour, NSA
>J. Wimpy, Air Force Computer Systems Command
>S. Solis, Air Force Computer Systems Command

>To Be Discussed at meeting May 18 & 19, 1993

* This is an amazing piece of intelligence. These meetings were
scheduled *after* this posting appeared for us. I think there are a lot
of NSA agents having nightmares right now.
* It is not clear, but it may be that `Outrunner Project Milestone
Payments' were the subject of the May 18,19 meetings. (What is a
`milestone payment'? Is that an NSA term? Military?)  The meeting was
very likely on Outrunner given the rest of the information.
* The dates for payments are 2/14/92 (Preliminary Studies) to 5/13/93
(Deliver 4 KG-44B to NSA). What is a known project under those dates?
* Most categories refer to chip design with terms like VLSI and
`complete fab' and `complete tests', `crypto verif'. Also, is VLSI a company?
* Entires 11a,11b,13-17 are deliveries to the NSA, batches of 44B. What
is chip 44B? Very important. No deliveries of 48B to NSA listed.  Since
this is in the `outrunner' categories we now know that KG48B, 44B, 46
are all related. Also, the KG number appears to be some parameter on
the device code.
* What are these keywords: `Complete PDR' (preliminary design review?)
`Complete CDR' (concluding design review?) `SFA review VLSI'?

Next sounds like a `Invoice' for KG-44LSI. Mykotronx P/N M20/00301XXX

KG44 VLSI Procurement to 
>United Technologies Microelectronics Center
>Colorodo Springs, CO 80907

Can't  spell! The part I like is  ``Secret item handling''. The invoice
is fairly small, refers to Group B and Group C testing (?). Also a
statement `export of this product is controlled by U.S.  Disclosure of
related technical data to foreign nationals without the appropriate
export license is prohibited by law.'

Test plan for MYK-80: Work for Exatron.  MYK-80.  176 pin TQFP might
pinpoint the chip.  IMS tester? Installation of PET (Positron Electron
Tomography? Like a microscope?) `handlers' at Mykotronx.

Training & Manuals (for MYK-80?) subcontracted to ELITE Technical Corp
(Redondo Beach, CA).

`Capstone financial commitments'

* ``Basic VII Cap VLSI 10'' $212,000. Sun 1 yr maintenance warranty.
`Compass' $160K?  IKOS System. ELITE Tech. Corp. Plotter. SJ (1) and
(2), $71k and $76k.  
* AT&T, $100K (?) What is Mycotronx *paying* AT&T 100K for Capstone?
* Another `Compass' $110K. VLSI Tech $30K and $163K. VLSI Tech Capstone
TQFP $10K. Hm, both VSLI Tech. and Exatron do TQFP.
* VLSI Tech Exponeniator Tamper System $163K?
* $225K for `Litronics'?

posting 2
========
>Acct Descr              Beg Bal         Debits          Credits
>Shearson Lehman         286,511         2,620,096       2,670,822
>
>Paine Webber            95,602          868             0
>
>Dean Whitter            55,391          484             0
>
>Petty Cash              3,000           0               0

* Why is so much stock being traded? What is it for? Employee bonuses?
Ownership of child companies?

>Raw inventory           172,252         0               76,064

* not much, although what is it in? reconfirms picture as just an
intermediate company, almost just a `reseller'.

>Accrued payroll         25,637CR        343,682         318,045
>Accrued bonuses         214,040         341,240         127,200

* how does this break down among employees?

>Common Stock            169,320         0               61,435
>
>Capital disbursement    916,675         222,230         0
>
>Retd Earnings, begng    2,385,020CR     0               0

* more stock. What does it mean? Retd? disbursement?

>Subcontracts            0               932,210         110,419

* almost $1M debit for 4 months. Most of the action is here.

>Materials/parts         0               186,252         22,423

* for what?

>Direct labor-Engnrg     0               240,341         54,172
>
>Direct labor-Technician 0               129,839         37,459
>
>Direct labor-Adminst    0               47,542          10,081

* why are these in a different category than employee costs? What's the difference?

>Special Bonus           0               132,200         123,200

* Comes out to $9K. What does it mean?

>G&A Labor               0               103,4520        0

* G&A means?  100K is fairly large; more than consulting fees for example.






Thread