Public Service Announcement from IMS: Unauthorized Access

Evidence suggests “” gained access to Independent Media Solidarity’s Google Drive. But how?

IMS (Independent Media Solidarity), the independent collective of citizen journalists was recently the victim of theft. Thankfully for them, the experience wasn’t entirely negative. The community of people skeptical of the Sandy Hook narrative can now see the lengths to which the opposition will go to halt their efforts. Factors to better assess the true situation they find themselves in. But for the most part, what transpired was disruptive, unsettling and criminal.

Soon after IMS was formed in mid 2014, a Google Drive account was established for cloud storage of sensitive research materials and collaboration. Authorized IMS members stored a variety of files in Drive, including video, audio and photographic evidence, web page and PDF file evidence, meeting agendas and minutes, project proposals and outlines, scripted narrations, statistical analysis of evidence; basically everything the group had a need to store and collaborate on. Sometime after Feb. 1st and before Feb. 13th an unauthorized party made off with a copy of the entire contents of this drive.

The Google Drive Service

Before detailing how the theft was discovered, here’s a brief explanation of the Google Drive service, the security aspects of the service and the measures IMS took to maintain document security. To quote from Wikipedia,

“Google Drive is a file storage and synchronization service created by Google. It allows users to store files in the cloud, share files, and edit documents, spreadsheets, and presentations with collaborators. Google Drive encompasses Google Docs, Sheets, and Slides, an office suite that permits collaborative editing of documents, spreadsheets, presentations, drawings, forms, and more.”

To further quote from Wikipedia on the topic of sharing,

“Google Drive incorporates a system of file sharing in which the creator of a file or folder, is by default, its owner. The owner has the ability to regulate the public visibility of the file or folder…Files and folders can also be made ‘public on the web’, which means that they can be indexed by search engines and thus can be found and accessed by anyone. The owner may also set an access level for regulating permissions. The three access levels offered are ‘can edit’, ‘can comment’ and ‘can view’. Users with editing access can invite others to edit.”

Google employs secure-sockets layer (HTTPS) encryption of all Drive traffic to prevent man-in-the-middle type data theft and has built Drive to virtually the same security standards as their many other services, including Gmail.

It’s worth noting that, although users with “Can edit” level access can invite outside parties to manage files or folders, that activity will appear in the Drive account owner’s activity log. Those new parties will then appear on the list of authorized users as well.

IMS Group Security Policies

IMS member, Peter Klein is the original creator/owner of the “Official IMS Group Drive” folder. The same security protocol has been in place ever since. Only IMS members have ever been granted access to documents stored within the folder. On the rare occasion that someone was removed from IMS membership, so too was their Drive documents access.

No folder or sensitive file had ever had access settings of “Anybody with the link” or “Public on the web.” Google ensures its users that will prevent access even if a link to a file is somehow leaked and prevents the files from being searchable on the web.

IMS has always been concerned about the privacy of its members, the integrity and security of its materials. This is reflected beginning with its basic member policies. All IMS members must be nominated by an existing member, which then leads to a vote. Membership requires a minimum of 10 “yes” votes and zero “no” votes. Through this and other policies, IMS has gone to every reasonable length to ensure member privacy and document security.

First Sign that There Was a Problem

On March 4th, an IMS member was looking through the information posted on the Google+ feed of Honr Network. They discovered this post and promptly reported it to the group…

It wasn’t the posting of a public video by an IMS member nor the fact that they characterized IMS member, Peter Klein as “…so Evil” that concerned the group. It was the Google Drive link. The post reads, “They also have some organizational skills…” followed by a link to Google Drive. When clicked, this is what was seen…

From all appearances, the link led to IMS’s private Google Drive. Immediately the group began to determine the depth of the breach and just how it may have taken place.

Strangely, some members were able to access the files through this link without even being logged in to the account normally required for access. In response, an audit was undertaken of the entire Drive contents to determine how this was possible, given the access and security settings of the account.

Identifying & Isolating the Problem

Still unsure of the scope and scale of the problem, the group continued to deliberate and research. Some looked into the Google Drive service.Were there any reports of bugs in recent months? The Drive activity log was scoured for any indication that either outside parties had been granted access or that any changes were made to the files themselves. Nothing was found to indicate either had occurred.

