All unnecessary illumination along Saadiyat Island beaches will be switched off to help boost the survival rate of baby turtles hatching in the sands and looking to the Moon to find the sea.

ABU DHABI // They are the dazzling lights that spell doom for the turtles of Saadiyat Island, drawing them towards man-made threats and away from the water they need to survive.

Now hotels are to shut off all unnecessary illumination and use red bulbs for the next six months as the hawksbill turtle hatching season gets under way.

Visitors to Saadiyat's beaches are being encouraged to take extra care to protect the hatchlings from now until August to help the endangered species survive.

"We really need to make sure we are prepared for whenever the turtles might come," said Arabella Willing, head of conservation at the Park Hyatt Saadiyat.

"About two in every 100 turtles hatchlings survive to maturity. With human interference that number is closer to two in every 1,000."

A well-established nesting site, Saadiyat's rapid modernisation has led to problems for the hawksbill, which returns to nest on the beach where they hatched.

Turtles swim ashore and lay their eggs, burying dozens in the sand, before returning to the seas. After about two months, the tiny turtles shed their shells, break for the surface and head for the sea.

<div class="embedObjects"><img src="http://www.thenational.ae/assets/multimedia/interactives/flat-graphics/hatchlings.png" alt="Turtles hatching" width="454" height="615"></div>

By natural instinct, they head for the moonlight over the sea - historically, the brightest object in the night sky - but lights in built-up areas confuse them in what in many cases will be a fatal error.

To avoid this, hotel staff will switch off all unnecessary lights. The red bulbs emit light on the lower end of the electromagnetic spectrum, which is not as intrusive to turtle behaviour.

Staff at the hotels also scour the beach every morning to look for signs of nests during the six-month period.

If any are found, the nest and the surrounding area are ­sectioned off so as to ensure safety.

A team of marine biologists will go as far as redeploying the nest in another area of the beach if they consider them too close to where waves break in high tide, which reduces hatchling survivability.

Typically, up to 12 nests are made on Saadiyat, but with each nest capable of holding 100 hatchlings, the stakes are very high.

As the turtles prefer to lay eggs on the beach that they hatched many years before, there is a great need to ensure it is kept as a haven.

"Providing the ideal grounds for them is what we really are trying to achieve," Ms Willing said.

"We don't have enough data to track the growth yet, but we want to provide the absolute best environment we can."

Dr Himansu Das, head of marine threatened species and habitats at the Environment Agency Abu Dhabi, said experts were hopeful of a successful hatching season.

"Keeping the nesting beaches clean and free from movement of man and machine will ensure successful nesting of turtles," he said. "Diffused and direct lights on the beaches are also harmful to turtles and the hatchlings.

"We must keep turtle nesting beaches including Saadiyat as natural as possible for sea turtles to nest.

"Besides, we should have a long-term monitoring programme to see the success of conservation action."

Visitors who see turtles are asked to report them to hotel staff, or the environment agency, which can be reached by phone on the number 800555.

nalwasmi@thenational.ae

In July, Simone Margaritelli, an Italian security researcher, boarded a Boeing 777 in Rome headed for Dubai, a city now billing itself as a tech startup hub.

He had a big job interview with a new, well-funded cybersecurity company called DarkMatter, whose self-described mission is to “safeguard the most complex organizations,” from government to the private sector, by preventing and fighting malicious cyberattacks and providing secure methods of communication — defensive cybersecurity, rather than offensive, which involves breaking into online systems and devices for espionage or destruction.

A friend of a friend had recommended Margaritelli, who was invited to spend five days in the United Arab Emirates at the company’s expense to learn more about the job. When he arrived in Dubai, the City of Gold, he found a full schedule of outings and a deluxe suite at the Jannah Marina Bay Suites hotel.

Margaritelli used to be a “blackhat” — a hacker looking to break into electronic systems. Now he works for a mobile security firm called Zimperium, where he still hunts for security flaws but does so to help people fix them. I “break stuff to make the world a safer place,” his websitereads. He’s most well known for a portable tool he developed called Bettercap, used to perform a man-in-the-middle attack, where a hacker can eavesdrop or sometimes alter private communications between individuals.

When he arrived at the 29th floor of the Marina Plaza for his interview, the company representative described a plan to deploy electronic probes all over major cities in the UAE, which a team of hackers would then break into, guaranteeing access for DarkMatter and its customer — the Emirati government. The mission would be for the “exclusive” benefit of national security, Margaritelli was told. “Imagine that there’s a person of interest at the Dubai Mall, we’ve already set up all our probes all over the city, we press a button and BOOM! All the devices in the mall are infected and traceable,” Margaritelli wrote in a blog post recounting his experience.

Margaritelli declined to pursue the job offer. After his post, titled “How the United Arab Emirates Intelligence Tried to Hire Me to Spy on Its People,” began circulating, DarkMatter issued a single terse Twitter reply. The company said it preferred “talking reality & not fantasy.”

