Still, I can’t think of any other country that claims a universal imperium over the world’s peoples — although old Bushie II had a lot of people kidnapped from any country and flown to any friendly base in other countries for a good talking to. Extradition has been around a long time, but mostly it’s for crimes committed on the soil of the offended nation.
And if the Dread Pirate Putin beckoned some of his pet hackers, and said: “Little Darlings, I want you to unleash the Powers of Hell on the United States, destroy their lives and take control; break the state and enslave the people, drive them before us and hear the lamentations of their women — … er… ---- er… I’m thinking… hack the DNC and give the results to WikiLeaks.” he wouldn’t be giving them travel privileges for some while.
‘Proprietary’ indicates that it is private software programmed and used by particular owners. It is not available to the general public through torrenting or any other standard source. Sure, if the hacker were to somehow (a) discover where that software was kept and (b) hack into the other hacker’s systems they could possibly get it, but it’s a pretty unlikely scenario, especially when the hacking involves Russian servers where retribution is quite possible, and I’m not talking about sanctions or legal niceties here.
(As for phishing attacks, the purloined data has to go somewhere, and that leaves a trail. So does the specific verbiage used in the phishing emails, especially when it comes to the likelihood that it was translated from another language.)
I suspect you haven’t bothered to read the intelligence report on the Russian hacking. Somehow I prefer the opinion of hundreds of paid experts across multiple intelligence agencies over your unqualified assessment, which amounts to a complete denial that any such activity could possibly have occurred.
If I did have such evidence, I wouldn’t be posting it on public boards, nor would I be foolish enough to tout that I had it. (And, btw, please feel free to provide evidence to support your theory, since so far it’s completely unsubstantiated.)
Then you should have been able to demonstrate that instead of just wishing it away.
“Worship” is the mildest exaggeration of Trump’s behavior toward Putin. He has praised him consistently even for his criminal behavior regarding Crimea and Ukraine along with his treatment of opponents in his own country.
Sessions and Flynn cannot be accused of being “amateurs” in the sense that they were “groping around” issues that they had to have known were wrong.
Trump has not shut down ISIS within 30 days or repealed ACA immediately, or done any number of his other promises. What he did, was to whine about the sanctions against Russia and expressed the desire to remove them. (Since I made no claim that he had removed them, only indicating his desire, your response makes no sense.
Trump has not demonstrated any grasp of diplomacy and has not employed very many minions who have shown an understanding of the same, so I doubt that it has much to do with this discussion. Pantastic speculated that the whole concern for Trump’s Russian connection was based on nothing more than a tenuous connection to the hacking of the DNC. I simply pointed out that the connection has far more behind it and your hand-waving has failed to change that point.
Based on the information that is available it seems almost certain the DNC hack was carried out under the Kremlin’s control.
Unfortunately the details the DHS made available in their report on Russian hacking glossed over the most pertinent information and focused on a bunch of irrelevant and at times incorrect information.
This article includes most of the valid rationale to believe it was Russia and points out the irrelevant and misleading information published by the DHS and FBI:
How the U.S. Hobbled Its Hacking Case Against Russia and Enabled Truthers
In summary, multiple security experts including Crowdstrike, Symantec and FireEye have examined the forensic data from the DNC hack and reached the conclusion that two very specific hacking groups were the authors: “Fancy Bear” and “The Dukes" - two groups who have been known to be under the Kremlin’s control since long before the 2016 elections. The code was compiled on machines set to the Russian language and the hackers took Russian holidays off work.
If you accept it as a fact that the software was written and deployed by the Fancy Bear and The Dukes then as a forensic investigator does that instantly mean “Russian state level hackers” to you, or are you saying you doubt their ability to determine that it was those groups in the first place?
I’ll defer to your expertise but as far as I can tell many other experts are saying that it is very sophisticated code that isn’t out in the wild, is well known to security experts and instantly recognizeable, and is only ever deployed against targets like other governments, NGO’s, journalists, and others the Russian government has a specific interest in. It’s never been used for high tech bank heists or credit card fraud, etc. As a layman I would assume financial crimes would be some of the very first things hackers reusing someone else’s code would try to do if it were easily obtained out in the wild.