The experience of the Drive being somehow accessed by an unauthorized party combined with the files being accessible apparently without restriction didn’t comport with the settings on the account or make any sense at all.

Then it was thought that maybe what they were seeing was merely a copy, and not the original. While viewing what appeared to be the main IMS Drive folder, a member navigated up one directory, and huzzah! This is what they found…

At that moment it was clear what had occurred, which was much more serious than previously thought. The IMS Drive contents had indeed been copied entirely and subsequently uploaded to Drive by Gmail user, “”. It WAS a copy of the “Official IMS Group Drive” the whole time! A thorough audit of the Drive’s security history showed that, at no time had outside parties been granted access or had the account configuration been such that access could have been granted inadvertently.

Only a few possibilities remained…

  1. The Google Drive service has inherent flaws that can be exploited resulting in unauthorized access
  2. Access was explicitly granted by Google
  3. Some form of back door exists in the Google Drive service

Google is obviously expert at developing online application services, possibly being unparalleled in their capabilities. It seems highly unlikely that what occurred is the result of some, as yet unreported bug. That leaves only the possibility that Google itself facilitated the theft or some party authorized by Google made use of a back door to commit the theft. In either case, the situation was and is troubling.

Characterizing the Event as Theft

Some might argue that what took place wasn’t theft at all because anything posted online is public information, and no longer private property. That would only be remotely true had the information been “posted” or published in some way. In this case, the material was only stored online for use by a private group of authorized parties.

Others might argue that when Honr Network uploaded the files with the setting “Anybody with the link” to a separate Drive account and then posted a public link to the files, it was a copyright infringement. That could only be true if the material had ever been published, which it had not been.

Upon consideration, IMS believes this to be a case of theft of intellectual property. Not only because of the means by which the theft was facilitated, but by virtue of the simple fact that the material stolen was unpublished material clearly for private use do they conclude that this is theft…pure and simple.

Resolving the Problem

The contents of the IMS group Drive folder were backed-up before being removed from the Drive cloud while another service to provide cloud storage and online collaboration can be established. Whatever the solution, it’s unlikely the brand-name services will be a good fit.

From the research conducted as a result of this issue and considering the nature of the theft, it seems unlikely that claims made about security and privacy, or even the specific guarantees set forth in service-level agreements can be entirely trusted. IMS is still considering other document storage and collaboration options.

Reporting the Security Breach & Theft

After the scope and scale of the theft had been determined, it was decided that the correct course of action is to first report the issue to Google. An email detailing the issue was submitted to Google’s Drive Service Support Team also asking if there was another, more appropriate department to contact or other way in which to submit a report with these types of issues.

Google responded later in the day, but didn’t provide any direct answers or any personal attention to the issue. A more detailed follow-up reply was then submitted which Google responded to, again that day. This time a “Report abuse” form was submitted containing an option for type of violation, “Private & Confidential Information,” which seemed to be a match.

The trouble ticket reference ID was included in the hopes that the very detailed information already provided can be referenced going forward. It’s unknown if anything will be achieved through this avenue or whether Google will be a dead end.

What might Google recommend as a resolution or next course of action anyway? The unresolved issues and possible actions appear to be…

  1. Receive confirmation from Google that they, an authorized agent or unknown party gained access to the Drive contents.
  2. Receive confirmation that Google is aware that both the Gmail user, and Goolge+ user, Honr Network are in possession of stolen property.
  3. Pursue prosecution of party who originally stole the Drive property.
  4. Pursue prosecution of the party or parties behind the and Honr Network Google+ accounts.

On March 11th, Peter Klein visited the Lexington Kentucky police department and reported the incident. That began the process of law enforcement determining whether a crime took place, which crime(s) and the proper agency to handle the investigation. IMS will be following up with Lexington PD soon to allow some time for a detective to review the report.

It’s highly likely that the report will be referred to the FBI through their Internet Crime Complaint Center (IC3). But many compelling opinions and accounts in recent years characterize the FBI as being unaccountable for their actions and possibly even party to the Sandy Hook operation; that operation being the likely genesis for why the theft took place in the first place.