“No one from DarkMatter or its subsidiaries have ever interviewed Mr. Margaritelli,” Kevin Healy, director of communications for DarkMatter, wrote in an email to The Intercept. The man Margaritelli says interviewed him, Healy continued, was only an advisory consultant to DarkMatter — and that relationship has since ended (though several sources say he was employed by the company and had a DarkMatter email address).

“While we respect an author’s right to express a personal opinion, we do not view the content in question as credible, and therefore have no further comment,” Healy wrote.

DarkMatter denied outright Margaritelli’s assertions that it was recruiting hackers to research offensive security techniques. “Neither DarkMatter – nor any subsidiary, subset, research wing, or advisory department—engage in the activities described,” Healy wrote. “We conduct rigorous testing on all our products to ensure they do not include any vulnerabilities.”

Indeed, the idea of a UAE-based company recruiting an army of cyberwarriors from abroad to conduct mass surveillance aimed at the country’s own citizens may sound like something out of a bad Bond movie, but based on several months of interviews and research conducted by The Intercept, it appears DarkMatter has been doing precisely that.

Most of those who spoke with The Intercept asked to remain anonymous, citing nondisclosure agreements, fear of potential political persecution in the UAE, professional reprisals, and loss of current and future employment opportunities. Those quoted anonymously were speaking about events based on their direct experience with DarkMatter.

Margaritelli isn’t the only one who insists that DarkMatter isn’t being truthful about its operations and recruitment. More than five sources with knowledge of different parts of the company told The Intercept that sometime after its public debut last November, DarkMatter or a subsidiary began aggressively seeking skilled hackers, including some from the United States, to help it accomplish a wide range of offensive cybersecurity goals. Its work is aimed at exploiting hardware probes installed across major cities for surveillance, hunting down never-before-seen vulnerabilities in software, and building stealth malware implants to track, locate, and hack basically any person at any time in the UAE, several sources explained. As Margaritelli described it in an email to me, “Basically it’s big brother on steroids.”

DarkMatter made its public debut when the CEO, Faisal Al Bannai, gave a keynote speech surrounded by government officials, engineers, and businesspeople at the 2nd Annual Arab Future Cities Summit in Dubai. DarkMatter launched its portfolio of cybersecurity products as a “digital defense and intelligence service” for the nation. Al Bannai’s speech and DarkMatter marketing materials were peppered with buzzwords like cyber network defense and secure communications. Following its launch, the company routinely boasted, online and during conferences and radio interviews, about its would-be world-changing defensive cybersecurity missions, including developing its own encryption platforms and potentially secure phones in house, defending national and corporate networks, bug-sweeping and countersurveillance, and more, all under a single umbrella.

Local tech blogs praised the company and celebrated its connection to the UAE government. They described DarkMatter as a savior to UAE businesses and institutions at constant threat of cyber intrusion, citing attacks against several banks in 2015 that temporarily crippled the country’s online banking infrastructure.

Soon, DarkMatter had hired a roster of top-level talent from major tech giants around the world, including Google, Samsung, Qualcomm, McAfee, and even a co-founder of the encrypted messaging service Wickr. The new star-studded squad traveled to conferences like San Francisco’s annual RSA summit, appearing on radio and TV shows along the way. They rolled out a secure voice and chat application, partnered up with Symantec to improve digital threat detection in the Middle East, and opened a research and development center in Canada, as well as offices in China.

But sometime last year, a segment of the company’s mandate grew from providing defense and forensics research to developing a powerful team capable of cyber offense, multiple sources tell The Intercept. According to one source, DarkMatter’s newfound interest in offensive operations coincided with revelations contained in leaked emails that the Italian company Hacking Team had sold surveillance equipment to a large number of repressive regimes. Out of Hacking Team’s ashes, DarkMatter rose.

While cybersecurity companies traditionally aim to ensure that the code in software and hardware is free of flaws — mistakes that malicious hackers can take advantage of — DarkMatter, according to sources familiar with the company’s activities, was trying to find and exploit these flaws in order to install malware. DarkMatter could take over a nearby surveillance camera or cellphone and basically do whatever it wanted with it — conduct surveillance, interfere with or change any electronic messages it emitted, or block the signals entirely.

It’s not clear that the company’s defensive employees have any idea; in fact, multiple sources suggested those projects are likely hidden from them. One source explained how company representatives tried to insist that the offensive research they were recruiting for would be conducted outside DarkMatter, with some sort of partner organization or offshoot. But several sources, Margaritelli included, said top leadership was directly involved in interviews and knew the truth.

DarkMatter’s spokesperson said the company is “privately held” and “does not receive any funding from the United Arab Emirates.”

There do, however, appear to be strong links between the company and the government. In press releases, the company identifies itself as “already a strategic partner to the UAE government,” and its offices are located on the 15th floor of the round Aldar Headquarters in Abu Dhabi, two floors away from the country’s intelligence agency, the National Electronic Security Authority. DarkMatter’s senior vice president of technology research used to hold the same position at NESA.

