[tor-talk] NSA TAO Exploit of Whonix Qubes - EGOTISTICALSHALLOT - Martin Peck

coderman coderman at gmail.com
Sun Dec 7 10:27:44 UTC 2014

On 12/7/14, EGOTISTICALSHALLOT <egotisticalshallot at openmail.cc> wrote:
> ...
> Unfortunately it does not clear the matter up, as these "fictional"
> and "EGOTISTICALGIRAFFE" perspectives were known and considered here
> already..
> https://www.whonix.org/forum/index.php/topic,805.0.html

thanks for pointing out the thread. there are more questions there, as
you ask below.

> Are you coderman the Martin R. Peck of the mentioned affidavit and
> BigSun application?
> - http://cryptome.org/2014/12/peck-roark-affidavit.pdf
> - http://sunshineeevvocqr.onion

Patrick worked it out; i am indeed the same.
(apologies for the typo; this document was in flux hours before the
deadline to submit. Qubes should have been Qubes OS as well.)

> Did you personally dream up and write this EGOTISTICALSHALLOT codename
> and quoted text about a TAO exploit specific to Whonix Qubes? Are you
> the original author of this or was it copied from another source?

i am the author, and as stated, there are two examples of information
in the document. one about programs/projects that _do_ exist, meaning
the information is fully supported multiple times in the "public
knowledge base".

and this alternate example which is similar, but fictional, and thus
results in only partial support in the public knowledge base.

this "public knowledge base" and BigSun system is a much longer
discussion. i originally started on this work back in spring for a
different purpose; see cypherpunks "datamine the Snowden files"
discussion. the application to redaction and evaluating claims of
sensitivity evolved later, and specifically to assist Diane with her

> If you are indeed the original author, what personally compelled you
> towards specifically choosing Whonix Qubes as a TAO exploit example
> and highlighting Whonix Qubes as a prime example in your NLP system
> offering to the NSA?

Whonix on Qubes OS represents defense in depth unlike any other
system. as such, it is a likely target, like Tails and the Tor Browser
before it.

being a likely target, it made a good candidate for description of a
fictitious exploit for the purposes of this partial support example.

a better example would be to compare a classified document with a
unique attack, and never leaked, against the public knowledge base.

this would demonstrate only partial support because it contains
information that has not been made public.  for obvious reasons, the
alternative of constructing a fictitious example to demonstrate
partial support was used.

some other comments from that thread:

"The mentioned creation date of 2014 also looks accurate as far as
matching when your Whonix group started working with the Qubes group
to co-develop your software together."

the specific date was chosen because of the affidavit being this year.
if Whonix Qubes OS had started in 2013, i would still have used 2014
in the example.


"Maybe this Martin Peck, software engineer, is just a fan or user of
Whonix and Qubes and was being creative by dreaming up this

i am a fan of many things, but as described above, this example was
chosen for being a good candidate to demonstrate partial support in
the public knowledge base.

best regards,

More information about the tor-talk mailing list