Another possible agency that might pursue an investigation is the Department of Justice, Computer Crime & Intellectual Property Section (CCIPS). But the problems of unaccountability, complicity or participation in the Sandy Hook operation are distinctly possible at the DOJ as well.

The Activities of Lenny Pozner & Associates

From the beginning, before IMS formed as a group to produce documentaries and push to disclose the truth behind Sandy Hook they have approached the topic with professionalism, consideration and fairness. This extended to all persons, regardless of their views toward IMS or the degree to which their private or organized activities might have been disagreeable. There is, however both a limit to professional courtesy and few limits to any American’s right to free speech.

When IMS publicly revealed that a person going by the name of Lenny Pozner was largely responsible for the copyright claims against IMS’s first documentary, We Need to Talk about Sandy Hook and numerous copies of the video online, it was only because the claims were false. No material contained within the video was the property of a Lenny Pozner or anyone going by that name.

IMS was only further justified in making the fraudulent copyright claims a talking point when they learned that each claim was also, very likely a case of perjury. It’s very likely that “Lenny Pozner” is merely an alias, and YouTube policies explicitly state that all YouTube claims of copyright infringement must be made using a person’s legal name. Dozens of reports from YouTube users of losing their entire channel due to a third strike submitted by Lenny poured in, most asking for help.

Despite all of that, IMS merely wrote a couple of articles describing the fraud, disputed the fraudulent claims through the standard methods provided by YouTube and advised a few others about how to do the same. When a video plea to YouTube management was made on behalf of IMS and over a hundred victims of these fraudulent claims, Open Message to YouTube Management, YouTube chose to ignore it.

At no time did IMS or its members produce defamatory videos directed at Lenny Pozner on either IMS’s YouTube channel or any of its members’ channels. IMS has not made a practice of attacking or harassing Lenny Pozner.

Even after receiving numerous accounts of malicious behavior by Lenny and seeing a fair amount of proof that his tactics weren’t entirely reasonable, the IMS position remained to simply work around any of his attempts to stymie their efforts.

Crossing the Line from Unsavory to Criminal Behavior

A change seems to have taken place over the past few months leading to greater forms of harassment or worse. Before the change, people representing the Honr Network or other Sandy Hook narrative promoters including Lenny Pozner generally kept their behavior within socially permissible parameters. The innumerable acts of copyright claim fraud he engaged in did exceed those parameters, however.

Setting aside the theft of IMS property issue for the moment, the actions of Honr Network and related individuals in recent months have become criminal. Typical of their behavior, these acts were committed against individuals challenging the official Sandy Hook event narrative. That seems to be the single point of connection.

As recently as this past week, a Sandy Hook researcher whom IMS was not yet familiar with was the victim of criminal harassment, which is detailed in the following article, Sandy Hook Researcher Stalked.

A similar act was committed, targeting a well known Sandy Hook Researcher and IMS member, Tony Mead, Lenny Pozner’s Honr Network: The Fine Art of Online Stalking and Harassment.

The overall issue was expertly equated to a free speech battle by SwanSong in his article for Insane Media, Sandy Hook: Free Speech Battleground.

Although many would argue that Lenny Pozner has shown himself to be unworthy of the respect IMS has extended to him, IMS will continue its practice of remaining neutral except when specifically targeted.

Returning to the IMS Drive account issue, it’s reasonable to conclude that Lenny Pozner has specifically targeted IMS. Even if he wasn’t the party that gained access to the private IMS Drive, it was through his public posting of the stolen material on what is most likely his Google+ account, Honr Network that led to discovery of the problem. It’s as if Lenny has been handed a letter of marquees, granting him immunity for his actions. At minimum, he is in possession of stolen material. IMS wishes to learn how he came into possession of it.

36 thoughts on “Public Service Announcement from IMS: Unauthorized Access”

  1. I warned of the “Cloud” 10 years ago when DoDaf, MoDaf, ToGaf and the enterprise was being developed. When I wrote of the Googleplex years ago they called me crazy. Now we know why they call it the cloud. No third party storage, server, cloud enterprise is not without the back doors to NSA, DoD and Global Order. This includes the marketplace.