By the early months of 2016, DarkMatter’s recruitment push was already well underway. The company’s publicly identifiable employees came from across the U.S. national security establishment. According to public LinkedIn profiles, one current DarkMatter employee was a global network exploitation analyst for the U.S. Department of Defense who “strategized activities against particular networks” and supported “foreign intelligence collection.” Another was a counterintelligence “special agent” for the Pentagon, whose LinkedIn boasts an “active” top-secret security clearance with a polygraph screening. Another experienced cryptographer working for DarkMatter was a senior technical adviser to the NSA, where he was intricately involved in designing “U.S. voice and data systems.”

But the company hasn’t been upfront about all the jobs it’s recruiting top talent for, Margaritelli and multiple other sources suggest. DarkMatter’s recruiters reached out to the information security community, promising high-paying, exciting jobs that would be focused on cyberdefense, according to more than a dozen security researchers interviewed by The Intercept, some of whom shared recruitment materials. A number of cybersecurity experts claimed on Twitter to have been contacted by recruiters, including Charlie Miller, an Uber security researcher and former NSA analyst; Chris Valasek, a noted car hacker who has teamed up with Miller; and Fabio Assolini, a security researcher for Kaspersky Labs.

One recruiting email reviewed by The Intercept offered a carefree, tax-free life in Dubai, with housing, meals, health care, children’s education, and transportation all provided free of charge. The email said the job was with a newly formed “public/private partnership” that would be the “Cyber Security provider for all UAE Government.” Another email said DarkMatter’s plan was to hire 250 “geniuses” before the end of 2016. One security researcher said DarkMatter recruiters had contacted him on LinkedIn five or six separate times.

Some potential recruits didn’t respond, but others were excited; the job offered the chance to innovate the cybersecurity of an entire nation. The lucrative payday also attracted them; according to one source, who requested anonymity fearing professional reprisal, some offers were as high as half a million dollars a year — a number similar to other offers shared with The Intercept.

According to a source familiar with the company, an American citizen named Victor Kouznetsov who splits his time between the U.S. and the Middle East was a key recruiter for DarkMatter in the United States.

A man answering a cellphone identified in public records as belonging to Kouznetsov insisted that he must have been contacted in error; he did not work for DarkMatter and his name was not Victor. When asked why his voicemail message gave his name as “Victor,” he hung up. Reached by The Intercept via email, Kouznetsov declined to answer questions. “As you can imagine my NDA with DarkMatter prevents me from disclosing exactly what I do for the company, but I could say that none of it is recruiting researchers in offensive security,” he wrote.

One recruiting email said DarkMatter’s plan was to hire 250 “geniuses” before the end of 2016.

Several researchers whom DarkMatter approached, including Margaritelli, confirmed they were specifically told they would be working on offensive operations. In Margaritelli’s case, he was informed the company wanted to install a set of probes around Dubai, including base transceiver stations — equipment that allows for wireless communication between a device and a network — wireless access points, drones, surveillance cameras, and more.

The probes could be installed by DarkMatter surreptitiously or facilitated by telecoms tacitly agreeing to the surveillance setup, and the company could attach an offensive implant directly onto the probes capable of intercepting and modifying digital traffic on IP, 2G, 3G, and 4G networks. Anyone with a cellphone or using a device to connect to a wireless network connected to one of the probes would be vulnerable to hacking and tracking.

As Margaritelli explained it, the software DarkMatter originally designed to penetrate the probes “does not scale well enough” and therefore couldn’t handle the massive amounts of traffic it would be intercepting — forcing the need for a second team of hackers to do the job. The company wanted him to help solve the problem.

Margaritelli’s account is the most revealing, but several other sources discussed similar projects proposed by DarkMatter, including researching and developing exploits for zero-day vulnerabilities, as well as deploying and developing some of the same stealth malware implants Margaritelli was asked to work on. DarkMatter asked one researcher, who has discovered and reported bugs to Facebook, Google, and other major technology companies, to use his vulnerability research “to allow them to have access on trusted domains.” Basically, he would find a flaw in a website that would allow DarkMatter to manipulate it to help spread malware to targets without being detected. The researcher, who spoke anonymously, said he refused, even after getting an offer for more money, because, in contrast to DarkMatter’s proposal, “what I’m doing is ethical hacking.”

But what two sources and several security researchers The Intercept consulted were most concerned about was DarkMatter’s plan to become a certificate authority. A certificate authority is a trusted third party, typically a company or official agency, that issues digital certificates — basically, electronic “passports” that verify a user’s identity and that software is legitimate.

Web traffic and code from Microsoft, Facebook, Mozilla, and others is trustworthy because the company digitally signs off on it. But DarkMatter, as a certificate authority, could pretend to be someone else and issue its own digital certificate. There are mechanisms in place to prevent this type of attack, called certificate pinning, but many sites don’t use those precautions — and they still might not prevent DarkMatter from signing code, such as for a software update, as someone else. In theory, the company could sign an anti-virus update that looked like it came from Kaspersky Labs, when in reality it is sending malicious code.