I didn’t mean to speak specifically about the DNC attack. I haven’t read in depth about the evidence gathered on that attack. I do accept, as you point out, that most experts are very sure it was the Russians. Not having really dug into it myself (and, honestly admitting that while I’m a good forensic examiner, I’m not as good as the combined brainpower of Crowdstrike, Symantec and FireEye), I defer to that assessment. I was only arguing Johnny Ace’s assertion that it’s generally possible to conclusively attribute attacks to a specific actor. It may be possible in some cases, but it’s by no means the rule.
I know this is a hijack, but I’ll just make a few last points in the spirit of ignorance fighting, then I’ll drop it.
Once an attack is launched, the attack tool is in the wild. A bad guy may create some super duper malware or whatever, but as soon as he unleashes it on someone, it’s out of his control. People like me collect artifacts and do things like share them with our colleagues. Eventually the malware/tool/whatever gets widely distributed and other attackers can reverse it and borrow from it. In addition, malware has become commoditized, with malware creators building modular mix-and-match malware, doing what developers always do – taking useful code from wherever they can get it. This puts powerful tools in the hands of attackers who lack the skill to develop their own from scratch. This is how, for example, techniques from state-sponsored attacks like Stuxnet and Flame ultimately found their way into the malware used by low skilled computer criminals.
Often attackers will use a jump box, which is an intermediary victim the attacker compromises first, then uses to launch an attack on the ultimate target. When I worked at a university, our servers were always getting popped and used as jump boxes. The attacker then exfiltrates data to either that box or another compromised box. Or, sometimes the attacker might just dump data to a cloud service that offers enough free, no-registration storage. If the attacker practices good operational security, for example by always accessing the jump box via Tor or other proxies, then the ultimate victim will hit a wall beyond which they can’t track the attacker. (And, yes, I know there are ways to unmask Tor users. These work by enticing a Tor user to visit a page hosting an exploit. That is, you have to catch them in action. To my knowledge, there is no method to take an IP from a Tor exit node used in an attack at some point in the past and de-anonymize it retroactively. So, you can chase you bad guy to the jump box, but if the logs on the jump box tell you the attacker accessed it from a Tor node, you’re at a dead end.)
This is also unreliable. Like code, phishing emails can be easily shared. Many phishing emails are so brief that there is very little to work with when trying to determine if it was originally written in another language. You can look at the email header and maybe get the IP that originated the email, but odds are that will either by another compromised box of some kind (see above) or an email service like Google that only records Google’s internal server IP as the originating IP, not the user’s endpoint.
I know this wasn’t directed at me, but I’ll just reiterate that I didn’t read the report of the DNC hack and I don’t plan to any time soon. As I mentioned above, I defer to the folks like Crowdstrike who have done the research and concluded it was the Russians. I am only disputing your apparent assertion that identifying the source of an attack is routinely successful. It is not.
Johnny Ace,
I wanted to know if the CNN article regarding the Wikileaks release caused you to reevaluate anything you posted above.
So what is the claim here? That the CIA got Trump elected? That a hacker would be likely to be able to duplicate activities of an organization with the resources of the CIA (prior to the leak)? Or perhaps some other state actor did it?
I find none of those scenarios very likely (and even reaching into tin foil hat territory), nor are we in a ‘reasonable doubt’ area here. Sanctions don’t require a guilty verdict in court. Sanctions by Obama which are no longer in effect thanks to President Orangutan. Hmm. Funny how that works out, huh?
In other words, we’re supposed to believe that not only Trump but his entire campaign have been acting extraordinarily suspiciously ever since the first allegations regarding Russia, and not think that something nefarious is going on? Our friendly neighborhood mod has already laid out a majority of the case, so I won’t bother to repeat it.
I far prefer healthy cynicism to unquestioning credulity. Especially when someone is trying to claim that the allegations are baseless with absolutely no (not just credible, but none whatsoever) evidence to back it up in any way. (Btw, in case there’s any doubt, I’m not referring to you, HurricaneDitka.)
I’m sure I’m parsing this correctly. Are you saying that if Putin wanted to subvert American democracy without making it obvious he was the perp, he would surely have done it in such a way that it was obvious he was the perp?