    Pozner and theGreenbergs run deep into the Israeli surveillance program to have the best spy grid on the planet. From the days of Danny Casolaro (INSLAW-PROMIS) the octopus has developed at light speed. All the mile markers came from the analog to digital priority to the Apple/FBI affair today.

    The cloud has layers and a framework that will allow the highest level SAP’s to access any and all information. Not only access but a system of control, to know your every detail from medical to social to consumerism. This is the revelation of 666. The ZACHMAN What, How, When, Who, Where, and Why.

    This is why I went off the grid three years ago. If you want buy,sell or trade you will be in the cloud.

    1. Your comments are very interesting to me. You seem to have an understanding of an issue that very few have bothered to even grasp the fundamentals of. I agree that what we experienced is a tiny peek into what might ultimately be going on.

      What you refer to as “cloud” or “Googleplex” I have seen eluded to as “Big Data.” When I considered the implications, it suddenly made a great deal of sense why they haven’t deconstructed the Internet. It now seems like the very base structure and functions of the Internet are required for concealment of their secret access to everything.

      Having a background in the early days of the Internet’s commercial success and explosive growth, I can see who may have been pioneers in “Big Data.” For instance, before the ubiquitous of the Internet there was Electronic Data Interchange (EDI). It was a product exclusively from GE. It arose out of the need that large manufacturers had to exchange data with their subcontractor partners.

      If, for example Ford Motor Corp. was in need of daily production stats of a dashboard wiring harness in order not to hold up the line, they had to get that data via fax or telex. Then, the need grew to the point that GE began leasing point-to-point telephone data lines between itself and suppliers. It was very expensive and sometimes even required the regional bell company to increase capacity to provide the connection. I’ve had clients myself reject proposals of dedicated data lines because the phone company would have simply passed along their costs to expand a trench that crossed a major roadway. That was before the Internet came around.

      As sometimes happens, GE realized that they could productize this data connectivity service which led to many large companies making it a requirement of subcontracting for them. I can only assume that when the Internet came around and connected virtually everybody, GE was less than enthusiastic about discontinuing the service. Consider the Internet as a “virtual” private data network used in the very same way as it was when the lines actually WERE between two points. It only got more crazy when phone companies switched away from their proprietary “switching” equipment to the now universal “routing” equipment created originally for Internet purposes.

      Recently, I’ve come across a few scientific papers detailing new systems of controlling public opinion through rigged social media communication networks. Here again we see a single purpose system finding home on the public Internet where its traffic rides alongside all the other systems.

      Lastly, I agree that your theory of these developments dating back at least to the PROMIS software is probably correct. I’ve always thought that what originally started as a very unique case and evidence management system has likely become a clearance-based great OZ. If one imagines it including everything from social security records, to bank accounts to criminal histories including digital evidence to live traffic video to mobile network geo-positional data to all social media communications, it begins to sound very dangerous. With security of such a system being of such importance, why not simply add in streaming snuff films or other unimaginable things?

      1. Hi tyrannynews

        BIG DATA, yes and layers upon layers. Then there is the collection process

        With satcom and drones, and you knowing the technology of quantum computing adding the ever shrinking size of massive byte storage, they can have the cloud airborne 24/7 collecting radio HF to WiFi on a national if not global basis. Money and greed are the motives that media reports but the reality that escapes most is that there are no more borders. The corporations, their patents and their banks are the borders, meanwhile foisting the technocracy of a better world through invention.

        Obama said recently in Austin TX, we must give up privacy for security. As I write on my blog, Obama is the most transparent president ever. What he was saying is that we the people must give up our privacy to insure the security of the deep state Global Mafia.

        The next step is too make it a terror related crime to develop any encryption. I believe they already have the IOS encryption back-doored. I had my first car phone in 1980 through a mobile operator and then the brick when it first came out and then the digital ones. I opted out for any more. For the Millenials, they have to decide on technology and no privacy or take the fight to their door. The cloud and third party server is a no brainer, back up your own data.