DarkMatter, according to one source, would be able to use its authority to sign its own rootkits — software tools that allow undetected and unauthorized access to computer systems — in order to carry out man-in-the-middle attacks. “This is huge,” the source said.

DarkMatter has a business unit dedicated to public key infrastructure “or national root certificates of trust for countries regionally and internationally,” Healy confirmed. “While DarkMatter is not a central [public key infrastructure] authority for the UAE, we currently provide consulting and management services and intend to launch our own commercial Certification services soon.”

While DarkMatter denied any plans to use its capabilities for cyber offense, if the company continues to develop secure messaging platforms, or hardware including its own phones, it would have access to all the internal schematics of those products: bug reports, security standards, and more. DarkMatter’s hackers could secretly take advantage of that information while its defensive staff works to fix the flaw and push an update to consumer devices, a process that can take years.

When asked about the possibility of selling its own phones, Healy wrote that DarkMatter is, in fact, considering developing hardware.

Recruiting wasn’t the only way DarkMatter snapped up top offensive talent. Last winter, the company poached a large number of employees from an American company, a Baltimore startup called CyberPoint International, formally on contract with the Ministry of the Interior of the United Arab Emirates. CyberPoint, founded by CEO Karl Gumtow and his wife, Vicki, in 2009, billed itself as a defensive operation — protecting financial information, intellectual property, business records, and other forms of communications. It won multiple contracts with different parts of the U.S. government, including $6 million from the Pentagon’s Defense Advanced Research Projects Agency, and Gumtow was nominated last year for the Maryland region Entrepreneur of the Year award. News articlesalso listed CyberPoint as one of the companies that sent employees to the United Arab Emirates to train its intelligence agency, NESA, essentially the equivalent of the United States NSA.

But last summer, CyberPoint made headlines for teaming up with the Italian surveillance peddler Hacking Team, whose internal emails were leaked — revealing an extensive account of sales to repressive regimes. The leaked emails indicated that representatives from CyberPoint had worked with Hacking Team to facilitate the sale of what appeared to be surveillance equipment to the UAE government. Around the end of 2015, there was an internal struggle within CyberPoint over the UAE contract, five sources familiar with the company told The Intercept. Former CyberPoint employees spoke to The Intercept on the condition of anonymity out of fear of reprisal and concern for the safety of associates still living in the Emirates.

After the Hacking Team emails leaked in July, there were loud, angry meetings in CyberPoint offices — people deciding what to do now that their internal operations in the Middle East had been exposed to the world. As a result of those discussions, two things happened: A vast chunk of CyberPoint staff jumped ship to DarkMatter, which was already dangling massive yearly salaries and luxurious benefits. DarkMatter even helped some employees legally shift their state residency to South Dakota to get more lenient tax breaks while living overseas, according to one source. DarkMatter does not “comment on individual employment contracts,” Healy wrote to The Intercept. “In summary we abide by the law in our employment and operational activities in all the jurisdictions in which we operate.”

CyberPoint employees in the UAE who weren’t offered — or didn’t accept — jobs at DarkMatter weren’t promised contract extensions. CyberPoint sent out a notice in December, one former employee said, announcing two months’ notice on the contract. For some who left, it was a surprise, and they still aren’t totally sure what happened. Others suggested DarkMatter was only interested in the more technical staff. One source described the exodus of employees as more of a “hostile takeover” directed by the United Arab Emirates government — ending CyberPoint’s original UAE contract and offering positions within the country instead, to get engineers under its own roof.

DarkMatter confirmed that some CyberPoint employees joined the UAE company but said this was nothing extraordinary. “DarkMatter recruits talent from across the globe and currently has over 400 team members, some of whom joined us from CyberPoint. They now occupy a diverse set of duties and responsibilities across several departments,” Healy said.

According to Gumtow, CyberPoint’s CEO, the company has gone through “quite a few changes” since it pulled out of the UAE for good. He sent responses to questions submitted by The Intercept via LinkedIn messages. There are no longer any CyberPoint employees in the Emirates, and no part of the company was acquired or bought by DarkMatter or anyone else, he wrote. CyberPoint, Gumtow said, never contracted with DarkMatter.

Additionally, Gumtow clarified that CyberPoint isn’t in the business of developing “cyberweapons.” Instead, the company conducts “penetration tests and security assessments,” he wrote. “We use commercial and custom tools that are widely available all around the world.”

However, those same tools used for improving cyberdefense can be turned around to infect unsuspecting targets. Even if the intelligence community uses those tools lawfully to infect targeted systems during national security investigations, others can steal or adapt the code to hack unsuspecting journalists or activists. “The overlap between offense and defense is very large,” Nicholas Weaver, a security researcher at the International Computer Science Institute, wrote in an email to The Intercept. “Especially when it comes to network monitoring: The exact same tools can be used to monitor your network to detect attacks and monitor a network for bulk surveillance.”

CyberPoint International did “good work, maybe noble, in some cases,” one former employee said. But a small percentage of the work was “shady,” suggesting it involved offensive research against different online platforms.