NETA:
No, that was in response to another pointing out any foreign perpetrators could be arrested if they stepped on American soil, and my response that if he ran such a crew, he would keep them safe beside him.
And in Uncle Joe’s days, Never Let Them Go.
I really doubt if old Vlad has mad hacker skillz, anyway. He has lots of better things to do with his time.
It’s kind of interesting that Putin and Trump are both throwbacks to an excessively manly time, with the kind of charisma and larger-than-life personalities that would go over big both on the Steppes and the Great Plains.
I am immune to charisma.
However, you have only blind faith that the Russian Government was responsible for hacking the DNC, and that they then handed it over to Wikileaks. No evidence.
People can’t prove negatives — on the other hand you can’t even prove positives. You just dislike Trump.
Court of law evidence? No.
However, a number of security people inside and outside the government have drawn logical conclusions from activities that they have discovered. For one example, among several, Secure Works noted that the U.S. accounts that appear to have been hacked are the same ones that had been the targets of phishing attempts from a group that also targets Ukrainian accounts, Syrian rebel accounts, European military and diplomatic accounts, and Russian dissenters’ accounts. In other words, the phishing attackers targeted pretty much only accounts that Putin would want damaged. (The attackers were using Bitly accounts for their bait and for several months, Bitly provided a method (since turned off) to identify all the shortened addresses employed by any one account.) For another example, CyberStrike identified several of the methods (and a particular IP address) used by the hackers as those used by Russian affiliated groups in earlier attacks on other groups.
Could there be some 14-year-old kid who happens to have a crush on Putin that is launching all these attacks? I suppose. The claim that there is “no evidence,” however, is nonsense.
All of which amounts to a hill of beans.
Now there is an example of partisan beliefs causing one to ignore information that one finds distressing.
It’s a topsy-turvy world, and maybe the hacking problems don’t amount to a hill of beans. But this is our hill. And these are our beans!
Your so-called ‘proof’ is throwing up any number of theories to compete with the one that actually is clear. Yet, as I have said any number of times, you have provided NO evidence that any of them is more than a lawyerly attempt at proving reasonable doubt. That is the evidence of which I speak.
It’s not proving a negative. It’s proving the positive of any of those theories that you’ve thrown out there. So feel free to provide some.
Finally, let me see if I can make this clear, because you obviously either haven’t gotten it or are ignoring it. THIS IS NOT A COURT OF LAW. Nor is it likely it would ever make it to one. The only punishments that could be doled out would be on the diplomatic/economic/political level, and none of those require a judge OR lack of reasonable doubt.
I await the actual evidence you’re going to provide with little expectation of its ever happening.
partisanship in favour of geo-political realities, certainly not for the narcissist fool of a president.
How old does a thread have to be for it to be zombie?
I’m still sort of in this place. While there are people around Trump that are definitely suspect, I’ve not yet seen anything supporting Trump himself deliberately working with any Russian agency to undermine America or American interests. I wouldn’t be at all surprised if he was fine with them doing so, as long as it benefited him (see his comments on hacking). I wouldn’t be surprised if he had corrupt money dealing that ultimately tied back to Russian mafia or government (he’s done businesses there and I don’t think much of his business morals), but I’d expect that from Trump’s perspective, that was all just business, not politics. And even the leaked stuff points to influencing Trump through others, not direct, knowing, complicity.
Really, I waffle back and forth between thinking Trump must be cannier than he seems to have gotten this far, and thinking there’s no way he wouldn’t be bragging about his successful collusion if he were colluding. With the limited about information available to the public, I feel like there’s a much stronger case for obstruction than direct collusion. Also like that won’t be enough for impeachment.
Well, that’s a decent argument, I think. I also think there’s a fantastic chance they are loving the US political chaos (is that an overstatement?) right now. A friendly candidate in office is good, but a government frozen might well be even better. Now, that would still apply even with collusion, but it applies without quite well, too.
Oh, I don’t think Putin planned for Trump to win, but equally I can’t doubt Putin is loving every second of this presidency - Merkel announcing Europe can no longer trust the USA? Putin must have been rolling around on the floor all evening.
Every day is Christmas for Putin.