        1. Interesting history there with the old cell technology. I wonder if you remember reading reports that the Presidential administration and other high-level agency employees had to use Blackberry phones/PDAs. The argument was that they were the only one’s they could maintain security for. Yeah, right. Sounds more like those were the phones totally back-doored by the true puppetmasters who didn’t want to miss a second of material useful for extortion purposes.

          Lately I’ve been considering setting up something for communication using PGP or GPG, it’s offshoot. I’m aware of its creator bouncing in and out of the establishment and PGP currently being the property of Symantec. But I see the core technology being used in a few software projects and services. Of course I’ve learned to ignore the warnings of “stay aware from open source” from people selling secure communications services. As far as I can tell, PGP has never been cracked based on the history and the fact that nobody has ever proclaimed they had done so.

          PGP won’t likely help much with collaborating on files or cloud storage, but I like everything about it including the concept of “key exchange parties” where people can meet in person before exchanging their public encryption keys. It’s crazy how privacy and security really boils down to very simple, human aspects. For instance, the way in which PGP isn’t perfect is that you might not actually be getting the public key of the person you think you are getting it from. But that’s no different than saying don’t give your credit card number to a prank caller.

        2. PGP or GPG, are pretty good on a linux based system.

          The easiest method to me is simple text with a “key” scrambler. As long as you and private party share the multi alpha-numeric key the authenticity and information is shared and would at least require time/energy/cost to crack. After a certain number of key entries the file evaporates or notifies.

          I see many here who already opt out. The best strategy is to be inconsistent, versatile, ever changing and chaotic. In social media and browsing keep them guessing on your personal persona. Change! said Obama, and I did.


          BUY BITCOIN – OBAMA: “It’s like having a Swiss Bank Account in your pocket”

          I expect this is a huge problem for them like third party small time encryption development and private servers. Seems we will all have to use their chip or opt out of buy-sell-trade and go barter off the grid.

      1. Come on. You got ten people in ten different parts of the continent…you got a better way to share file data?

        I said I’d never get an iPhone or have a Facebook account, yet here I am. Granted, I don’t have anything on either of them I wouldn’t want shared with the world, I guess, but still.

        You going to kick a guy when he’s down? (Apparently the answer is a resounding, “Yes!”

        1. Of course I’m not kicking. I apologize if my comment sounded snotty and rude. I don’t trust any of this stuff. I don’t know how any of it works. I love TN channel and am subbed to him. Again I am sorry for coming off like that.

        2. Elfmom: my comment wasn’t to you, directly. I should have made that clear. Your comment was just the last one in my email thread and I hit the reply button.

          Ric was nastier than you, I think. 😉

        3. Thanks. Mine was an ignorant comment and I regret making it. Certainly no nastiness intended.
          “HowIseeit” channel is reporting on this I just saw on my phone. He does very good work.

        4. ElfMom: “I’m an extreme computer dummy but even I know not to use “The Cloud”.

          Ding Ding Ding! You just won a Free Kewpie Doll, a New Monza and a Baby’s Arm Holding an Apple!!!

          You’ve really made the grade. And the Papers want to know “who shirts you wear”….


  2. Since Mr. Klein’s computer was hacked, and he can present evidence of this in a civil proceeding why not sue pro se? If you can get past a motion to dismiss a tort claim (invasion of privacy,wire fraud, cyberstalking, theft, electronic trespass) you might be able to find some interesting things in discovery such as Pozner’s email contacts, messaging, etc. Even if you can convince a judge to review this in camera, it would be worth it. You guys always said that a civil suit for fraud would blow this open.

  3. Really, C’Mon….

    I swore I’d Never use this so called Cloud.

    The Future holds no one will have a physical hard drive even on their own personal desktop computer.

    I must say again, Really?

    You didn’t see this coming letting a corporation hold your private information?

    I must smart be me Geneuass..

  4. Wow, I’m apologizing ahead of time. When I jest about that silly song when he says “a Baby’s Arm Holding an Apple” I thought it was some abstract joke.

    I just Googled for fun that song and it turns out it’s a disgusting reference. I’ve laughed about this as I thought it was just a joke.

    I guess that was “Their Joke” and I missed it. (Hey.I was just a kid)


  5. Remember some weeks back ( maybe 6 or 8 or so ) I reported to some of you folks that certain links were not working in your comment sections ? Maybe that was a symptom of the hacking ?