Another source stated that research, development, and coding conducted within CyberPoint ended up being used for a targeted spyware attack on journalists and activists in the Emirates between 2012 and the present. The attack involved spyware sent through Twitter, spear-phishing emails, and a malicious URL shortening service. These types of attacks are familiar to Emirati human rights activist Ahmed Mansoor. He told The Intercept that he hasn’t encountered DarkMatter but was warned about the company recently by a friend, who told him, “They are doing the hacking for UAE security bodies.”

Security researchers nicknamed the hacking group behind the attack “Stealth Falcon.” The researchers noted that “circumstantial evidence suggests a link between Stealth Falcon and the UAE government,” based on “digital artifacts.”

Stealth Falcon attacked some UAE targets after CyberPoint left the UAE, and some employees who worked on the spyware or had access to it joined DarkMatter, according to the source, who said that not every instance of the malware attack has yet been detected. “There’s a lot that hasn’t been discovered,” the source said.

DarkMatter, Healy said, is not aware of Stealth Falcon or the offensive tools used to access journalists’ information. “As we have explained previously, we do not own or develop any cybersecurity solutions for offensive purposes.”

At one point in time, CyberPoint was essentially capable of penetrating millions of devices regardless of brand, given its awareness of vulnerabilities — undiscovered or unpatched — in software around the world, one source explained. Those included vulnerabilities in Tor Browser, Firefox, Internet Explorer, and Microsoft Office.

The United Arab Emirates appears to be hoping to create its own cyber offense team, another source explained. Those capabilities could include cyber network attack teams and cyber network exploitation teams, for disruptive cyberattacks to disable adversaries’ online resources, as well as for espionage and spying — capabilitiesbeing developed in governments worldwide with varying levels of oversight and restriction.

According to Ryan Duff, a security researcher and former cyber operations tactician for U.S. Cyber Command, computer network exploitation and computer network attacks are distinguished based on the purpose of the intrusion: intelligence collection versus destruction. Exploitation “basically means gaining access to a machine for the purpose of collection. So you would have some type of software, malware, or implant installed on the machine” to monitor it, he said. Network attacks, on the other hand, also rely on gaining access but are aimed at destruction, such as “wiping a hard drive, destroying servers,” or using a botnet to launch a denial of service attack. These types of network attacks are linked to military action or covert missions.

Most evidence so far points toward espionage. DarkMatter may have hired members of CyberPoint, with knowledge of code capable of infecting users through Twitter and other online platforms, to help.

“It is my understanding that … there were some types of offensive activities that [CyberPoint International] couldn’t or wouldn’t do for the client and the client did not want to be told no so they sought to restructure in a way that a foreign company could not impede their efforts,” one former employee said.

One thing is clear: The new arrangement led dozens of employees to leave the UAE rather than join DarkMatter. Several who opted out of the relationship cited concerns about the UAE’s human rights record, including arbitrary detention and torture of activists and dissidents. One cited the issue with “free speech” as a particular sore point.

A bigger question, perhaps, is whether DarkMatter’s use of American-developed hacking tools is even legal, since it may be covered by U.S. export regulations. According to the Washington Post, the State Department at one point granted CyberPoint permission to advise the UAE on cybersecurity. But two people who spoke with The Intercept questioned whether DarkMatter, which appears to have subsumed CyberPoint’s earlier work in the UAE, would be covered by that license.

The world of cyber exports is a confusing one. Depending on what DarkMatter is actually doing, its sales might be regulated by multiple bodies of law. If the products involve cryptography technology, there may be some arms export restrictions — while hacking tools and zero-days are not typically regulated that way, said Eva Galperin, a global policy analyst for the Electric Frontier Foundation and technology adviser for the Freedom of the Press Foundation. “If you want to sell surveillance malware from the UAE, nothing stops you,” she said during a phone interview.

The United States, however, has attempted to regulate those types of “cyberweapons,” and many U.S. officials wanted to tighten regulations in response to instances like Hacking Team’s sale of surveillance tools to repressive regimes. Critics of those proposed regulations pointed out that such technologies could be used for legitimate purposes, like testing products for cybersecurity or penetration testing.

“If you want to sell surveillance malware from the UAE, nothing stops you.”

It’s unclear, however, where DarkMatter’s work may fall in terms of export law. If the work involving U.S.-origin technology or technical expertise involved cryptography, a license would be required from the U.S. State Department. According to Colby Goodman, director of the Security Assistance Monitor and an expert in International Traffic in Arms Regulations, any American employees working on regulated products would need some sort of export license, even if they moved overseas and started working for a foreign company. “If you were a UAE citizen, and I was telling you about something that was ITAR controlled,” he explained, “that would be exporting it, unless I had a license.”

“It’s a similar concept with classified information,” he continued. Just because you leave the country doesn’t mean you forget the classified information — and if you give it away, that’s a violation.

The State Department declined to comment on whether an export license had been issued to cover DarkMatter or its employees, including those formerly from CyberPoint. The Commerce Department, which regulates some security equipment sales, did not respond to a request for comment.

DarkMatter, for its part, said it has obtained proper licenses, though it did not provide details.

“DarkMatter has provided its customers with technologies worth hundreds of millions of dollars, through its global security and technology vendors,” Healy, the spokesperson, said. “A number of these contracts extend to highly sensitive security systems that DarkMatter has applied for and — following the standard screening process — been granted export control licenses from jurisdictions including the U.S. and various European countries.”

At a crowded Las Vegas convention hall in August, representatives from DarkMatter were camped out in several large canopied stations, a short stroll from a vendor making hand-rolled cigars, several open bars, and a booth raffling off a robot dinosaur.

DarkMatter has started showing up in U.S. cybersecurity circles in recent months — including at BlackHat USA, the massive annual security and hacking conference in Vegas, where it handed out swag to attendees, including pens and notebooks adorned with a DarkMatter insignia. A representative at the booth said the company was still busy recruiting.

In his July blog post describing his UAE interview, Margaritelli wrote that he hoped his account would “serve to warn those who, like me, might find themselves dragged into shady affairs, partially or completely unaware, as well as anyone pursuing job offers that entail moving to the UAE. Know that you would be giving up your privacy, and more importantly, your freedom of speech for money.”

“You can’t blame the bag man for the job you gave them.”

Not everyone I spoke with agreed with his view. French security researcher Matt Suiche, whose cybersecurity startup Comae Technologies is also based in the UAE, said that “every country does surveillance” and hiring foreign workers in the UAE was not unusual; the UAE was simply trying to establish its own technology base. “It’s like the UAE Mars mission,” he said.

Some of the former CyberPoint employees in the UAE said they didn’t mind the surveillance work, treating it as an inevitable and natural path for a young modern nation facing legitimate threats. “I was impartial to the work I did,” one former employee told me. For the UAE, the source said, using surveillance to track its own citizens has become normalized. He described himself as a “realist” though admitted he tried to minimize his “exposure to certain things” the company did.

“You can’t blame the bag man for the job you gave them,” he said.

In the lobby of a Vegas hotel during BlackHat, I spoke with Margaritelli about his frustrations with DarkMatter — a Platinum sponsor at the event. He has all the trappings of a hacker from movies, including lip and nose piercings, rectangular glasses, and cigarettes. He avoids cellphones but finds other ways to communicate. He went to school for physics and engineering but never finished his degree. He has a very specific memory for numbers, network domains, addresses, and people. Though he says his English isn’t very good, he can rapidly translate Italian text into colloquial English.

Margaritelli told me he started off wary of DarkMatter. He was familiar with the UAE government’s reputation of locking up and disappearing dissidentsand purchasing surveillance equipment from other countries. Plus, his interviewer — a former employee of another controversial surveillance company, Verint — seemed a little too interested in Bettercap, Margaritelli’s well-known hacking tool.

While some researchers may argue that what DarkMatter is doing is simply par for the course in cybersecurity, Margaritelli said that the scale of the endeavor is unprecedented, creating a zombie hoard of infected devices, primed for hacking and surveillance. “In a near future, every single electronic device in the UAE will unwillingly be part of their state botnet,” he said.

Later, in an email, Margaritelli wrote that he works with all sorts of hacking technologies, but he remains shocked by DarkMatter’s ambitions to surveil an entire nation. “What they want to do,” he wrote, “it’s fucking insane.”

Sign up for The Intercept Newsletter here.

The post Spies for Hire appeared first on The Intercept.

In 1986, Dick Rutan flew with a co-pilot in a Rutan Model 76 Voyager, a custom-designed and -built aircraft, covering 26,000 air miles and taking nine days to circumnavigate the globe — unrefueled, nonstop.

After taking off from Edwards Air Force Base in Southern California, the plane headed west, making two passes over the equator, avoiding a 600-mile-wide typhoon, and doubling back over inhospitable Libyan airspace. Rutan piloted the plane without a break for the first three days of the nine-day flight. When the plane finally landed, it had a damaged wing and 1.5 percent of the fuel with which it originally departed.

Rutan's Voyager aircraft now hangs in the Smithsonian, part of an exhibit celebrating human accomplishments in flight. Once in a great while, the tanned 76-year-old will share his story, but only for those select members of the Adventurers' Club of Los Angeles. The bylaws of the club, which caps membership at 200, make it very clear that only "those who have had an unusual adventure on land, at seas, or in the air hunting, trapping, exploring, flying, or those who have attained a distinctive reputation in the field of arts, music, or science are considered eligible."

North of downtown Los Angeles, just past Chinatown in Lincoln Heights, one can easily miss the building where the Adventurers' Club meets. Absent of signage or décor, the windowless, anachronistically beige structure sits opposite a 99-cent store.

The look and feel of the club's interior could best be described as a ramshackle museum of both living and recently deceased world lore. At the top of the stairs, a massive polar bear greets visitors, posed by a taxidermist midswipe. Elsewhere, there are animal trophies from around the world: lions, gazelles, boars, even a mammoth skeleton, replete with enormous tusks. The walls are lined with chevrons, war medals, model airplanes, and wooden plaques with handsome brass nameplates holding successive etchings dating back decades.