  6. Heads up I received a spear phishing email from Probably not a coincidence.

  7. Sorry you guys got hacked and robbed, but seriously? In this day and age of fedgov spying and back doors by corporations to serve the fed interests – you chose to trust Google?

    Stupid is as stupid does, and this was one stupid mistake. Try to not make a second, and remember that all internet communications are now being sucked up immediately by Feds. If you’ve attracted their attention, it will be looked at too. Basically, if you want to communicate privately, you’ll need to share hard copy materials via snail mail.

    1. I’d go one step further and avoid snail mail because FBI and CIA both had mail tampering operations uncovered by the Church Committee. These included opening and re-sealing mail in an undetectable way that is sometimes referred to as a mail cover. I would suggest Tempest proofing your computer in a Faraday cage room, and exchanging materials face to face. I would also suggest a Mulberry Street walk when discussing anything sensitive.

      1. Yes, and it might be worth at least attempting to collaborate via remote-viewing techniques. That would still be at risk of being intercepted by any number of mind-mapping or consciousness reading technologies that we know are in place and cannot be escaped.

        When communicating face-to-face, if not conducted in the Cherokee tongue should be accompanied by a portable white noise devise. Any setting other than “Babbling Brook” should suffice, and “Circus Fire” for best results.

        Rev. Dave – Not being defensive or totally dismissive, but there’s a little bit of “blaming the victim” going on in your comments. IMS was never under the impression that high-level intel was prevented from viewing our sensitive documents and correspondence. We were just surprised that the accessed material would be allowed to surface publicly, making it so easy to track it back to the source.

        1. “IMS was never under the impression that high-level intel was prevented from viewing our sensitive documents and correspondence. We were just surprised that the accessed material would be allowed to surface publicly, making it so easy to track it back to the source.”

          Can’t understand “surprise” at anything done by the Cloud and Google.
          Maybe the Do-Be-Evil folk made sure it surfaced publicly because they want to make sure you know they actually have the power and the will to facilitate illegitimate sources and there is nothing you can do about it.

        2. Peter, I agree with you…people need to be as careful as we can and take every reasonable effort to protect our property, both physical and intellectual. But there will always be those unsavory individuals and groups who find it amusing to prey upon other people because they are, by nature, liars and thieves. Blaming the theft of IMS property from the Cloud is like blaming the depositors of a bank for the loss of money taken in a bank robbery.

          For what it’s worth, I think you have a pretty good case for copyright infringement. I worked in the Intellectual Property department at the Mary Kay corporate office for a long time, and I know the attorneys I worked for rigorously defended this kind of property rights. Copyrights, trademarks, and patents are considered just as valuable as physical property. For someone else to take that property in order to deprive you of it or to benefit from it themselves is infringement.

          Also, this may or may not mean anything, but I noticed that Lenny referred to you as being “so Evil”. I have noticed that he uses this term for pretty much anyone he decides to attack, always using it with a capital E, though it shouldn’t be. I have a feeling that it is a code for something. Just sayin’! 🙂

  8. Copyright applies as soon as an idea (“intellectual property”) is actualized in the physical universe (taken “out of your head,” and put in physical form of some kind, including digital files). So if this info was indeed proprietary intellectual property, copyright applies (whether or not registration with the LOC occurred, and regardless of “publication” status).

    Therefore, if copyright applies, so does copyright infringement.

    1. The other factor to consider with respect to whether this was a case of copyright infringement is the TOS for the Google Drive service. As it so happens, in Sept. 2015 I believe Google announced that they had the right to use their customers’ Drive content for marketing purposes related to providing any Google service, but that the relationship doesn’t impact the customer’s existing copyright for the material. So, it may be possible that this is a case of copyright infringement. I don’t think it is though. Although I do think it constitutes theft of intellectual property and subsequently publishing of personally identifiable information.

  9. Echelon receives all entries via computers through the use of code words. Use a word highest on their list and it will go to the top.

    Everything you say is recorded and logged. They can kill you via microwave from satellites or send black water mercs out in helicopters to fry you in your own home.

Comments are closed.