There are photos everywhere: primarily of previous and current members clad in pith helmets, diving gear, flight suits, trapper hats, tuxedos, double-breasted blazers; an even mix of neat moustaches, full beards, and cleanly shaven faces. There are many, many maps, alongside knives, swords, spears, canoes, flags, coats of arms, portraits of sea captains and sailing ships, native adornments and jewelry, vintage pictures of airplanes, actual propellers, and at least one mannequin of a diver in chain mail.

These are the collected histories and exploits of men. The Adventurers' Club remains first and foremost a men's club, with only male members. (Though it does have a regular ladies' night, on which women are permitted to attend.)

The club was founded in 1921, and the core of its membership is older, many in their 60s, 70s, and 80s. Past members include Los Angeles philanthropist John Anson Ford and polar explorer Roald Amundsen. Filmmaker and explorer James Cameron is listed as esteemed member No. 1129.

Discussions of business or politics here are strictly forbidden. Embellishment of exploits is not tolerated. If you misrepresent facts about your adventures, you are likely to be humiliated by someone who traversed the geography you're attempting to embellish, and if you're discovered, you'll be quickly repudiated in front of everyone.

Despite all this, there is a jovial, warmhearted tone during Thursday-night dinners, when 20 bucks buys the guest of a member a home-cooked meal — meatloaf, rice, veggies, and apple pie à la mode on one recent evening. A can of beer goes for $2, a soda for $1. Some of the club members are pilots, surfers, documentarians, former servicemen, and commissioned officers. They carry with them war stories, obscure geographic references, a sense of momentum unhampered by age, and bucket lists bordering elite-level completion.

(Kendal Carson/Narratively)

Ask anyone who's visited the club, and he knows Pierre's stories. Seventy-four-year-old Pierre Odier is a two-time club president who has also sat on the board of directors for 23 years. Odier speaks seven languages and estimates that he's traveled to somewhere between 160 and 170 countries.

"When I was 17, I wanted to see the pyramids, so I went to Africa," he says. "My parents were against it, but they didn't try to stop me. It started early, and I've been doing it ever since."

Most recently, he built a school in Cambodia and taught students to live off the land on the Yucatán Peninsula. His frequent travels make Odier one of the most esteemed members of the club, but his attitude is calm and welcoming. He wears a goatee, frameless glasses, and a short haircut. The tales he shares are exotic, but they are not fish tales. They feel more like reportage.

In 2010, Odier presented a talk about his adventure on Devil's Island, off the coast of French Guiana, surrounded by jags of rock and currents so strong they offer hospitality only to sharks. Odier was able to get to Devil's Island only after befriending a helicopter pilot who had responded to an emergency call in which a member of the French Foreign Legion had "cracked open his head" while carousing with friends in a recreation area on nearby St. George Island. The helicopter pilot later forgot about the planned pickup rendezvous, and Odier was forced to make camp overnight.

Ordered built by Napoleon III in 1852, the penal colony, a series of sites around French Guiana, once housed more than 70,000 French prisoners — anarchists, felons, repeat offenders — sent to the tropical wasteland amid the 19th-century European population boom and commensurate rise in crime. On average, roughly one in 10 inmates survived.

In 1938, René Belbenoît — one of a tiny handful of prisoners to escape Devil's Island — wrote a book called Dry Guillotine about the atrocious conditions on the island, which led to vast public outcry and the prison's eventual closing. Belbenoît later became a member of the Adventurers' Club of Los Angeles.

Recounting his own adventures on Devil's Island, where he was researching a small cemetery that had no official record, Odier expounded upon the importance of reading a map (a talent vanished by omnipresent smartphones) and how to bond with perfect strangers when dealing with gaping language barriers, to put them at ease. Odier's affect is decidedly disarming, owing perhaps to his Swiss origin. It seems abundantly clear, as with virtually all of the gentlemen members, he is a man of the world.

It doesn't take long to realize that every individual between these hallowed walls contains within him a library of life experience. The more senior he is, the deeper the library goes.

My first encounter with the club included a talk from Marc Weitz, an attorney who resides in downtown Los Angeles. Weitz's recent trip to Guyana, Suriname, and French Guiana placed his total number of countries at 87. Weitz showed the club photos of tropical overgrowth near Jonestown (of '70s cult lore), where he traveled through on foot; shots from inside Devil's Island; and images of the European Space Agency Launch of an Ariane rocket (only five degrees from the equator).

One of the younger adventurers at 39, Weitz had joined the rank and file of the officially adventurous six years earlier, after reading about the African exploits of John Goddard, who once kayaked the entire Nile River and later wrote a book about it. Weitz contacted the club when he heard Goddard would be presenting.

Though Weitz represents the new guard, his demographic is largely outnumbered. Without an infusion of lifeblood of new members, the Adventurers' Club is very likely to fade entirely. How many Gen Y/Millennials can tell you what an SR-71 is or understand the archetypal machismo of a man like Teddy Roosevelt? As the globe grows ever more tightly connected, the skills of individual resiliency, camaraderie, and courage that each member clearly holds dear have faded from prominence.

(Kendal Carson/Narratively)

Inside the club's quarters, during a recent meeting, Al Enderle carried a trifolded pamphlet filled with Xeroxed copies of the story of his life. Closing in on 80, Enderle, who graduated from the U.S. Naval Academy in 1952, boasts 20-plus children, either biological or by marriage. In his life story, he recounts his experiences as a "private pilot, hang glider enthusiast, scuba diver, water skier, motorcyclist, hiker, lecturer, [and] editor at large."

His personal and professional exploits covered in the pamphlet include personally selected Bible passages, as well as a staunch commentary defending the teachings of Jesus Christ.

Another member, Gary Hareland, now in his 60s, has served 20 years in the Navy, the Coast Guard, and the Air National Guard. His first adventure came at age 11, when he hopped a passenger train, riding on the back steps of the last car from the city of San Fernando, Calif., to the Mojave Desert. Hareland has an adventure résumé heavy on verbs, with categories like "Ships I Crewed On," "Aircraft Flown," "Boats Sailed," and "Mountains Climbed."

With a tally of 39 countries under his belt, his adventuring experience came to him first in the military and then as a merchant mariner, when, following his return from service, he grew restless at his desk job.

"They had me in this little office, and I just couldn't stand it," Hareland said. "Your life is more exciting in the military. You don't know where you're going to end up."

He has since sailed for Military Sealift Command and Maersk Line, the largest shipping company in the world, with more than 20,000 employees supporting 600 vessels, the largest of which hold up to 18,000 shipping containers during one voyage. In 2004, Hareland's voyage on Norwegian Cruise Lines was thwarted when a fluke accident sank the 900-foot vessel while berthed at the Lloyd Werft Shipyard in Bremerhaven, Germany.

Officially, Hareland is a retired electronics and communications officer, but he recently applied for a communications technician position on the Titanic II, a replica of the original RMS Titanic currently being planned, financed, and built by Australian billionaire Clive Palmer. Despite Hareland's military service, international travel history, flight hours logged, and mountains climbed, he's unsure if he'll find a position on the ship.

"It's something I would really like to do," he says. "Nothing ventured, nothing gained."

Excerpted from an article that originally appeared on Narrative.ly. Reprinted with permission.

As many are aware, the first major round of subscription renewals from the original App.net launch happened a few weeks ago. We have been anxiously anticipating what our subscription renewal rate would be in order to do budgetary planning. Since we have not been sure what to expect the renewal rate to be, we mentally prepared ourselves for a wide variety of outcomes.

The good news is that the renewal rate was high enough for App.net to be profitable and self-sustaining on a forward basis. Operational and hosting costs are sufficiently covered by revenue for us to feel confident in the continued viability of the service. No one should notice any change in the way the App.net API/service operates. To repeat, App.net will continue to operate normally on an indefinite basis.

The bad news is that the renewal rate was not high enough for us to have sufficient budget for full-time employees. After carefully considering a few different options, we are making the difficult decision to no longer employ any salaried employees, including founders. Dalton and Bryan will continue to be responsible for the operation of App.net, but no longer as employees. Additionally, as part of our efforts to ensure App.net is generating positive cash flow, we are winding down the Developer Incentive Program. We will be reaching out to developers currently enrolled in the program with more information.

App.net will continue to employ contractors for help with support and operations. In addition to operational and support help, we will also be utilizing contract help for specific new development projects.

App.net was envisioned from the beginning as a service that could be sustainable, something intended to operate on a longer timescale than a typical online service. It is often the case that services that are important to people can get caught on the wrong side of a boom-and-bust cycle, which is something we explicitly wanted to avoid.

We will be open sourcing a larger and larger percentage of the App.net codebase. We would love to get community contributions and improvements. Today we are launching a new open source page at opensource.app.net. The first new piece of software we are open sourcing is our microblogging web application, Alpha. The source code to Alpha is available here.

The continued support and interest of the App.net community is vital the continued health and wellbeing of the platform. Depending on the revenue that App.net makes, we are open to increasing or decreasing the budget we can allocate towards additional development. If revenue rates start to tilt upward we would be excited to budget additional development resources. In any event, our intention is to have the App.net service continue to operate for as long as there are customers willing to support it.

We continue to believe in the usefulness of a sustainable social platform where users and developers are customers, and not the product being sold to advertisers. If this were a company without a clear business model, App.net would have disappeared long ago. The market conditions that were the driving force behind App.net’s creation have not changed, if anything, there is more of a role for a social platform like it. We would like to thank the developer and member community for taking App.net from just an idea two years ago to a fully realized service today. Needless to say, it’s been humbling for all of us on the App.net team to have the support of so many amazing people.

Thanks,
Dalton Caldwell and Bryan Berg, co-founders